What is differrence between STP and RSPT ?

 RSTP has faster convergence than STP. This is because RSTP does not rely on forwarding delay timers, making it faster and more efficient. RSTP also allows for easier port transitions from discarding to forwarding states, which is beneficial in a network where switches are constantly changing roles

RSTP can be described by three port states: Discarding, Learning, and Forwarding. The Disabled, Blocking, and Listening states described by STP have been combined into the Discarding state in RSTP. The functionality is similar.

In RSTP, the Alternate port and Backup port are allowed to directly enter the forwarding state which allows the convergence time of the network to be reduced significantly. In STP, the port must wait for the network to converge (40-50 seconds) before entering the forwarding state. This is a major advantage of RSTP over STP.

 

STP	RSTP	Description
Disabled	Discarding	The port only listens for BDPUs. There is no forwarding, processing, or learning of MAC addresses.
Blocking
Listening
Learning	Learning	The port sends and receives BPDUs and also learns MAC addresses. Forwarding does not occur in this state.
Forwarding	Forwarding	The port can send and receive data, learn MAC addresses, and forward data to its destination.

RSTP Port Roles

Root Port	The port that receives Bridge Protocol Data Units (BPDUs) on the root bridge. These are messages that are exchanged between switches on the network.
Designated Port	The port selected in each local area network (LAN) segment which provides the lowest root path cost. The higher the link speed, the lower the cost value.
Alternate Port	If a port is not to be used as a designated port, it will become an alternate port. This is a backup for the root port in case of failure and is blocked during typical operation of the root port.
Backup Port	This is the backup for the designated port. If the root port fails, the backup port becomes the new designated port. The backup port is normally blocked with the designated port is operating correctly.

WHta is STP :Spanning Tree Protocol ?

A redundant link network topology uses the Spanning Tree Protocol (STP), which is a network protocol that is used to avoid loops. In order to prevent loops from forming in the network, it is used to make sure that there is only one active path between two network devices.

In order for STP to function, one of the many accessible paths is chosen as the "root path," and any further redundant links are then turned off. The root path is chosen based on a number of factors, which include the root's shortest path, lowest path cost, and lowest bridge ID. Then, the STP algorithm decides which links may be activated securely and which ones need to be disabled.

Spanning Tree Protocol supports the five port states: forwarding, learning, listening, blocking, and disabled. It contains the two bits from the flag octet.

STP has some disadvantages such as a slow convergence time and an inability to adjust to quick changes in the network topology. In order to overcome these restrictions, the Rapid Spanning Tree Protocol (RSTP) was created

Advantages of STP:

·       It is a mature protocol that has been widely used in networks for many years.

·       It can handle complex topologies and prevent network loops by blocking redundant links.

·       It provides a stable network topology by ensuring that only one path is active at any given time.

·       It is supported by most network devices and can be configured easily.

·       It does not require special hardware or software.

Disadvantages of STP:

·       It has slow convergence time, which can cause network downtime and performance issues.

·       It can lead to inefficient use of network resources by blocking links even when they are not actually causing a network loop.

·       It cannot detect changes in the network topology quickly and may cause network instability.

·       It may require manual configuration and management in large networks.

STP operation:

·       All switches of the STP domain, first elect a root bridge. The root bridge acts as a point of reference for all other switches in the network. All ports of the root bridge remain in the forwarding mode.

·       Once the root bridge is elected, all remaining switches select a single port that has the shortest path cost to reach the root bridge and marked it as the root port.

·       After selecting the root port, switches determine a single designated port for each connection.

·       If multiple ports are connected with the same switch or LAN segment, the switch select only one port that has the lowest path cost and marks it as the designated port.

·       Once the root port and designated ports are selected, the switch blocks all remaining ports to remove any possible or existing loop from the network.

What is the STP?

STP is a protocol. It actively monitors all links of the network. To finds a redundant link, it uses an algorithm, known as the STA (spanning-tree algorithm). The STA algorithm first creates a topology database then it finds and disables the redundant links. Once redundant links are disabled, only the STP-chosen links remain active. If a new link is added or an existing link is removed, the STP re-runs the STA algorithm and re-adjusts all links to reflect the change.

Root Bridge

A Root Bridge is the starting point of the STP network topology. To elect a Root Bridge from all switches of the network, STP uses two parameters; a variable known as bridge priority and the MAC addresses of participating switches. A switch that has the lowest bridge priority value, is elected as the root bridge. If the bridge priority value is the same in all switches, the switch which has the lowest MAC address is elected as the Root Bridge.

By default, the bridge priority value is set to 32768 in all Cisco switches. Unless you change this value, a switch that has the lowest MAC address is elected as the Root Bridge. If you want a specific switch to be elected as the Root Bridge, you can set the bridge priority value of that switch to less than 32768.

The selection process of the Root Bridge happens each time when a network change occurs like a new switch is added in the network topology, or an existing switch is removed or the current Root Bridge is failed. If other switches of the network do not receive BPDUs from the Root Bridge within 20 seconds, they assume that the Root Bridge has failed. If the current Root Bridge fails, remaining switches automatically start the election process to choose a new Root Bridge again.

Non-Root Bridge

Except the Root Bridge, all remaining switches of the network are considered as the Non-Root Bridges. Non-Root Bridges receive updates from the Root Bridge and update their STP databases relatively.

Port Cost

Based on the connected media link, STP assigns a value to each port of the network. This value is known as the port cost value. STP uses this value to choose the single best path when multiple links are available between two switches. It selects the port which has the lowest port cost value.

Path Cost

Path cost is an accumulated value of the port costs from the Root Bridge to other switches in the network. It is always calculated from the Root Bridge. Default path cost at the Root Bridge is 0. BPDU contains the path cost information.

When the Root Bridge advertises BPDU out from its interfaces, it sets the path cost to 0. The switch which receives this BPDU increments the path cost by adding the port cost value of the port on which the BPDU arrived. For example, if the switch receives the BPDU on the Gigabit interface then the accumulated path cost will be 4.

0 (Value which it received from the Root Bridge) + 4 (Port cost value of the interface on which it received the BPDU) = 4

Now, this switch sets the accumulated path cost (4) in the BPDU and forwards it. The next switch which is connected with this switch follows the same rule. For example, if the next switch receives this BPDU on the Fast Ethernet port, for that switch, the accumulated path cost will be 23.

4 (Value which is received) + 19 (Port cost value of the incoming port) = 23.

Root Port

The Root port is the port that directly connects to the Root Bridge, or has the shortest path to the Root Bridge. The shortest path is the path that has the lowest path cost value. Remember that, a switch can go through many other switches to get the root bridge. So it’s not always the shortest path but it is the fastest path.

Designated Ports

A designated port is the port that has the lowest port cost value to get on a given network, compared to other ports on that segment. STP marks the designated ports as the forwarding ports. Forwarding ports are used to forward the frames.

Non-Designated Ports

A non-designated port is a port that has the higher port cost than the designated port. STP marks the non-designated port as the blocking port. Blocking ports are used to remove loops.

STP port states

All ports on a STP running switch, go through the four different states; blocking, listening, learning, and forwarding. Through these states, the switch not only understands the network topology but also calculates the path cost value and based on that value elects the designated and non-designated ports. After these states, the switch is considered as the STP convergent switch. Let’s understand each state in detail.

STP Blocking state

When we power on a switch, the switch puts all of its ports in this state. In this state, the switch only listens and processes the BPDUs. Except the BPDUs, it drops all other frames. From the incoming BPDUs, it learns the network topology and determines the ports which will work as the root ports, as the designated ports, and as the blocked ports.

All ports remain in this state for twenty seconds. After twenty seconds, only the root port and designated ports move into the next state. Remaining ports stay in this state.

STP Listening state

In this state, ports still listen and process only BPDUs. All other frames except BPDUs are dropped. The switch double checks the layer 2 topology to make sure that no loops occur in the network before processing the data frames. Ports remain in this state for fifteen seconds.

STP Learning state

Only the root port and designated ports enter into the learning state from the listening state. In this state, ports still listen and process BPDUs. However, in this state, ports start processing user frames. Switch examines the source address of user frames and updates its CAM table but it does not forward any user frame to the destination port. Ports stay in this state for fifteen seconds.

STP Forwarding state

In this state, the switch listens and processes both BPDUs and user frames. It uses BPDUs to monitor the network topology. By reading the source address field of users’ frames it also builds and updates CAM table entries. This state is also referred as the convergence.

STP Disable state

This state applies to all ports which are either manually shut down or removed from the STP by an administrator. All unplugged ports also remain in this state. Any port which belongs to this state does not participate in the STP operation.

 

Whta is ARP: Address Resolution Protocol ?

 The Address Resolution Protocol helps map IP addresses to physical machine addresses (or a MAC address for Ethernet) recognized in the local network. A table called an ARP cache is used to maintain a correlation between each IP address and its corresponding MAC address. ARP offers the rules to make these correlations, and helps convert addresses in both directions.

Advantages

• MAC addresses need not be known or memorized, as the ARP cache contains all the MAC addresses and maps them automatically with IPs.

Disadvantages

• ARP is susceptible to security attacks called ARP spoofing attacks.
• When using ARP, sometimes a hacker might be able to stop the traffic altogether. This is also known as ARP denial-of-services.

What is SNMP (Simple Network Management Protocol) ?

 SNMP is an application layer protocol used to manage nodes, like servers, workstations, routers, switches, etc., on an IP network. SNMP enables network admins to monitor network performance, identify network glitches, and troubleshoot them. SNMP protocol is comprised of three components: a managed device, an SNMP agent, and an SNMP manager.

The SNMP agent resides on the managed device. The agent is a software module that has local knowledge of management information and translates that information into a form compatible with the SNMP manager. The SNMP manager presents the data obtained from the SNMP agent, helping network admins manage nodes effectively.

Currently, there are three versions of SNMP: SNMP v1, SNMP v2, and SNMP v3. Both versions 1 and 2 have many features in common, but SNMP v2 offers enhancements such as additional protocol operations. SNMP version 3 (SNMP v3) adds security and remote configuration capabilities to the previous versions.

What is ICMP ?

The ICMP stands for Internet Control Message Protocol. It is a network layer protocol. It is used for error handling in the network layer, and it is primarily used on network devices such as routers. As different types of errors can exist in the network layer, so ICMP can be used to report these errors and to debug those errors. For example, some sender wants to send the message to some destination, but the router couldn't send the message to the destination. In this case, the router sends the message to the sender that I could not send the message to that destination.

The IP protocol does not have any error-reporting or error-correcting mechanism, so it uses a message to convey the information.

The ICMP messages are usually divided into two categories:

• Error-reporting messages

The error-reporting message means that the router encounters a problem when it processes an IP packet then it reports a message.

• Query messages

The query messages are those messages that help the host to get the specific information of another host. For example, suppose there are a client and a server, and the client wants to know whether the server is live or not, then it sends the ICMP message to the server.

ICMP Message Format

The message format has two things; one is a category that tells us which type of message it is. If the message is of error type, the error message contains the type and the code. The type defines the type of message while the code defines the subtype of the message.

The ICMP message contains the following fields:

• Type: It is an 8-bit field. It defines the ICMP message type. The values range from 0 to 127 are defined for ICMPv6, and the values from 128 to 255 are the informational messages.
• Code: It is an 8-bit field that defines the subtype of the ICMP message
• Checksum: It is a 16-bit field to detect whether the error exists in the message or not.

What is VLAN ?

 A VLAN (Virtual Local Area Network) is a logical grouping of devices within a network that allows for the segmentation and isolation of network traffic. It is a method used to create multiple broadcast domains within a single physical network infrastructure.

Traditionally, in a physical network, all devices connected to the same switch or broadcast domain are part of the same LAN (Local Area Network) and can communicate with each other directly. However, VLANs enable network administrators to divide the network into smaller, virtual LANs, even if the devices are physically connected to the same switch.

Here are some key points about VLANs:

Logical Segmentation: VLANs allow for the logical segmentation of a network by grouping devices together based on criteria such as department, function, location, or security requirements. Devices within the same VLAN can communicate with each other as if they were on the same physical LAN, while traffic between VLANs requires routing.

Broadcast Isolation: VLANs provide broadcast isolation, meaning that broadcast traffic sent within a VLAN is limited to devices within that VLAN, reducing unnecessary network traffic and improving network efficiency.

Security and Access Control: VLANs enable enhanced security and access control by separating sensitive or critical devices from the rest of the network. Access control lists (ACLs) and firewall rules can be applied between VLANs to control and restrict communication.

Scalability: VLANs offer scalability by allowing network administrators to create and manage multiple logical networks within a single physical infrastructure. This enables efficient network management and facilitates network expansion without the need for additional physical cabling.

VLAN Tagging: To identify VLAN membership, VLAN tagging is used. Ethernet frames are tagged with a VLAN ID, known as a VLAN tag, which allows switches and routers to distinguish between different VLANs. The most commonly used VLAN tagging protocols are IEEE 802.1Q and ISL (Inter-Switch Link).

Overall, VLANs provide flexibility, scalability, and improved network performance by enabling the logical segmentation of a network into multiple virtual LANs. They are widely used in modern networks to achieve efficient network management, enhance security, and support the diverse requirements of different network environments.

What is the difference between LDP and RSVP ?

LDP (Label Distribution Protocol) and RSVP (Resource Reservation Protocol) are both signaling protocols used in MPLS (Multiprotocol Label Switching) networks, but they serve different purposes. Here are the differences between LDP and RSVP:

Function:

LDP: LDP is primarily responsible for the distribution and allocation of labels used in MPLS forwarding. It establishes label bindings between routers, allowing them to create label-switched paths (LSPs) for forwarding packets.

RSVP: RSVP is a signaling protocol used for resource reservation in network traffic. It is primarily used for establishing Quality of Service (QoS) paths and reserving bandwidth along a network path.

Label Distribution:

LDP: LDP uses a hop-by-hop approach for label distribution. It distributes labels to each individual hop or router along the path, without considering the specific traffic requirements or available resources.

RSVP: RSVP supports explicit routing and allows for the reservation of specific resources along a path. It provides end-to-end signaling, enabling routers to exchange information about the required resources and QoS parameters for a particular flow.

Traffic Engineering:

LDP: LDP does not provide explicit traffic engineering capabilities. It is primarily focused on label distribution for MPLS forwarding.

RSVP: RSVP supports traffic engineering by allowing routers to reserve and allocate network resources based on specific QoS requirements. It enables the creation of explicit paths for traffic based on the desired QoS parameters.

Resource Reservation:

LDP: LDP does not provide explicit resource reservation mechanisms. It assumes that sufficient resources are available in the network for forwarding packets based on the allocated labels.

RSVP: RSVP enables the reservation of network resources along a path, ensuring that sufficient bandwidth and other resources are available to meet the QoS requirements of the traffic.

Application:

LDP: LDP is commonly used for label distribution in MPLS networks, where the primary goal is to establish label-switched paths for efficient packet forwarding.

RSVP: RSVP is often used in scenarios where QoS and resource reservation are critical, such as in real-time multimedia applications or network environments with strict bandwidth requirements.

In summary, LDP and RSVP serve different functions in MPLS networks. LDP is focused on label distribution for MPLS forwarding, while RSVP is used for resource reservation and QoS provisioning. LDP is more suitable for general MPLS forwarding, while RSVP is beneficial for applications that require specific QoS guarantees and traffic engineering capabilities.

 

PARAMETER	LDP	RSVP
Abbreviation for	Label Distribution protocol	Resource Reservation Protocol
Provisioning	Easy to configure. We just need to enable on interfaces. Label bindings automatically established for specific FECs	Complex configuration
Topology	LSPs from multiple ingresses use the same label to reach the egress (multi-point to point LSP)	RSVP sets up independent point to point LSPs.
QoS	Limited	Guaranteed resources
LSP setup initiation	Egress initiates the LSP setup	Ingress initiates the LSP setup.
Requirement	If primarily LSPs need to be set up, LDP should be used	If you require traffic engineering and resources reservations, use RSVP (-TE).
Scalability	High	Low
ECMP	Possible	Not Possible
Fast Reroute (FRR) support	No	Yes
IGP based decision making	LDP follows IGP for decision making	RSVP does not follow the IGP, and take independent decisions on the reserved traffic

                 

 

What is difference between Hard Reset and soft reset in BGP ?

In the context of BGP (Border Gateway Protocol), the terms "hard reset" and "soft reset" refer to different ways of resetting or restarting BGP peering sessions with neighboring routers. Here are the differences between the two:

Hard Reset:

A hard reset in BGP involves completely tearing down the BGP peering session with a neighboring router and then reestablishing it from scratch. When a hard reset is performed, all BGP routes and routing information exchanged with the neighbor are lost. The BGP session is terminated, and a new session is initiated, requiring the routers to exchange BGP updates and reestablish their routing tables. A hard reset is typically initiated manually or by explicitly clearing the BGP session. It is a more disruptive method and can lead to temporary routing instability during the reset process.

Soft Reset:

A soft reset in BGP is a less disruptive method of resetting the BGP peering session. Instead of tearing down the entire session, a soft reset involves refreshing the BGP session and re-advertising the existing BGP routes to the neighbor. The router sends a request to the neighbor to retransmit its BGP routes, and the neighbor responds by re-sending the routes it previously advertised. This allows the router to update its local routing table without completely restarting the BGP session. A soft reset is typically initiated to refresh the routing information or to trigger a synchronization of BGP routes between the routers without causing major disruptions to the network.

In summary, a hard reset in BGP involves terminating and reestablishing the BGP peering session, resulting in a complete loss of routing information. A soft reset, on the other hand, refreshes the BGP session by re-advertising the existing routes, allowing for an update of the routing table without tearing down the session. The choice between a hard reset and a soft reset depends on the specific requirements and objectives of the network administrator or operator.

Basis	Hard Reset	Soft Reset
Goal	The TCP session with the BGP neighbour is killed by Hard Reset, and it must be restarted. It terminates the TCP connection between the peers, re-establishes the connection with a BGP open message, and resumes normal peer-to-peer message exchanges.	There are two types of soft resets: 1. Soft reset with Route refresh: A soft reset with Route refresh allows BGP peers to seek an update without destroying the neighbour relationship. 2. Soft-reconfiguration: Because the route-refresh request is not issued to the BGP neighbour, soft-reconfiguration stores a copy of BGP routes sent in the BGP update from our peer.
Direction	The direction of connection in hard reset can be both in and out.	The direction of connection in soft reset is either in or out.
Utilization of memory	It does not necessitate any additional RAM to store another table.	It necessitates more RAM because the router now stores two BGP tables for each neighbour instead of one.
Impact	The hard reset has the potential to drastically impair network connectivity	Only those prefixes affected by the policy change will be affected by the soft reset.
Use Case	When a soft reset fails to resolve the problem, a hard reset should be utilised as a final resort.	The soft technique is the most popular and widely employed.
Prerequisite	There are no requirements for this activity.	In soft reset with the Route refresh functionality, both peers may be required to provide the Route Refresh capability.
Rate Of Convergence	Because processing the entire table takes a lengthy time, it necessitates an extremely long convergence time.	Its convergence time is significantly less than that of a hard reset.
Commands Used	clear ip bgp {* | neighbor ip | peer-group}	clear ip bgp {neighbor ip} soft out clear ip bgp {neighbor ip} soft in