I'm looking online for definitions of each, but I'm confused as some websites say STP uses only two types of flags; while others refer to TCN, TC, and TCA flags. Are they three separate types of flags? What is the use of each in STP?
Spanning Tree Protocol – What Flags Are Used in BPDUs in STP
spanning tree
Related Solutions
First, like the others have mentioned you have no bridging loop here due to running a Portchannel. That said, running STP is still fine. Let me clear some confusions on how these commands work on Cisco switches.
spanning-tree portfast trunk
This command is supposed to be run on trunk ports towards non bridging devices, such as a server with multiple VLANs or a router. This command should not be run on trunks towards switches because the port will bypass the listening and learning phase which could potentially create a bridging loop.
If you have an interface configured like this:
interface x/x
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
BPDU guard will never kick in because BPDU filter is filtering both the outgoing and incoming BPDUs. This also means that the port can never lose its Portfast status which it would normally do if BPDUs were received inbound. If you remove the filter then BPDU guard will kick in and shutdown the port if a BPDU is received. This is done before the port can lose its Portfast operatational state so basically the port will always operate in Porfast operational mode.
If you apply the commands globally instead:
spanning-tree portfast default
spanning-tree portfast bpdufilter default
spanning-tree portfast bpduguard default
The first command enables Portfast on all access ports.
When BPDU filter is applied globally, the difference is that it sends out 11 BPDUs before going silent. Because normally one BPDU is sent out every 2 seconds and the default MaxAge is 20 seconds that means that if there is a device at the other end that can process BPDUs, at least one BPDU would be received when the old BPDU (if there was one) has expired.
If a BPDU is received inbound when BPDU filter is applied globally then the port stops filtering and it will lose its Portfast status.
The BPDU guard default command will only apply to ports that are in a Portfast operational state.
If you combine these three commands together then what will happen is that when a BPDU is received the port loses its BPDU filter, BPDU guard can then kick in. The port will never lose its Portfast operational state because the port is shutdown before.
So you see when applied to the interface BPDU guard can never kick in but if you apply it globally it can.
If you run just Portfast globally and BPDU filter globally then if a BPDU comes in, the port loses the filter and loses the Portfast operational state and will operate as a normal port.
Stack mode is not recommended for a pair of core switches as it is a shared control plane / single point of failure and software upgrade will result in core outage. This is not acceptable design. The core should aim for better than 99.999% uptime (5m 15.6s / year).
Use Dell's VLT instead.
Best Answer
802.1D STP has configuration BPDUs sent by the root bridge. The designated bridges relay these BPDUs on their designated ports. All BPDUs flow from the root. With 802.1D, a port going up or down will generate a topology change, unless portfast has been configured on the port.
When a switch detects a topology change it will generate a TCN BPDU, which is a special BPDU. This BPDU is sent on root port. This BPDU must be acknowledged by the upstream switch until the TCN eventually reaches the root.
After the TCN BPDU has reached the root bridge, the root bridge will send out configuration BPDU with TC bit set. The root does this for MaxAge + FWD_DELAY seconds which is 20 + 15 seconds by default, for a total of 35 seconds.
When the switches receive this BPDU with TC set, they will shorten the timeout of the MAC address table to flush out stale entries. The timeout is then set to 15 seconds, so stale entries will be removed but active flows will be relearned through the now active ports.
If using 802.1w then there is a synchronization process through a proposal and agreement mechanism. With RSTP, only ports moving to forwarding can create topology changes. This makes sense since only adding connectivity should be of concern.
With a RSTP switch, when it detects a change it will set the TC bit in its BPDUs, the switch receiving this BPDU will then flush all MACs learned except for the port on where the BPDU was received. This will repeat throughout the network until the topology has converged.
There are some more details in some of my blog posts:
Topology change
RSTP synchronization
MST convergence
STP convergence