A virtual LAN (VLAN) is a logical grouping of systems that is not constrained by geographic boundaries. These groupings create a broadcast domain, and function just like a traditional LAN. Systems within the VLAN are not necessarily physically co-located, but do not require a router to connect them. (Routers are used to connect two separate VLANs.) VLANs are interconnected using system bridging software. The Sun Secure Application Switch supports up to 4094 VLANs system wide. Each VLAN is contained within a single virtual router context. One virtual router can support up to 512 VLANs with up to 5632 interfaces.
Spanning Tree Protocol (STP) is a bridge-based protocol that allows you to configure an L2 network on the Sun Secure Application Switch with redundant traffic paths. To prevent loops (multiple active paths between switches), the Spanning Tree algorithm allows only one path to exist between any two network devices. If STP finds a redundant path, it forces one of the paths into a blocked or standby state and uses the path with the lowest cost to forward data. If the original path fails, STP activates the redundant path to ensure the network continues to operate properly. All switches in the VLAN exchange messages called Bridge Protocol Data Units (BPDUs) to determine the root bridge (the main reference point in the Spanning Tree network), learn about other switches, and to determine the network topology. You can define one spanning tree instance for each VLAN on the Sun Secure Application Switch. The bridging topology that is established by STP is VLAN-specific. Different VLANs run STP independently and may establish different forwarding topologies.
| Phase | Description |
|---|---|
| 1 |
Root bridge selection When the Spanning Tree is configured,
all switches in the VLAN advertise themselves as the root bridge.
Typically, the switch with the lowest bridge ID becomes the root bridge.
The bridge ID consists of the configured priority and the switch MAC
address. The root bridge is the only switch that generates configuration information to the rest of the switches in the VLAN. |
| 2 | Determine root path costs STP assigns a cost to all of the paths from the root bridge to each port on a switch in the VLAN. STP bases this value on the number of network segments that a frame must traverse and the network segment's speed. Path cost can also be configured. |
| 3 |
Root port selection After determining the path costs, each
switch determines which of their ports has the lowest cost path to the
root bridge. This port becomes the root port for the switch. The root
port receives the configuration BPDUs from the root bridge. All non-root switches participating in the Spanning Tree network have one root port; the root bridge does not have a root port. |
| 4 | Designated switch selection A designated switch is the switch that forwards data for a network segment to the root bridge. STP determines which switch in a network segment has the lowest cost path to reach the root bridge; this switch becomes the designated switch. The designated switch is the only switch that forwards configuration BPDUs. Each network segment has only one designated switch. The port that connects a network segment to the designated switch is called the designated port. Designated ports are always in a forwarding state. The lowest path cost from a network segment to the root bridge determines which port is the designated port. All of the ports on a root bridge are designated ports. |
| 5 | Ports transition to a forwarding or blocked states Root and designated ports are set to a forwarding state. These ports can send and receive BPDUs and data. STP sets all other ports on the switches in the VLAN to a blocked state. These ports can send and receive BPDUs; however, they cannot send or receive data. |