STP Layer 2 attack – Manipulating Spanning Tree Protocol settings
January 17, 2012
Security - layer 2
Redundant links are always welcome in switch topology as they are increasing the network’s availability and robustness.
Redundant links, if we look at them from layer 2 perspective, can cause Layer 2 loops. This is simply because TTL (Time To Live) field of the packet is found in Layer 3 header and L2 doesn’t have such a field.
On L3, this means that TTL number will be diminished only when the packet is passing through the router. There is no way to “kill” a packet that is stuck in layer 2 loop. This situation can result in broadcast storms.
Fortunately, Spanning Tree Protocol (STP) can allow you to have redundant links while having a loop-free topology, thus preventing the potential for a broadcast storm.