{"id":487,"date":"2020-04-06T20:23:43","date_gmt":"2020-04-06T18:23:43","guid":{"rendered":"http:\/\/tech.sosthe.sk\/?page_id=487"},"modified":"2020-04-06T20:23:43","modified_gmt":"2020-04-06T18:23:43","slug":"9-spanning-tree-protocol","status":"publish","type":"page","link":"http:\/\/tech.sosthe.sk\/index.php\/ccna\/cisco-ios\/9-spanning-tree-protocol\/","title":{"rendered":"9. Spanning Tree Protocol"},"content":{"rendered":"

Mysl\u00edm, \u017ee spr\u00e1vca men\u0161ej siete, ani nemus\u00ed vedie\u0165, ako presne STP funguje (aj ke\u010f je to v\u017edy lep\u0161ie), ale d\u00f4le\u017eit\u00e9 je vedie\u0165, \u010do m\u00f4\u017ee slu\u010dka v sieti sp\u00f4sobi\u0165, a \u017ee sa daj\u00fa vyu\u017ei\u0165 STP. M\u00f4j popis ani nezach\u00e1dza do \u00fapln\u00fdch podrobnost\u00ed, nie je probl\u00e9m n\u00e1js\u0165, napr. priamo od Cisca, viac detailn\u00e9 inform\u00e1cie. Tento opis sa venuje v\u0161eobecne STP (povedzme pod\u013ea normy IEEE 802.1D) a pre konfigur\u00e1ciu jeho Cisco verziou PVSTP. Ak to prax dovol\u00ed, tak je lep\u0161ie pou\u017ei\u0165 nov\u0161\u00ed variant Rapid STP \u010di Multiple STP, ktor\u00fdm sa budeme venova\u0165 v \u010fal\u0161om diele.<\/span><\/p>\n

Slu\u010dky v sieti<\/span><\/h3>\n

Pre be\u017en\u00fa ethernetov\u00fa sie\u0165 sa pou\u017e\u00edva zapojenie do roz\u0161\u00edrenej topol\u00f3gie hviezda.\u00a0Jedn\u00e1 sa o stromov\u00fa \u0161trukt\u00faru, kde medzi ka\u017ed\u00fdmi prvkami existuje len jedna cesta.\u00a0Jednoduch\u00fd pr\u00edklad ukazuje nasleduj\u00faci obr\u00e1zok spolu s cestou komunik\u00e1cie od PC 1 k PC 2.<\/span><\/p>\n

\"\"<\/p>\n

Ak v\u0161ak prepoj\u00edme Switch 1 a 2, tak vznikne slu\u010dka a medzi stanicami bude existova\u0165 viac ako jedna cesta.<\/p>\n

\"\"<\/p>\n

Probl\u00e9my slu\u010diek<\/span><\/h4>\n

Slu\u010dky m\u00f4\u017eu sp\u00f4sobi\u0165 nieko\u013eko probl\u00e9mov:<\/span><\/em><\/strong><\/p>\n

    \n
  • broadcastov\u00e9 b\u00farka<\/span><\/em><\/strong>\u00a0– u Broadcast sa tieto bud\u00fa rozmno\u017eova\u0165, a\u017e dosiahnu kritick\u00e9ho mno\u017estva<\/span><\/li>\n
  • probl\u00e9my s konektivitou<\/span><\/em><\/strong>\u00a0alebo nestabilita tabu\u013eky MAC adries (CAM) – v\u010faka slu\u010dke spr\u00e1va pr\u00edde na switch z viac portov a on si st\u00e1le men\u00ed adresu zdroja, v ur\u010ditom pr\u00edpade m\u00f4\u017ee d\u00f4js\u0165 k tomu, \u017ee si switch mysl\u00ed, \u017ee je stanica pripojen\u00e1 k zl\u00e9mu portu a nikdy ju nedoru\u010d\u00ed spr\u00e1vu<\/span><\/li>\n
  • nieko\u013ekon\u00e1sobn\u00e9 doru\u010denie<\/span><\/em><\/strong>\u00a0– spr\u00e1va koluje v sieti st\u00e1le dookola a st\u00e1le sa doru\u010duje<\/span><\/li>\n<\/ul>\n

    Naj\u010dastej\u0161\u00ed probl\u00e9m, ak v be\u017enej ethernetovej LAN existuje slu\u010dka, je, \u017ee d\u00f4jde k tzv.\u00a0<\/span>Broadcastov\u00e9 b\u00farke<\/span><\/strong>\u00a0(broadcast storm), ktor\u00e1 v\u00e4\u010d\u0161inou skon\u010d\u00ed \u00fapln\u00fdm zahlten\u00edm siete.\u00a0Broadcastov\u00e1 b\u00farka znamen\u00e1, \u017ee sa v sieti \u0161\u00edri viac broadcastov\u00fdch (alebo i in\u00fdch) r\u00e1mcov, ako je sie\u0165 (akt\u00edvne prvky) schopn\u00e1 spracova\u0165. Ak m\u00e1me v sieti slu\u010dku, tak z princ\u00edpu funkcie switchov d\u00f4jde k tomuto efektu.<\/span><\/p>\n

    Pripome\u0148me, ako\u00a0<\/span>funguje switch<\/span><\/em><\/strong>\u00a0.\u00a0Ak dostane r\u00e1mec pre nezn\u00e1my cie\u013e, tak ho prepo\u0161le na v\u0161etky porty mimo toho odkia\u013e r\u00e1mec pri\u0161iel.\u00a0Rovnako pracuje aj s Broadcast.\u00a0\u010ealej si tie\u017e ulo\u017e\u00ed zdrojov\u00fa MAC adresu do CAM tabu\u013eky s priraden\u00edm portu, z ktor\u00e9ho pri\u0161iel r\u00e1mec.<\/span><\/p>\n

    Pozn .:<\/span><\/em><\/strong>\u00a0Na 3. vrstve ISO \/ OSI (IP) m\u00e1me TTL (time to live), tak\u017ee kolovanie spr\u00e1vy po ur\u010ditej dobe skon\u010d\u00ed, ale na 2. vrstve ni\u010d tak\u00e9 nie je.<\/span><\/p>\n

    Tak\u017ee na na\u0161om pr\u00edklade prebieha komunik\u00e1cia nasledovne, ak PC1 posiela spr\u00e1vu pre PC2 (e\u0161te spolu nekomunikovali)<\/span><\/p>\n

      \n
    • krok 1<\/span><\/em><\/strong>\u00a0– SW1 prijme na porte e2 a odo\u0161le na ostatn\u00fdch (e0, e1), tie\u017e si ulo\u017e\u00ed z\u00e1znam do CAM<\/span><\/li>\n
    • krok 2<\/span><\/em><\/strong>\u00a0– SW0 prijme na porte e1 a odo\u0161le na e0, tie\u017e vytvor\u00ed z\u00e1znam vo svojej CAM<\/span><\/li>\n
    • krok 2<\/span><\/em><\/strong>\u00a0– SW2 tie\u017e prijme na porte e1 a odo\u0161le na e0, e2, cie\u013eov\u00e9 PC2 teda u\u017e obdr\u017ealo spr\u00e1vu, ale switche to nevie<\/span><\/li>\n
    • krok 3<\/span><\/em><\/strong>\u00a0– SW0 prijme na porte e0 a odo\u0161le na port e1, pritom si oprav\u00ed z\u00e1znam v CAM, preto\u017ee si mysl\u00ed, \u017ee bolo PC presmerovan\u00e9<\/span><\/li>\n
    • krok 3<\/span><\/em><\/strong>\u00a0– SW2 prijme na porte e0 a odo\u0161le na port e1, e2, pritom si oprav\u00ed z\u00e1znam v CAM<\/span><\/li>\n
    • krok 4<\/span><\/em><\/strong>\u00a0– SW1 prijme na porte e1 a odo\u0161le na e0, e1, PC1 spozn\u00e1, \u017ee to nie je spr\u00e1va pre neho a zahod\u00ed ju, SW1 si oprav\u00ed CAM<\/span><\/li>\n
    • krok 4<\/span><\/em><\/strong>\u00a0– SW1 prijme na porte e0 a odo\u0161le na e1, e2, oprav\u00ed CAM<\/span><\/li>\n<\/ul>\n

      A tak koluj\u00fa pakety v sieti st\u00e1le, prid\u00e1va sa \u010fal\u0161ia komunik\u00e1cia a za\u0165a\u017eenie siete rastie.<\/span><\/p>\n

      \"\"<\/p>\n

      Pozn .:<\/span><\/em><\/strong>\u00a0V\u0161ade sa uv\u00e1dza, \u017ee broadcastov\u00e9 b\u00farka vznikne pri zaslan\u00ed Broadcast, ale ja mysl\u00edm, \u017ee zaslanie unicast m\u00f4\u017ee ma\u0165 rovnak\u00fd efekt.<\/span><\/p>\n

      Pre\u010do vznikaj\u00fa slu\u010dky<\/span><\/h4>\n

      V dne\u0161n\u00fdch lok\u00e1lnych sie\u0165ach, ktor\u00e9 s\u00fa \u010dasto ve\u013emi rozsiahle, m\u00f4\u017ee d\u00f4js\u0165 k vzniku slu\u010dky z dvoch d\u00f4vodov.\u00a0Jedna mo\u017enos\u0165 je\u00a0<\/span>chyba obsluhy<\/span><\/em><\/strong>\u00a0\u010di neodborn\u00e1 manipul\u00e1cia.\u00a0Vo v\u00e4\u010d\u0161ej sieti nie je probl\u00e9m omylom prepoji\u0165 dva switche dohromady, miesto, aby sme pripojili nejak\u00fa stanicu.\u00a0M\u00f4\u017ee sa tie\u017e sta\u0165, \u017ee niekto pripoj\u00ed do siete switch miesto stanice a pripoj\u00ed ho do dvoch z\u00e1suviek.<\/span><\/p>\n

      Druh\u00fd d\u00f4vod je asi d\u00f4le\u017eitej\u0161ie a jedn\u00e1 sa o\u00a0<\/span>redundanciu<\/span><\/em><\/strong>\u00a0alebo\u00a0<\/span>load balancing<\/span><\/em><\/strong>\u00a0.\u00a0Preto\u017ee je dnes ve\u013emi d\u00f4le\u017eit\u00e1 vysok\u00e1 dostupnos\u0165, tak sa vytv\u00e1raj\u00fa redundantn\u00e9 (nadbyto\u010dn\u00e9) spojenie.\u00a0Potom, ke\u010f d\u00f4jde k v\u00fdpadku niektorej linky alebo akt\u00edvneho prvku, tak st\u00e1le v\u00e4\u010d\u0161\u00ed \u010das\u0165 siete funguje po inej ceste. V tomto pr\u00edpade sl\u00fa\u017ei redundantn\u00e9 spojenie ako z\u00e1loha.\u00a0In\u00fd pr\u00edpad je, kedy vyu\u017e\u00edvame redundantn\u00e9 zapojenie pre zv\u00fd\u0161enie v\u00fdkonu (priepustnosti) a jedn\u00e1 sa o vyva\u017eovanie z\u00e1\u0165a\u017ee.\u00a0V tom pr\u00edpade s\u00fa vyu\u017e\u00edvan\u00e9 v\u0161etky spoje z\u00e1rove\u0148.<\/span><\/p>\n

      Pozn .:<\/span><\/em><\/strong>\u00a0Jednoduch\u00fdm rie\u0161en\u00edm rozlo\u017eenie z\u00e1\u0165a\u017ee m\u00f4\u017ee by\u0165 sp\u00e1janie liniek<\/span>\u00a0Cisco\u00a0<\/span><\/em><\/strong>EtherChannel<\/span><\/em><\/strong>\u00a0(pou\u017e\u00edva normu IEEE 802.3ad \u010di PAgP).<\/span><\/p>\n

      Spanning Tree Protocol<\/span><\/h3>\n

      Preto, aby sme zabr\u00e1nili slu\u010dk\u00e1m v sieti, sl\u00fa\u017ei\u00a0<\/span>Spanning Tree Protocol –<\/span><\/em>\u00a0STP\u00a0<\/span>.\u00a0<\/span><\/em><\/strong>M\u00f4\u017eeme poveda\u0165, \u017ee pracuje na princ\u00edpe te\u00f3rie grafov, sie\u0165 je ohodnoten\u00fd graf a algoritmus h\u013ead\u00e1 kostru tohto grafu.\u00a0Inak povedan\u00e9, h\u013ead\u00e1 najkrat\u0161iu cesty medzi ka\u017ed\u00fdmi dvoma switchu.\u00a0Pou\u017e\u00edva\u00a0<\/span>Spanning Tree Algorithm (STA)<\/span><\/em><\/strong>\u00a0pre vytvorenie datab\u00e1zy topol\u00f3gie a potom h\u013ead\u00e1 a ru\u0161\u00ed redundantn\u00e9 spoje (blokuje porty – tie nevysielaj\u00fa a prijat\u00e9 d\u00e1ta zahadzuj\u00fa).\u00a0STP je definovan\u00fd normou\u00a0<\/span>IEEE 802.1D<\/span><\/strong>\u00a0a je ozna\u010dovan\u00fd ako\u00a0<\/span>Common Spanning Tree<\/span><\/em><\/strong>\u00a0(CST).<\/span><\/p>\n

      Pozn .:<\/span><\/strong><\/em>\u00a0Doplnen\u00e9 v\u010faka Tomfimu.\u00a0Origin\u00e1lne STP (povedzme CSTP) u\u017e dnes neexistuje.\u00a0V roku 2004 bola revidovan\u00e1 norma IEEE 802.1D a bola zl\u00fa\u010den\u00e1 s roz\u0161\u00edreniami 802.1ta 802.1w, pri\u010dom origin\u00e1lne STP bolo nahraden\u00e9 pomocou RSTP.\u00a0Napriek tomu sa v \u010fal\u0161om popise venujem p\u00f4vodn\u00e9mu STP, ktor\u00e9 je najbli\u017e\u0161ie (a tie\u017e najjednoduch\u0161\u00ed) k defaultn\u00fd Cisco verzii PVSTP.<\/span><\/p>\n

      STP na\u00a0<\/span>fyzickej topol\u00f3gii<\/span><\/em><\/strong>\u00a0, ktor\u00e1 m\u00f4\u017ee obsahova\u0165 slu\u010dky, vytvor\u00ed\u00a0<\/span>virtu\u00e1lny topol\u00f3giu<\/span><\/em><\/strong>\u00a0, ktor\u00e1 u\u017e slu\u010dky neobsahuje.\u00a0Je to dynamick\u00fd protokol, pokia\u013e teda vznikne slu\u010dka, tak sa prekonfiguruje, aby jej zabr\u00e1nil.\u00a0Rovnako tak, ak sa preru\u0161\u00ed niektor\u00e1 linka, tak sa pok\u00fasi vytvori\u0165 alternat\u00edvnu cestu (povolen\u00edm predt\u00fdm blokovan\u00e9ho portu), pokia\u013e je to mo\u017en\u00e9.<\/span><\/p>\n

      Ur\u010denie najkrat\u0161ej cesty<\/span><\/h4>\n

      STP vytv\u00e1ra strom najkrat\u0161\u00edch ciest (kostru grafu).\u00a0Najkrat\u0161ia cesta je ur\u010dovan\u00e1 na z\u00e1klade kumulat\u00edvne ceny liniek.\u00a0Cena linky je dan\u00e1 jej priepustnos\u0165ou (Bandwith), pod\u013ea nasleduj\u00facej tabu\u013eky.\u00a0V p\u00f4vodnej \u0161pecifik\u00e1cii sa po\u010d\u00edtalo s maxim\u00e1lnou r\u00fdchlos\u0165ou 1Gbs, tak\u017ee bola aktualizovan\u00e1, aby zah\u0155\u0148ala aj linky 10Gbps.<\/span><\/p>\n\n\n\n\n\n\n\n\n
      r\u00fdchlos\u0165 linky<\/span><\/th>\ncena od 2001<\/span><\/th>\ncena od 1998<\/span><\/th>\ncena p\u00f4vodnej<\/span><\/th>\n<\/tr>\n
      10 Gbps<\/span><\/td>\n2000<\/span><\/td>\n2<\/span><\/td>\n1<\/span><\/td>\n<\/tr>\n
      2 Gbps<\/span><\/td>\n10000<\/span><\/td>\n3<\/span><\/td>\n1<\/span><\/td>\n<\/tr>\n
      1 Gbps<\/span><\/td>\n20000<\/span><\/td>\n4<\/span><\/td>\n1<\/span><\/td>\n<\/tr>\n
      100 Mbps<\/span><\/td>\n200000<\/span><\/td>\n19<\/span><\/td>\n10<\/span><\/td>\n<\/tr>\n
      10 Mbps<\/span><\/td>\n2000000<\/span><\/td>\n100<\/span><\/td>\n100<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      Bridge ID – BID<\/span><\/h4>\n

      Bridge ID<\/span><\/strong>\u00a0(BID) je z\u00e1kladn\u00e1 hodnota ka\u017ed\u00e9ho switche a sklad\u00e1 sa z\u00a0\u00a0<\/span>priority<\/span><\/strong><\/em>\u00a0(2B), defaultn\u00fd je\u00a0<\/span>0x8000<\/code>, a\u00a0<\/span>MAC adresy<\/span><\/strong><\/em>\u00a0switche (6B).\u00a0Switch, ktor\u00fd m\u00e1 najni\u017e\u0161\u00ed BID sa st\u00e1va\u00a0<\/span>Root Bridge<\/span><\/em><\/strong>\u00a0.\u00a0BID m\u00f4\u017eeme zmeni\u0165 t\u00fdm, \u017ee zmen\u00edme prioritu switche.<\/span><\/p>\n

      Bridge Protocol Data Units – BPDU<\/span><\/h4>\n

      STP vyu\u017e\u00edva zasielanie \u0161peci\u00e1lnych spr\u00e1v medzi zariadeniami.\u00a0Tieto spr\u00e1vy sa volaj\u00fa\u00a0<\/span>BPDU<\/span><\/strong>\u00a0(bridge protocol d\u00e1ta units) a s\u00fa prij\u00edman\u00e9 aj blokovan\u00fdmi porty.\u00a0Na za\u010diatku komunik\u00e1cie sa pou\u017e\u00edvaj\u00fa\u00a0<\/span>konfigura\u010dn\u00e9 BPDU<\/span><\/strong><\/em>\u00a0, n\u00e1sledne Topology Change Notification –\u00a0<\/span>TCN BPDU<\/span><\/strong><\/em>\u00a0(oznamuj\u00fa zmenu v sie\u0165ovej topol\u00f3gii) a Topology Change Notification Acknowledgment –\u00a0<\/span>TCA BPDU<\/span><\/strong><\/em>\u00a0.\u00a0BPDU r\u00e1mca pou\u017e\u00edvaj\u00fa ako zdrojov\u00fa MAC adresu adresu portu a odosielaj\u00fa sa na STP multicast adresu\u00a0<\/span>01:80:C2:00:00:00<\/code>.<\/span><\/p>\n

      BPDU<\/span><\/em><\/strong>\u00a0m\u00e1 tri hlavn\u00e9 \u010dasti.\u00a0<\/span>Glob\u00e1lne inform\u00e1cie<\/span><\/strong><\/em>\u00a0o STP (verzia pod.), Inform\u00e1cie danej\u00a0<\/span>in\u0161tancie STP<\/span><\/strong><\/em>\u00a0pre konfigur\u00e1ciu a<\/span>\u00a0\u010dasov\u00e9 parametre<\/span><\/strong><\/em>\u00a0(STP timers).\u00a0<\/span>Hello Time<\/span><\/em>\u00a0je interval, po ktorom sa zasielaj\u00fa BPDU (default 2s).\u00a0<\/span>Max age<\/span><\/em>\u00a0(default 20s) a<\/span>\u00a0Forward delay<\/span><\/em>\u00a0(default 15s) s\u00fa doby medzi stavmi.<\/span><\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
      ve\u013ekos\u0165 [B]<\/span><\/td>\npolo\u017eka<\/span><\/td>\n<\/tr>\n
      2<\/span><\/td>\nprotocol ID<\/span><\/td>\n<\/tr>\n
      1<\/span><\/td>\nprotocol version<\/span><\/td>\n<\/tr>\n
      1<\/span><\/td>\nBPDU type<\/span><\/td>\n<\/tr>\n
      1<\/span><\/td>\nflags<\/span><\/td>\n<\/tr>\n
      8<\/span><\/td>\nroot BID<\/span><\/td>\n<\/tr>\n
      4<\/span><\/td>\nroot path cost<\/span><\/td>\n<\/tr>\n
      8<\/span><\/td>\nsender BID<\/span><\/td>\n<\/tr>\n
      2<\/span><\/td>\nsender port ID<\/span><\/td>\n<\/tr>\n
      2<\/span><\/td>\nMessage Age<\/span><\/td>\n<\/tr>\n
      2<\/span><\/td>\nMax Age<\/span><\/td>\n<\/tr>\n
      2<\/span><\/td>\nHello Time<\/span><\/td>\n<\/tr>\n
      2<\/span><\/td>\nforward Delay<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      Superior BPDU<\/span><\/em><\/strong>\u00a0(nadradenej BPDU) je tak\u00e9 BPDU, ktor\u00e9 m\u00e1 ni\u017e\u0161ie hodnoty Root BID, cenu cesty k roote, odosielacie BID a odosielaj\u00facej port ID ako ostatn\u00ed.<\/span><\/p>\n

      Root Bridge<\/span><\/h4>\n
        \n
      • m\u00e1 najni\u017e\u0161iu BID<\/span><\/li>\n
      • v\u0161etky jeho porty s\u00fa v stave forwarding (s\u00fa komunikuj\u00faci) a s\u00fa typu designated<\/span><\/li>\n
      • je to kore\u0148 stromu<\/span><\/li>\n
      • v\u0161etky rozhodnutia sa dej\u00fa z jeho poh\u013eadu<\/span><\/li>\n
      • be\u017ene je dobr\u00e9 zabezpe\u010di\u0165, aby Root Bridge bol najv\u00fdkonnej\u0161\u00ed switch (\u010do b\u00fdva z\u00e1rove\u0148 centr\u00e1lny prvok)<\/span><\/li>\n<\/ul>\n

        Vo\u013eba Root Bridge<\/span><\/h4>\n

        Ak nastav\u00edme prioritu switche na ni\u017e\u0161iu hodnotu, tak m\u00f4\u017eeme ur\u010di\u0165, ktor\u00fd switch bude Root Bridge.\u00a0Vo\u013eba Root Bridge prebieha nasledovne:<\/span><\/p>\n

          \n
        • switch (napr\u00edklad novo pripojen\u00fd) odo\u0161le BPDU (ako broadcast), kde nastav\u00ed svoje BID ako root BID<\/span><\/li>\n
        • ka\u017ed\u00fd switch prijme BPDU a ak je jeho BID men\u0161ia ako root, tak je oprav\u00ed na svoje a odo\u0161le<\/span><\/li>\n
        • ak prijme BPDU s ni\u017e\u0161\u00edm root BID, ako je jeho, tak ho uzn\u00e1 za Root Bridge<\/span><\/li>\n<\/ul>\n

          Typy portov<\/span><\/h4>\n

          \"\"<\/p>\n

          Jednotliv\u00fdm portom na switchi nastav\u00ed STP jeden z troch typov (ak nie je port disabled):<\/span><\/p>\n

            \n
          • root port<\/span><\/strong>\u00a0– port s najni\u017e\u0161ou cenou, bu\u010f linka priamo spojen\u00e1 s Root Bridge alebo s najkrat\u0161ou cestou k nemu.<\/span><\/li>\n
          • designated port<\/span><\/strong>\u00a0– port, ktor\u00fd je \u010dlenom STP topol\u00f3gie a prip\u00e1ja segment.<\/span><\/li>\n
          • non-designated port<\/span><\/strong>\u00a0– blokovan\u00fd port, redundantn\u00e9 cesta.<\/span><\/li>\n<\/ul>\n

            Root<\/span><\/em>\u00a0a\u00a0<\/span>designated port<\/span><\/em>\u00a0s\u00fa porty, ktor\u00e9 posielaj\u00fa d\u00e1ta, s\u00fa v stave\u00a0<\/span>forwarding<\/span><\/em><\/strong>\u00a0.\u00a0<\/span>Non-designated<\/span><\/em>\u00a0port je blokuj\u00face, teda v stave\u00a0<\/span>blocked<\/span><\/em><\/strong>\u00a0.<\/span><\/p>\n

            Stavy portov<\/span><\/h4>\n

            Pri konvergencii (zmene topol\u00f3gie, napr\u00edklad pripojenie switcha do siete) prech\u00e1dza jednotliv\u00e9 porty nieko\u013ek\u00fdch stavy.\u00a0Medzi ka\u017ed\u00fdm prechodom je ur\u010dit\u00fd maxim\u00e1lny \u010dasov\u00fd interval.<\/span><\/p>\n\n\n\n\n\n\n\n\n\n\n
            stav portu<\/span><\/td>\npopis<\/span><\/td>\n\u010das [s]<\/span><\/td>\n<\/td>\n<\/tr>\n
            Blocking (blokuj\u00face)<\/span><\/td>\nprij\u00edma iba BPDU, nevysiela<\/span><\/td>\n<\/td>\n<\/td>\n<\/tr>\n
            |<\/span><\/td>\n<\/td>\n20<\/span><\/td>\nMax-Age<\/span><\/td>\n<\/tr>\n
            Listening (po\u010d\u00favaj\u00faci)<\/span><\/td>\nposiela a prij\u00edma BPDU, ni\u010d in\u00e9<\/span><\/td>\n<\/td>\n<\/td>\n<\/tr>\n
            |<\/span><\/td>\n<\/td>\n15<\/span><\/td>\nForward Delay 1<\/span><\/td>\n<\/tr>\n
            Learning (u\u010diaci sa)<\/span><\/td>\nposiela a prij\u00edma BPDU a u\u010dia sa MAC adresy<\/span><\/td>\n<\/td>\n<\/td>\n<\/tr>\n
            |<\/span><\/td>\n<\/td>\n15<\/span><\/td>\nForward Delay 2<\/span><\/td>\n<\/tr>\n
            Forwarding (p\u0159epos\u00edlaj\u00edc\u00ed)<\/span><\/td>\nposiela a prij\u00edma v\u0161etko<\/span><\/td>\n<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

            Konvergencia STP<\/span><\/h4>\n

            Prep\u00ednanie po\u010d\u00edta\u010dov\u00e1 sie\u0165 je\u00a0<\/span>konvergovan\u00e1<\/span><\/em><\/strong>\u00a0vo chv\u00edli, ke\u010f v\u0161etky porty switchov s\u00fa bu\u010f v stave blocking alebo forwarding.\u00a0Teda\u00a0<\/span>konvergencie<\/span><\/em><\/strong>\u00a0je \u010das, ne\u017e port prejde zo stavu blocking do forwarding, \u0161tandardne je to max. 50s.\u00a0Ku konvergenciu doch\u00e1dza v\u017edy pri zmene topol\u00f3gie, teda pripojenie alebo odpojenie switche \/ portu alebo zmene konfigur\u00e1cie STP.\u00a0\u0160tandardne teda ka\u017ed\u00fd novo pripojen\u00fd port za\u010dne komunikova\u0165 a\u017e po 50s.\u00a0Rovnako tak pri v\u00fdpadku jednej linky d\u00f4jde k preklopeniu na z\u00e1lo\u017en\u00fd linku a\u017e po tejto dobe.<\/span><\/p>\n

            priebeh STP<\/span><\/h4>\n
              \n
            1. vol\u00ed sa Root Bridge<\/span><\/li>\n
            2. ur\u010duj\u00fa sa Root Porty<\/span><\/li>\n
            3. ur\u010duj\u00fa sa Designated Porty<\/span><\/li>\n
            4. ostatn\u00e9 sa nastav\u00ed ako Non-designated<\/span><\/li>\n<\/ol>\n

              M\u00f3dy \/ typy STP<\/span><\/h4>\n

              To \u010do som doposia\u013e popisoval, bol klasick\u00fd STP, ktor\u00fd sa ozna\u010duje ako\u00a0<\/span>Common Spanning Tree<\/span><\/strong>\u00a0(CST) a je dan\u00fd normou IEEE 802.1D.\u00a0V priebehu \u010dasu vzniklo nieko\u013eko \u010fal\u0161\u00edch typov STP, ktor\u00e9 vylep\u0161uj\u00fa niektor\u00e9 vlastnosti.\u00a0Na Cisco zariadeniach sa nehovor\u00ed o type, ale m\u00f3du, v ktorom STP pracuje.\u00a0Navy\u0161e Cisco pou\u017e\u00edva v\u00e4\u010d\u0161inu STP vo vlastnej upravenej verzii.<\/span><\/p>\n

              R\u00f4zne typy STP<\/span><\/strong><\/p>\n

                \n
              • Common Spanning Tree<\/span><\/strong>\u00a0(CST) – IEEE 802.1D, pre v\u0161etky VLANy be\u017e\u00ed jedin\u00e1 in\u0161tancia STP.\u00a0Norma vznikla v roku 1998 a CST bol zru\u0161en\u00fd rev\u00edzi\u00ed v roku 2004.<\/span><\/li>\n
              • Per-VLAN Spanning Tree<\/span><\/strong>\u00a0(Pin) – Cisco, vych\u00e1dza z IEEE 802.1D, ale pre ka\u017ed\u00fa VLAN be\u017e\u00ed samostatn\u00e1 in\u0161tancie STP.\u00a0V\u00fdhodou je, \u017ee m\u00f4\u017eem rozdeli\u0165 z\u00e1\u0165a\u017e, \u017ee ka\u017ed\u00e1 VLAN komunikuje inou cestou.\u00a0Pou\u017e\u00edva ISL trunk.<\/span><\/li>\n
              • Per-VLAN Spanning Tree Plus<\/span><\/strong>\u00a0(Pin +) – Cisco, rozdiel oproti Pin je v tom, \u017ee pou\u017e\u00edva 802.1q trunk.<\/span><\/li>\n
              • Rapid Spanning Tree<\/span><\/strong>\u00a0(RST) – IEEE 802.1w, hlavn\u00fd rozdiel je v r\u00fdchlej konvergencii (okolo 1s).\u00a0Rev\u00edzi\u00ed v roku 2004 spojilo do normy 802.1D.<\/span><\/li>\n
              • Rapid per-VLAN Spanning Tree Plus<\/span><\/strong>\u00a0(RPVST +) – Cisco, vych\u00e1dza z IEEE 802.1w, RST be\u017e\u00ed pre ka\u017ed\u00fa VLAN zvl\u00e1\u0161\u0165.<\/span><\/li>\n
              • Multiple Spanning Tree<\/span><\/strong>\u00a0(MST) – IEEE 802.1s, r\u00fdchle ako RST a umo\u017e\u0148uje mapova\u0165 nieko\u013eko VLAN do jednej STP in\u0161tancie, teda umo\u017en\u00ed u\u0161etri\u0165 po\u010det STP pre ve\u013ek\u00fd po\u010det VLAN.\u00a0MSTP be\u017e\u00ed navrchu nad RSTP, tak\u017ee v\u017edy mus\u00ed existova\u0165 oboje.\u00a0Pou\u017e\u00edva sa na chrbticu siete.\u00a0Rev\u00edzi\u00ed v roku 2003 spojilo do normy 802.1q, ktor\u00e1 sa venuje VLAN\u00e1m.<\/span><\/li>\n<\/ul>\n

                STP Load Balancing – vyva\u017eovanie z\u00e1\u0165a\u017ee medzi trunk portami<\/span><\/h3>\n

                Pomocou priority portu – port priority<\/span><\/h4>\n

                Spanning-Tree protokol<\/span><\/em><\/strong>\u00a0m\u00f4\u017eeme pou\u017ei\u0165 pre ur\u010dit\u00e9<\/span>\u00a0vyva\u017eovanie z\u00e1\u0165a\u017ee<\/span><\/em><\/strong>\u00a0VLAN na trunk portoch.\u00a0Vych\u00e1dza sa z toho, \u017ee switche m\u00e1me priamo prepojen\u00e9 viac ako jedn\u00fdm Trunk (\u010do je be\u017en\u00e9 kv\u00f4li redundanciu).\u00a0Vtedy je jedna linka blokovan\u00e1 a komunikuje sa len cez jednu.\u00a0Preto\u017ee pre obe linky je rovnak\u00e9<\/span>\u00a0Root Bridge ID<\/span><\/em>\u00a0,<\/span>\u00a0cena cesty<\/span><\/em>\u00a0aj<\/span>\u00a0BID odosielaj\u00faceho switche<\/span><\/em>\u00a0, tak sa blokovan\u00fd port vol\u00ed iba pod\u013ea<\/span>\u00a0odosielaj\u00faceho port ID<\/span><\/em><\/strong>\u00a0.<\/span><\/p>\n

                \"\"<\/p>\n

                \n

                Port ID<\/span><\/strong>\u00a0(16tich bitov\u00e1 hodnota) sa sklad\u00e1 z\u00a0<\/span>priority portu<\/span><\/em><\/strong>\u00a0a jeho\u00a0<\/span>indexu<\/span><\/em><\/strong>\u00a0.\u00a0Priorita portu je defaultne 128, ale m\u00f4\u017eeme ju zmeni\u0165 konfigur\u00e1ci\u00ed a to aj len pre niektor\u00fa VLAN.\u00a0Validn\u00fd hodnoty s\u00fa n\u00e1sobkami 16-tich do hodnoty 240, ostatn\u00e9 hodnoty s\u00fa odmietnut\u00e9.\u00a0Vy\u0161\u0161iu prioritu m\u00e1 Port ID s ni\u017e\u0161ou hodnotou (teda aj ni\u017e\u0161ie port priority).<\/span><\/p>\n

                SWITCH (config-if) # spanning-tree port-priority 48 <\/strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \/\/ priorita cel\u00e9ho interfacu \r\nSWITCH (config-if) # spanning-tree vlan 3 port-priority 48 <\/strong>\u00a0 \/\/ priorita portu pre dan\u00fa VLAN<\/span><\/pre>\n
                Pomocou ceny cesty – path cost<\/span><\/h4>\n
                Druh\u00e1 mo\u017enos\u0165 vyva\u017eovanie z\u00e1\u0165a\u017ee pomocou STP je vyu\u017eitie\u00a0<\/span>ceny cesty<\/span><\/em><\/strong>\u00a0(path cost).\u00a0Pri tejto met\u00f3de m\u00f4\u017eu by\u0165 r\u00f4zne trunk linky zapojen\u00e9 do r\u00f4znych switchov.\u00a0Cena cesty sa \u0161tandardne ur\u010duje pod\u013ea r\u00fdchlosti linky.\u00a0Cenu m\u00f4\u017eeme tie\u017e zada\u0165 ru\u010dne, ni\u017e\u0161ia hodnota m\u00e1 v\u00e4\u010d\u0161iu prioritu (ak s\u00fa hodnoty rovnak\u00e9, tak sa ur\u010duje pod\u013ea BID a port ID).<\/span><\/p>\n
                SWITCH (config-if) # spanning-tree cost 4 <\/strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0  \/\/ cena cel\u00e9ho interfacu \r\nSWITCH (config-if) # spanning-tree vlan 10 cost 4 <\/strong>  \/\/ cena pre VLAN na interfacu<\/span><\/pre>\n
                Konfigur\u00e1cia STP v Cisco IOS<\/span><\/h3>\n
                Pozn .:<\/span><\/strong><\/em>\u00a0Mysl\u00edm, \u017ee v mnoh\u00fdch pr\u00edpadoch v praxi, n\u00e1m sta\u010d\u00ed konfigurova\u0165 iba dve veci.\u00a0Ur\u010di\u0165<\/span>\u00a0Root Bridge<\/span><\/strong><\/em>\u00a0a na ka\u017ed\u00fd koncov\u00fd port (kde je pripojen\u00fd po\u010d\u00edta\u010d) nastavi\u0165<\/span>\u00a0PortFast<\/span><\/strong><\/em>\u00a0.<\/span><\/p>\n
                Dne\u0161n\u00e9 Cisco switche podporuj\u00fa STP v m\u00f3de Pin +, Rapid Pin + a MSTP.\u00a0Pre Pin + a RPVST + m\u00f4\u017ee existova\u0165 (v\u00e4\u010d\u0161inou) max. 128 STP in\u0161tanci\u00ed.\u00a0Pre MSTP b\u00fdva limit 65 in\u0161tanci\u00ed.\u00a0Ide teda iba o verzie STP, ktor\u00e9 obsahuj\u00fa Cisco roz\u0161\u00edrenia.<\/span><\/p>\n
                Pozn .:<\/span><\/em><\/strong>\u00a0STP je na Cisco switchoch \u0161tandardne zapnut\u00e9 (v m\u00f3de Pin +) a neodpor\u00fa\u010da sa ho vyp\u00edna\u0165.<\/span><\/p>\n
                Z\u00e1kladn\u00e1 konfigur\u00e1cia parametrov STP nez\u00e1le\u017e\u00ed na pou\u017eitom m\u00f3du, pre vy\u0161\u0161ie re\u017eimy len prib\u00fadaj\u00fa \u010fal\u0161ie vlastnosti.\u00a0V tejto kapitole budem opisova\u0165 iba konfigur\u00e1ciu STP v m\u00f3de Pin +.\u00a0V tomto pr\u00edpade v\u00e4\u010d\u0161inou nepotrebujeme konfigurova\u0165 takmer ni\u010d.<\/span><\/p>\n
                Pozn .:<\/span><\/em><\/strong>\u00a0Mo\u017en\u00e9 konfigur\u00e1cie a vlastnosti sa l\u00ed\u0161ia pod\u013ea verzie IOSu.<\/span><\/p>\n
                Na za\u010diatku konfigur\u00e1cie m\u00f4\u017eeme zvoli\u0165, v akom m\u00f3de m\u00e1 STP pracova\u0165.<\/span><\/p>\n
                SWITCH (config) # spanning-tree mode Pin     <\/strong>\/\/ nastavenie m\u00f3du STP<\/span><\/pre>\n
                Pozn .:<\/span><\/em><\/strong>\u00a0Ak zmen\u00edme m\u00f3d STP, tak s\u00fa v\u0161etky in\u0161tancie znova inicializovan\u00e9 a m\u00f4\u017ee d\u00f4js\u0165 k preru\u0161eniu komunik\u00e1cie.<\/span><\/p>\n
                \u010ealej m\u00f4\u017eeme zapn\u00fa\u0165 \u010di vypn\u00fa\u0165 STP pre jednotliv\u00fa VLAN.<\/span><\/p>\n
                SWITCH (config) # spanning-tree vlan 10       <\/strong>\/\/ zapne STP pre VLAN 10 \r\nSWITCH (config) # no spanning-tree vlan 10    <\/strong>\/\/ vypne STP pre VLAN 10<\/span><\/pre>\n
                Potom m\u00f4\u017eeme konfigurova\u0165 jednotliv\u00e9 parametre STP pre ka\u017ed\u00fa VLAN zvl\u00e1\u0161\u0165.\u00a0Mysl\u00edm, \u017ee najd\u00f4le\u017eitej\u0161ie je nastavenie priority, preto\u017ee t\u00fdm ur\u010dujeme Root Bridge.\u00a0Pr\u00edkaz s\u00a0<\/span>root primary<\/code>zistia aktu\u00e1lne najni\u017e\u0161iu prioritu v STP in\u0161tanciu a nastav\u00ed ni\u017e\u0161ia, tak\u017ee je e\u0161te lep\u0161\u00ed ako nastavovanie priamo priority.<\/span><\/p>\n
                Pozn .:<\/span><\/em><\/strong>\u00a0STP in\u0161tancie pre VLAN vznik\u00e1 automaticky, ke\u010f je prv\u00fd port zaraden\u00fd do VLANy a ru\u0161\u00ed sa, ke\u010f sa posledn\u00fd port vyrad\u00ed.<\/span><\/p>\n
                SWITCH (config) # spanning-tree vlan 10 priority 32768 <\/strong>\/\/ nastav\u00ed prioritu switche, n\u00e1sobky 4096 \r\nSWITCH (config) # spanning-tree vlan 10 root primary    <\/strong>\/\/ nastav\u00ed switch ako root<\/span><\/pre>\n
                Namiesto jednej VLANy m\u00f4\u017eeme definova\u0165 aj nieko\u013eko oddelen\u00fdch \u010diarkou alebo rozsah pomocou poml\u010dky.<\/span><\/p>\n
                Tie\u017e m\u00f4\u017eeme pou\u017ei\u0165 volite\u013en\u00e9 k\u013e\u00fa\u010dov\u00e9 slovo diameter a definova\u0165 maxim\u00e1lny priemer siete.\u00a0V praxi v\u00e4\u010d\u0161inou ako Root Bridge vol\u00edme centr\u00e1lny prvok (core switch) a polomer siete b\u00fdva 2 (k centru s\u00fa pripojen\u00e9 rovno access switch) alebo 3 (m\u00e1me e\u0161te distribu\u010dn\u00e9 vrstvu).\u00a0Switch potom dopo\u010d\u00edta optim\u00e1lne hodnoty pre\u00a0<\/span>hello time<\/span><\/em>\u00a0,\u00a0<\/span>forward-delay time<\/span><\/em>\u00a0, a\u00a0<\/span>maximum-age time<\/span><\/em>\u00a0.<\/span><\/p>\n
                SWITCH (config) # spanning-tree vlan 1-4094 root primary diameter 2<\/strong><\/span><\/pre>\n
                Pre kontrolu a doh\u013ead na STP sl\u00fa\u017ei rad show pr\u00edkazov.<\/span><\/p>\n
                SWITCH # show spanning-tree                <\/strong> \/\/ zobraz\u00ed info o STP pre ka\u017ed\u00fa VLAN \r\nSWITCH # show spanning-tree summary         <\/strong>\/\/ stru\u010dn\u00e9 info o STP \r\nSWITCH # show spanning-tree detail          <\/strong>\/\/ detailn\u00e9 info o STP \r\nSWITCH # show spanning-tree vlan 100        <\/strong>\/ \/ info o STP len pre dan\u00fa VLAN \r\nSWITCH # show spanning-tree interface f0 \/ 1 <\/strong>\/\/ info o STP iba pre dan\u00fd interface \r\nSWITCH # show spanning-tree bridge detail   <\/strong>\/\/ stru\u010dn\u00e9 preh\u013ead STP in\u0161tanci\u00ed<\/span><\/pre>\n
                Ako zist\u00edm, ktor\u00fd switch je Root Bridge?<\/span><\/h4>\n
                Pomocou\u00a0<\/span>show spanning-tree summary\u00a0<\/code>vid\u00edm, pre ktor\u00e9 VLANy je dan\u00fd switch\u00a0<\/span>root<\/span><\/strong><\/em>\u00a0.\u00a0Tie\u017e to pozn\u00e1m pod\u013ea toho, \u017ee pre dan\u00fa VLAN s\u00fa v\u0161etky porty v stave\u00a0<\/span>Designated<\/span><\/strong><\/em>\u00a0.<\/span><\/p>\n
                Aby som vyh\u013eadal spr\u00e1vny switch, tak sa na akomko\u013evek switchi pozriem na\u00a0<\/span>show spanning-tree vlan 100<\/code>, ktor\u00fd port je\u00a0<\/span>Root<\/span><\/strong><\/em>\u00a0a prejdem na switch, ktor\u00fd je do neho pripojen\u00fd.\u00a0Postupne sa dostanem a\u017e na\u00a0<\/span>Root Bridge<\/span><\/strong><\/em>\u00a0.<\/span><\/p>\n
                Roz\u0161\u00edrenie STP<\/span><\/h4>\n
                Cisco m\u00e1 rad roz\u0161\u00edrenie pre be\u017en\u00e9 STP.\u00a0V\u00e4\u010d\u0161inou sa jedn\u00e1 o zv\u00fd\u0161enie r\u00fdchlosti alebo zlep\u0161enie bezpe\u010dnosti.\u00a0Iba stru\u010dne sa zmienim o nieko\u013ek\u00fdch z nich.\u00a0Najd\u00f4le\u017eitej\u0161ie je, pod\u013ea m\u00f4jho n\u00e1zoru,\u00a0<\/span>portfast<\/code>.<\/span><\/p>\n
                PortFast<\/span><\/h4>\n
                Norm\u00e1lne sa po pripojen\u00ed zariadenia k portu mus\u00ed prejs\u0165 cel\u00fd cyklus od zablokovan\u00e9ho stavu k forwarding.\u00a0Ak vieme, \u017ee na porte je pripojen\u00fd len po\u010d\u00edta\u010d a nem\u00f4\u017ee d\u00f4js\u0165 k slu\u010dke, tak m\u00f4\u017eeme nastavi\u0165 port ako\u00a0<\/span>portfast<\/span><\/strong><\/em>\u00a0, kedy po zapnut\u00ed prejde rovno do stavu\u00a0<\/span>forwarding<\/span><\/em><\/strong>\u00a0.\u00a0Nastavi\u0165 m\u00f4\u017eeme bu\u010f\u00a0<\/span>na port<\/span><\/em><\/strong>\u00a0alebo\u00a0<\/span>glob\u00e1lne<\/span><\/em><\/strong>\u00a0pre v\u0161etky porty (kde nie je ur\u010den\u00e9 inak).<\/span><\/p>\n
                SWITCH (config-if) # spanning-tree portfast <\/strong>       \/\/ pre jeden port \r\nSWITCH (config) # spanning-tree portfast default <\/strong> \/\/ pre v\u0161etky<\/span><\/pre>\n
                Pozn .:<\/span><\/em><\/strong>\u00a0Ak nie je nastaven\u00fd portfast, tak sa \u010dasto stane, \u017ee pripojen\u00e9 PC (napr\u00edklad s Windows XP) nabootuje sk\u00f4r, ne\u017e port prejde do forwarding stavu, tak\u017ee pri odoslan\u00ed \u017eiadosti DHCP o adresu nedostaneme odpove\u010f a nast\u00e1va rad probl\u00e9mov.\u00a0Portfast m\u00f4\u017eeme nastavi\u0165 aj na trunk port, ak je tu pripojen\u00fd server.<\/span><\/p>\n
                UplinkFast<\/span><\/h4>\n
                Pou\u017e\u00edva sa preva\u017ene na pr\u00edstupov\u00fdch switchoch (access switch).\u00a0Pri v\u00fdpadku hlavnej linky (Root Port), odblokuje z\u00e1lo\u017en\u00fa linku a zabezpe\u010d\u00ed jej\u00a0<\/span>okam\u017eit\u00e9 prepnutie do forwarding stavu<\/span><\/em><\/strong>\u00a0(vynech\u00e1va stavy listening a learning).\u00a0Nastavuje sa pre cel\u00fd switch.<\/span><\/p>\n
                SWITCH (config) # spanning-tree uplinkfast<\/strong><\/span><\/pre>\n
                BPDUguard a BPDUfilter<\/span><\/h4>\n
                Obe funkcie m\u00f4\u017eeme nastavi\u0165 bu\u010fto\u00a0<\/span>per port<\/span><\/em><\/strong>\u00a0alebo\u00a0<\/span>glob\u00e1lne<\/span><\/em><\/strong>\u00a0, ako defaultn\u00fd spr\u00e1vanie portu, vtedy sa v\u0161ak t\u00fdka iba portov, ktor\u00e9 maj\u00fa nastaven\u00fd\u00a0<\/span>portfast<\/span><\/em><\/strong>\u00a0.<\/span><\/p>\n
                BPDU guard<\/span><\/em><\/strong>\u00a0ochra\u0148uje port, ktor\u00fd je ur\u010den\u00fd pre koncov\u00fa stanicu (alebo server).\u00a0Ak cez tento port pr\u00edde BPDU, tak sa port vypne (prepne sa do stavu<\/span>error-disable<\/code>).\u00a0V\u00e4\u010d\u0161inou to znamen\u00e1, \u017ee niekto pripojil nepovolen\u00fd switch.<\/span><\/p>\n
                SWITCH (config-if) # spanning-tree bpduguard enable          <\/strong>\/\/ pre jeden interface \r\nSWITCH (config) # spanning-tree portfast bpduguard default <\/strong>\/\/ pre v\u0161etky<\/span><\/pre>\n
                BPDU filter<\/span><\/em><\/strong>\u00a0sl\u00fa\u017ei na filtrovanie STP prev\u00e1dzky na portoch ur\u010den\u00fdch pre koncov\u00fa stanicu (alebo server).\u00a0Zabr\u00e1ni prij\u00edmanie a odosielanie BPDU paketov, \u010do je dobr\u00e9 nastavi\u0165, aby klientsk\u00e9 stanice nedost\u00e1vali t\u00fato komunik\u00e1ciu.\u00a0Pokia\u013e na port doraz\u00ed BPDU, tak sa vypne<\/span>\u00a0portfast<\/span><\/em><\/strong>\u00a0(ak bolo zapnut\u00e9) a tie\u017e<\/span>\u00a0BPDU filter<\/span><\/em><\/strong>\u00a0.<\/span><\/p>\n
                SWITCH (config-if) # spanning-tree bpdufilter enable          <\/strong>\/\/ pre jeden interface \r\nSWITCH (config) # spanning-tree portfast bpdufilter default <\/strong>\/\/ pre v\u0161etky<\/span><\/pre>\n
                STP Guard<\/span><\/h4>\n
                M\u00f4\u017eeme pou\u017ei\u0165\u00a0<\/span>Root Guard<\/span><\/strong><\/em>\u00a0, ktor\u00fd chr\u00e1ni sie\u0165, aby sa nestal nechcen\u00fd switch\u00a0<\/span>Root Bridge<\/span><\/em>\u00a0.\u00a0Ak by napr\u00edklad niekto pripojil switch s prioritou 0 a n\u00edzkou MAC adresou.\u00a0Vynucuje, aby port, na ktor\u00fd je nastaven\u00fd Root Guard bol\u00a0<\/span>designated portom<\/span><\/strong><\/em>\u00a0, ak by sa mal sta\u0165 root portom, tak sa zablokuje (prepne sa do\u00a0<\/span>root-inconsistent<\/code>stavu, kedy neposiela d\u00e1ta, ale prij\u00edma BPDU).<\/span><\/p>\n
                SWITCH (config-if) # spanning-tree guard root<\/strong><\/span><\/pre>\n
                Dodato\u010dn\u00fa obranu pred vznikom slu\u010diek pon\u00faka\u00a0<\/span>Loop Guard<\/span><\/em><\/strong>\u00a0.<\/span><\/p>\n
                SWITCH (config-if) # spanning-tree guard loop <\/strong>     \/\/ pre jeden interface \r\nSWITCH (config) # spanning-tree loopguard default <\/strong>\/\/ pre v\u0161etky<\/span><\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
                Mysl\u00edm, \u017ee spr\u00e1vca men\u0161ej siete, ani nemus\u00ed vedie\u0165, ako presne STP funguje (aj ke\u010f je to v\u017edy lep\u0161ie), ale d\u00f4le\u017eit\u00e9 je vedie\u0165, \u010do m\u00f4\u017ee slu\u010dka…<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":431,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/487"}],"collection":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/comments?post=487"}],"version-history":[{"count":1,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/487\/revisions"}],"predecessor-version":[{"id":493,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/487\/revisions\/493"}],"up":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/431"}],"wp:attachment":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/media?parent=487"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}