TOPIC
When the Spanning Tree Protocol is enabled on an Ethernet bridge or switch port to which a Macintosh system is directly attached the system may be unable to use AppleTalk services.
DISCUSSION
Systems Affected This issue affects AppleTalk communications on Macintosh systems ranging from the PowerBook 3400 to the latest G3 systems. TCP/IP based services are not affected. Symptoms The observed symptoms vary depending on several environmental factors. Differences in network topology, as well as differences in AppleTalk related values stored in system preference files can change the symptoms. Depending on your environment you may see one or more of the following symptoms. Environment One: This would be a typical situation when moving a system from one AppleTalk network to another. The symptoms you would observe are: 1) Soon after the Finder loads the following message appears: "Access to your AppleTalk network has been interrupted. To re-establish your connection, open and close the AppleTalk control panel" 2) Upon opening the AppleTalk control panel this message appears: "Your network number is no longer valid. It will be updated when the control panel is closed." As requested, open and close the AppleTalk control panel to update the saved the configuration information. By doing this you store the correct network number (for this network) into the AppleTalk preferences file and into PRAM. 3) A few seconds later the following message appears again: "Access to your AppleTalk network has been interrupted. To re-establish your connection, open and close the AppleTalk control panel" Open the Chooser, no zones are displayed in the zone list. If you select a service (for example, AppleShare Servers) you may see devices that are physically located on the same network, but devices located on other networks are not visible. The reason for this behavior is that by attempting to update the information (node, net, zone, etc.) associated with the interface (by opening and closing the AppleTalk control panel) it caused the Ethernet driver to reload. Reloading the Ethernet driver causes the link signal to drop thus causing the Spanning Tree Protocol to restart the convergence process. Environment Two: This would be a typical situation when installing a new system or zapping PRAM. The symptoms you would observe are: 1) Soon after the Finder loads the following message appears: "Your AppleTalk network has become available. To use the network, open the AppleTalk control panel, then close it. " 2) Upon opening the AppleTalk control panel this message appears: "Your network number is no longer valid. It will be updated when the control panel is closed." As requested, open and close the AppleTalk control panel to update the saved the configuration information. By doing this you store the correct network number (for this network) into the AppleTalk preferences file and into PRAM. 3) A few seconds later the following message appears again: "Your AppleTalk network has become available. To use the network, open the AppleTalk control panel, then close it. " Open the Chooser, no zones are displayed in the zone list. If you select a service (e.g. AppleShare Servers) you may see devices that are physically located on the same network, but devices located on other networks are not visible. The reason for this behavior is that by attempting to update the information (node, net, zone, etc.) associated with the interface (by opening and closing the AppleTalk control panel) it caused the Ethernet driver to reload. Reloading the Ethernet driver causes the link signal to drop thus causing the Spanning Tree Protocol to restart the convergence process. Environment Three: This would be a typical situation when the Spanning Tree Protocol is first enabled on an existing network. The symptoms you would observe are: 1) Soon after the Finder loads the following message appears: "Your AppleTalk network is now available." After receiving this message opening the Chooser results in what appears to be fully enabled AppleTalk services. You can browse the network and use it's services. Unfortunately you may have the same node ID as another system attached to the network and some communications may fail as a result. Environment Four: If your Macintosh is connected to a non-routed network the following symptoms appear: 1) In this environment there are no errors displayed by the Macintosh OS. From the perspective of the system everything is fine. All phases of the startup process completed successfully with no apparent difficulties. Unfortunately, there may still be difficulties. 2) One of the processes that occur during the startup process (if you have AppleTalk turned on) is that the system attempts to acquire a unique AppleTalk node ID. Unfortunately, with Spanning Tree enabled the switch may drop critical packets necessary for the Macintosh to discover if the node ID it has selected is in use by another system. If multiple systems do acquire the same AppleTalk node ID you can expect to see difficultis related to both performance and loss of services. Spanning Tree Background With the rapid deployment of layer 2 switches the use of the Spanning Tree Protocol has become common. Spanning Tree was originally developed for use with Ethernet bridges but has also been used in switches, since they themselves are layer 2 bridging devices. The Spanning Tree Protocol is an IEEE standard adopted in 1990 (IEEE 802.1D). Spanning Tree is a protocol designed to allow network designers to use layer 2 devices to create a loop free meshed topology. Loops in a layer 2 network can create packet storms, crippling a network and destroying network performance. Basic Bridge Operation The basic function of a bridge is to forward a packet from a source port to a destination port. The process involved in moving that packet involves multiple steps. Upon receiving a packet the bridge first looks in its address mapping table to determine if it has a known destination port for the packet. The bridge automatically builds the addressing mapping table by parsing the source address of packets it receives. It uses this address mapping table to determine where to forward packets. If the destination address is known, the bridge forwards that packet only to its destination port. If the destination address is not known, the bridge floods that packet over all the segments with the exception of the receiving one. This process works fine as long as there are no redundant paths in the network. Without Spanning Tree the given the topology examples described below would create serious issues. Example one: Redundant paths created when switches are connected together using more than one connection point.
In the above example system one and system two have two possible paths to each other. For example, the paths system one can use to get to system two are: - switch one/p1 -> switch one/p2 -> switch two/p3 -> switch two/p2. - switch one/p1 -> switch one/p3 -> switch two/p1 -> switch two/p2. Without Spanning Tree the packets are going to be transmitted to both switch one, and also to switch two, causing a loop. For example, if system one sends to system two, but neither switch has system two in its address table, the follow series of events occur. As you can see a loop has formed that would continue forever. Example two: Redundant paths created when switches are connected together using hubs to create paths.
Given this environment if system one sends to system two, but neither switch has system two in its address table the follow series of events occur. As you can see a loop has formed that would continue forever. Basic Spanning Tree Operation The purpose of Spanning Tree is to avoid and eliminate loops in the network by negotiating a loop free path. In the above examples, this means that one of the ports would need to be "disabled", or put into such a mode where it is not forwarding packets, but is still aware of the topology of the network. The basic algorithm built-in to the protocol effectively disables the redundant links within the network. In order to determine which links to disable the switches exchange special messages, called bridge protocol data unit (BPDU) frames, that allow them to calculate a Spanning Tree and hence the active topology. Although the Spanning Tree Algorithm is able to maintain a loop-free tree despite network changes, recalculation of the Spanning Tree is a relatively time consuming process. Standard Spanning Tree values for the maximum age of BPDUs (which is the length of time that BPDU information is kept) is typically twenty seconds. The forwarding delay time, which is the length of time that ports are to remain in each of the listening and learning states, is fifteen seconds. As a result, recalculation of the Spanning Tree following a network change takes approximately fifty seconds: twenty seconds for BPDU information to time out, fifteen seconds in the listening state and another fifteen seconds in the learning state. As BPDU information is updated and/or timed-out, the Spanning Tree is recalculated and ports may transition from the blocked state to the forwarding state and vice versa. Rather than transition directly from the blocked state to the forwarding state, ports transition through two intermediate states: a listening state and a learning state. The bridge remains in each state for a preset period of time, called the forwarding delay. In the listening state, a port waits for information indicating that it should return to the blocked state. If, by the end of the forwarding delay time, no such information is received, the port transitions to the learning state. In the learning state, a port still blocks the receiving and forwarding of frames, but received frames are examined and the corresponding location information is stored. At the end of a second forwarding delay time, the port transitions from the learning state to the forwarding state, thereby allowing frames to be forwarded and received at the port. It is very important to note that packet delivery is often delayed or fails completely as ports transition between states. That is, ports in the listening and learning states do not forward or receive frames. To the network users, these delays are perceived as service interruptions, which may present significant difficulties. In addition, certain applications, protocols (for example, AppleTalk address allocation and network discovery), or processes may time-out and shutdown during the reconfiguration process, resulting in even greater disruption to the network. Another disadvantage relates to subsequent message distribution. Following the reconfiguration process, messages are flooded across the network until the "new" destination ports are learned. Such flooding of messages can consume substantial communications and processor resources. Tuning Spanning Tree Parameters Changing Spanning Tree parameters, while resulting in fast convergence, may have unexpected and possibly detrimental results. Tuning Max Age down to the minimum value can result in BPDUs being discarded too early. During normal operation, the root bridge periodically transmits configuration BPDUs every hello time (usually every 2 seconds). These BPDUs are, in turn, propagated to bridges downstream from the root. If BPDU frames are inadvertently dropped, using a low value for Max Age may cause the bridge to trash its current configuration and recompute the Spanning Tree. Tuning Forward Delay down to the minimum value (typically 4 seconds) means that when transitioning from blocking to forwarding a port spends 4 seconds in the listening state and 4 seconds in learning state. This means that there is only a 8 second window in the listening and learning states in which a BPDU indicating a loop must be received and processed. Setting this value too low may not account for the fact that BPDUs may be inadvertently dropped and can result in a loop and possibly a broadcast storm. The information below provides descriptions of common Spanning Tree tunable parameters. Common Spanning Tree Optimization Parameters:
Solutions to Problems with Dynamic Address Allocation Disable Spanning Tree Spanning Tree can usually be selectively disabled on the switch ports to which systems (Macintosh) utilizing dynamic address allocation are attached. In general, there is no benefit to having Spanning Tree enabled for a port to which there is a single workstation attached. To create a loop in such an environment the end user would need to have access to an Ethernet hub with two uplink ports, or two cross-over cables, as well as access to two switch ports. Enable Fast Convergence Several switch manufacturers have extended the Spanning Tree Protocol to allow the convergence time to be reduced. One of the enhancements usually available is the ability to safely and quickly move the port from the blocked state (listening and learning) to the forwarding state. For example, if the bridge detects a single device attached to a port it can quickly assume that no other bridges are attached to that port and move the port to the forwarding state almost immediately. Check the manufacturers documentation for specific information on how to configure this option for your switch. For example, Cisco has an option called "portfast" that can be enabled on most of their switches. Tune the Forward Delay Timer The Forward Delay timer can be tuned down to the minimum value. This value can usually be tuned down to a few seconds, which would give the switch enough time to move to the forwarding state before the address allocation packets were sent by the system. If you do choose to use this solution you must set these timers in the root bridge. The root bridge is the bridge that transmits these timer settings to all other designated bridges. Although you can set these timers on any bridge only the root bridge can effect the over-all environment. Questions and Answers Q. Why does it only affect newer Macintosh systems? A. The newer systems boot faster causing the packets used for AppleTalk address assignment to be sent while the port is still in the blocked state. Q. Is Apple planning to change the way AppleTalk addresses are allocated to fix the problem. A. Apple currently has no plans to change the algorithms used for AppleTalk address assignment. |
||||||||||||||||||||
| Document Information | |
| Product Area: | Communications-Networking |
| Category: | LocalTalk-EtherTalk-Token Ring |
| Sub Category: | EtherTalk and Ethernet |
Copyright © 2000 Apple Computer, Inc. All rights reserved.