-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I got the following from Stpehen King. He can't post to the list for
some reason.
Anyway, here's the short version of the lecture I typically give my
switching class at Charter. I also usually hand out the
http://www.cio.com/archive/021503/systems.html "All Systems Down"
article so people can see what happens when STP can't do its job.
First, STP is a protocol specified in 802.1D. It's not specifically
part of switching, but it is turned on with Cisco and most other
corporate switches by default. It's designed to allow us to have
redundant physical links without worrying about broadcast storms. See,
a switch checks the destination MAC address of frames coming in and
forwards the frames then out the port from which it's heard that address
as a source. That way everybody else doesn't have to "hear" that frame.
Broadcasts, though, go to FF-FF-FF-FF-FF-FF, which the switch will
NEVER hear as a source address. So...anything to that address gets
"flooded" out every port on the switch (except, of course, the port it
came in on). This leads to a potential problem...say Switch A is
connected to Switches B and C, and both of those are in turn connected
to Switch D, forming a square. Switch A receives a broadcast and floods
it out all ports. Switch B receives the broadcast and floods it out all
ports except the one to Switch A. Switch C also receives the broadcast
and floods it out all ports except the one to Switch A. Switch D
receives the one from B and floods it out all ports except the one to B,
and also receives the one from C and floods it out all ports except the
one to C. Switch B then receives the broadcast, but it has no way of
recognizing it as one it's already flooded, so it refloods it...as does
Switch C. Switch A then receives...and it goes on and on and on,
bringing your network to its quivering knees.
Now, one answer is to unplug one of the cables, thus killing your
redundancy. But the redundancy is there for a reason. If a cable or a
switch or a UPS or...anything else...breaks, you get data failure until
you get some poor network admin to come in...probably at midnight...to
plug that cable back in. STP is the answer to that problem, though,
working in the background to logically break one connection in the loop,
then un-breaking it in the event of another link's failure. Total max
downtime, then, is 50 seconds, and this can be reduced by use of other
features that I won't go into here.
I'd find it acceptable to not run STP in an office with two or three
switches. I read that someone doesn't run STP on 10 switches in a high
school, though, and that's begging for disaster. All it takes is for a
new admin to come in and connect one switch to another...testing it,
thinking they're upgrading, or whatever...and you'll get instantaneous
network downtime the next time a machine broadcasts.
Hope this helps!
Stephen King
Dean of Management Curricula
Charter College
- --
You can get my public PGP key at https://keyserver.pgp.com
Digital Overload
http://www.digitaloverload.net
Keep your data safe by doing regular backups. At Digital Overload we use
a combination of DVD and hard drive backups. For off site storage we use
a safe-deposit box at the bank.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFEYm3a+rNhalK/8UURAuH3AKCWEPd5qVO2IdkrjX6wOhk7300+8gCdHw62
GbisiB4AVd55Rs/sagu0q8c=
=76wZ
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed May 10 14:49:35 2006
This archive was generated by hypermail 2.1.8 : Wed May 10 2006 - 14:49:35 AKDT