Are VTP Advertisements Sent over Spanning Tree Blocked Links?
In a Virtual Terminal Protocol (VTP) domain there are 6506 switches, 4912G units and many 35xx units. There are more than 64 VLANs in use, so there are no redundant links due to the 35xx restriction of 64 spanning trees.
Should this be split into three VTP domains to make sure there are no more than 64 VLANs on any 35xx? In this scenario, some of the switches would be connected to one neighbour in the same domain but to other neighbours in other domains. How can we ensure that the first link is not spanning tree blocked for VTP to work?
First, VTP is passed on VLAN 1 and
can be sent and received through blocked
ports.
Second, spantree topology and VTP are totally independent. So, spantree would still block
or forward normally on a link regardless of whether
the switches on each side are in different VTP
domains.
Similar Messages
-
Why the host ports are also seen in the spanning-tree output ?
Why the host ports are also seen in the spanning-tree output ?
Switch1#show spann
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0000.0CA2.138B
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0000.0CA2.138B
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/15 Desg FWD 19 128.15 P2p
interface FastEthernet0/15
description PC0 Interface
switchport mode access
spanning-tree portfast
interface FastEthernet0/16
I read somewhere that all the ports of a switch will participate in STP by default. Is there any way to remove the STP operation on host ports ?
Regards,
ChanduAll ports participate in Spanning Tree by default.
Spanning tree is there to block redundant L2 paths in order to prevent loops. All ports are capable of causing a loop so you would not want to turn spanning tree off, in fact I don't think you can switch it off on a per port basis. You can switch it off on a per vlan basis.
You are already using portfast which allows host ports to transition into a forwarding state without going through the listening and learning states of STP. If you switch off STP on a port, you risk the chance of a L2 loop.
https://supportforums.cisco.com/docs/DOC-5180 -
SF 300 Serires switch not participating in spanning tree?
I just purchased an SF300-24 managed switch and I am running it in layer3 mode. I am testing it out right now and have it connected to two 2950 switches. The SF300 is connected to each 2950 with a four port etherchannel running LACP. When looking at spanning tree all three switches are configured the same when it comes to hello, forward, max age and all three are in RSTP mode. I adjusted the priorities so that the SF300 would be the root but that is not happening.
I only have one VLAN as of right now set up and connectivity between the three switches is fine. The only problem seems to be that the two 2950 switches are the only two switches involved in the determination of the root bridge. Additionally it was the same way before I configured the etherchannel and had the switches connected over single trunk lines.
I would appreciate if someone can expain to me why this is?
Thanks in advance./* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Thanks for your help but know I still cannot get the three devices to talk MST either,it is getting frustrating. If i add a redundant link and directly connect the two 2950's they immediately talk and configure MST. But when I remove that link no info is passed and both 2950's think they are the root even though the SF 300 priority is 0 on all three MST instances. On the SF300 I have the following settings:
Spanning tree: enabled
STP Operation Mode: Multiple STP
BPDU Handling: Flooding
Path Cost: Long
Region name: test
Revision: 1
Max Hops: 20
Max-age: 20
Hello Time: 2
Forward Delay: 15
MST instance 1 Vlan 100
Bridge Priority 0
Designated Root Bridge: Self
Root port: 0
Root path cost: 0
MST instance 2 Vlan 2-5
Bridge Priority 0
Designated Root Bridge: Self
Root port: 0
Root path cost: 0
MST instance 0 all vlans not in instance 1 and 2
Bridge Priority 0
Designated Root Bridge: Self
Root port: 0
Root path cost: 0
For MST interface Settings (both LAGs/instances are thesame)
Int Priority: 128
Path Cost: 20000
Port State: Boundary
Mode: RSTP
Type: Boundary
Designated port ID: 128
Designated Cost: 0
Remain Hops: 20
Forward Transitions: 1
The 2950 switches: (The only difference on the other switch is that the priority is 8192, and the MACs of course)
MST00 is executing the mstp compatible Spanning Treeprotocol
Bridge Identifierhas priority 4096, sysid 0, address 000b.460e.e040
Configured hello time 2, max age 20, forward delay 15
Current root haspriority 0, address 6c50.4dcb.334b
Root port is 65 (Port-channel1), cost of root path is 50000
Topology change flag not set, detected flag not set
Number of topology changes 7 last change occurred 00:18:54 ago
from Port-channel1
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0
Port 65 (Port-channel1) of MST00 is root forwarding
Port path cost 50000, Port priority 128, Port Identifier 128.65.
Designated roothas priority 0, address 6c50.4dcb.334b
Designatedbridge has priority 0, address 6c50.4dcb.334b
Designated port id is 128.1000, designated path cost 0
Timers: message age 4, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type ispoint-to-point by default, Boundary RSTP
BPDU: sent 571,received 568
MST01 is executingthe mstp compatible Spanning Tree protocol
Bridge Identifierhas priority 4096, sysid 1, address 000b.460e.e040
Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree
Topology change flag not set, detected flag not set
Number of topology changes 9 last change occurred 00:18:55 ago
from Port-channel1
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0
Port 65 (Port-channel1) of MST01 is boundary forwarding
Port path cost 50000, Port priority 128, Port Identifier 128.65.
Designated root has priority 4097, address 000b.460e.e040
Designated bridge has priority 4097, address 000b.460e.e040
Designated port id is 128.65, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type ispoint-to-point by default, Boundary RSTP
BPDU: sent 598,received 0
MST02 is executingthe mstp compatible Spanning Tree protocol
Bridge Identifierhas priority 4096, sysid 2, address 000b.460e.e040
Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree
Topology change flag not set, detected flag not set
Number of topology changes 9 last change occurred 00:19:50 ago
from Port-channel1
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0
Port 65 (Port-channel1) of MST02 is boundary forwarding
Port path cost 50000, Port priority 128, Port Identifier 128.65.
Designated root has priority 4098, address 000b.460e.e040
Designated bridge has priority 4098, address 000b.460e.e040
Designated port id is 128.65, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type ispoint-to-point by default, Boundary RSTP
BPDU: sent 611,received 0
I notice that on MST01 and 02 they are not receiving BPDU’s,but I am not sure why or if that is the problem. It appears that the SF 300 is not sending BPDU packets for MST01 and 02, but is sending them for MST00. I also attached a capture. I captured the VLAN info for VLAN 100 which is in MST1. on the SF300, it appears that the SF 300 is recieving STP traffic but not generating any. -
Spanning-tree not working: SG500 to Cat3650
Hi All,
Trying to turn up a new site. I have 2 switches: Cat 3650 & SG500-52P. I want to connect up two ethernet cables between these switches in the event one fails, STP will put the blocked one in forwarding. However, when I connect up the 2nd ethernet cable, I get the following:
IPADTBL-N-IPDUPLICATE: Duplicate IP address 192.168.5.232 from MAC a0:ec:f9:ef:6a:18 was detected on VLAN 1, port gi1/1/24
This log message is then followed by the network locking up & crashing until I remove the 2nd cable (i.e. STP Loop). Removing the redundant cable solves the problem. This is because STP is allowing both links to transitioning to forwarding state (confirmed in show spanning-tree & show cdp neighbor).
Why is spanning-tree not correctly blocking one of the lines? Is that type of architecture not supported when there is an SG300/500 in the equation?
Configs below:
Core 3650: (box configs basically)
Switch#show run
Building configuration...
Current configuration : 2686 bytes
! Last configuration change at 10:01:53 UTC Thu Jan 22 2015
! NVRAM config last updated at 09:24:03 UTC Thu Jan 22 2015
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
hostname Switch
boot-start-marker
boot-end-marker
vrf definition Mgmt-vrf
address-family ipv4
exit-address-family
address-family ipv6
exit-address-family
logging console emergencies
enable secret 5 $1$Qi5N$u/5q1HESY/TyQsPFNKVah1
no aaa new-model
clock timezone UTC -6 0
clock summer-time UTC recurring
switch 1 provision ws-c3650-24ts
ip device tracking
diagnostic bootup level minimal
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1 priority 24576
redundancy
mode sso
class-map match-any non-client-nrt-class
match non-client-nrt
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
interface GigabitEthernet1/0/1
interface GigabitEthernet1/0/2
interface GigabitEthernet1/0/3
interface GigabitEthernet1/0/4
interface GigabitEthernet1/0/5
interface GigabitEthernet1/0/6
interface GigabitEthernet1/0/7
interface GigabitEthernet1/0/8
interface GigabitEthernet1/0/9
interface GigabitEthernet1/0/10
interface GigabitEthernet1/0/11
interface GigabitEthernet1/0/12
interface GigabitEthernet1/0/13
interface GigabitEthernet1/0/14
interface GigabitEthernet1/0/15
interface GigabitEthernet1/0/16
interface GigabitEthernet1/0/17
interface GigabitEthernet1/0/18
interface GigabitEthernet1/0/19
interface GigabitEthernet1/0/20
interface GigabitEthernet1/0/21
interface GigabitEthernet1/0/22
interface GigabitEthernet1/0/23
interface GigabitEthernet1/0/24
interface GigabitEthernet1/1/1
interface GigabitEthernet1/1/2
interface GigabitEthernet1/1/3
interface GigabitEthernet1/1/4
interface Vlan1
ip address 192.168.5.230 255.255.255.0
ip default-gateway 192.168.5.1
ip http server
ip http secure-server
line con 0
exec-timeout 0 0
stopbits 1
line aux 0
line vty 0 4
password scrubbed
login
line vty 5 15
password scrubbed
login
wsma agent exec
profile httplistener
profile httpslistener
wsma agent config
profile httplistener
profile httpslistener
wsma agent filesys
profile httplistener
profile httpslistener
wsma agent notify
profile httplistener
profile httpslistener
wsma profile listener httplistener
transport http
wsma profile listener httpslistener
transport https
ap group default-group
end
SG500 Switch:
switchff1182#show run
config-file-header
switchff1182
v1.3.0.62 / R750_NIK_1_3_647_260
CLI v1.0
set system mode switch queues-mode 4
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
hostname switchff1182
no passwords complexity enable
username cisco password encrypted scrubbed privilege 15
ip ssh server
snmp-server server
no ip http server
ip telnet server
interface vlan 1
ip address 192.168.5.231 255.255.255.0
no ip address dhcp
exit
ip default-gateway 192.168.5.1Hi Peter,
Thanks for replying. Unfortunately (or fortunately if it worked), STP is running and BPDU's are flooding below:
SW500A#show spanning-tree
Spanning tree enabled mode RSTP
Default port cost method: long
Root ID Priority 24577
Address a0:ec:f9:ef:6a:00
Cost 20000
Port gi1/1/43
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address 2c:3e:cf:ff:11:82
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
SW500A#show spanning-tree bpdu
Global: Flooding
I guess I'm doing etherchannels instead of redundant links :-/
This is one of many reasons why I regret these small business models being made; A lot of things that are polished and functional in the enterprise grade (i.e. real switches) just don't seem to work on these units. But unfortunately, as the price is significantly cheaper, companies will continue purchasing these over the better quality units, and engineers like myself will be stuck working with the cut-corners version of a Cisco switch. -
"Peer-switch" command on vPC domain and spanning-tree priority interaction
Hi guy,
We have 2 N7K (N7KA and N7KB) which will be running vPC in hybird and pure vPC environment.
I have a question about the Hybird and pure vPC environment. With the "peer-switch" command enable, should i tune the spanning-tree priority to be the same for all the vlan running on vPC on both N7KA and N7KB? This way, when i enter the "sh spanning-tree vlan X(vPC vlan) detail" command on N7K, it will list both N7K announc itself as "We are the root of the spanning tree".Also the switch running spanning-tree with N7K vPC vlan (Hybird), will see both N7K has the same priority (4096), and it is not desirable for a spanning-tree environment. Therefore, i used the "spanning-tree pseudo-information" on N7KB to tune the spanning-tree priority to "8192" and the switch running spanning-tree with N7K will list N7KB has a priority of 8192(perfect).
However, I notice some strange "show" output on the switch running Port-channel with the N7KA and N7KB. The "Designated bridge" priority is flapping as show on the switch. It is constantly changing between "4096 and 8192" with the same vPC system wide mac address.
Entering the "sh spanning-tree vlan X detail" command repeatly on switch with port-channel toward N7KA and N7KB.
>>sh spanning-tree vlan 10 detail
Port 65 (Port-channel1) of VLAN10 is root forwarding
Port path cost 3, Port priority 128, Port Identifier 128.65.
Designated root has priority 4106, address 0013.05ee.bac8
Designated bridge has priority 4106, address 0013.05ee.bac8
Designated port id is 144.2999, designated path cost 0
Timers: message age 15, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
BPDU: sent 5, received 603
one sec later.
>>sh spanning-tree vlan 10 detail
Port 65 (Port-channel1) of VLAN10 is root forwarding Port path cost 3, Port priority 128, Port Identifier 128.65. Designated root has priority 4106, address 0013.05ee.bac8 Designated bridge has priority 8202, address 0013.05ee.bac8 Designated port id is 144.2999, designated path cost 0 Timers: message age 15, forward delay 0, hold 0 Number of transitions to forwarding state: 1 Link type is point-to-point by default BPDU: sent 5, received 603
Configuration:
N7KA
spanning-tree vlan 1-10 priority 4096
vpc domain 200
peer-switch
N7KB
spanning-tree vlan 1-10 priority 4096spanning-tree pseudo-information vlan 1-10 designated priority 8192
vpc domain 200
peer-switchWe have a issue similar to this in our environment. I am trying to upgrade the existing 3750 stack router with 2 Nexus 5596 running VPC between them. For the transition I have planned to create a channel between 3750 stack and 5596's. Once this environment is set, my plan is to migrate all the access switches to N5k.
The issue is when I connect the 3750 port channel to both N5Ks, all the Vlans on 3750 started to flap. If I connect the port channel to only one N5K everything is normal; but when I connect the port channel to both N5K running VPC, vlans are flapping. Any idea what is going wrong here? Am I missing something? -
How to implement uplink redundancy and spanning tree in SFP-300 switches
We have several Small Business 300 Series Managed Switches, the 10/100 ones with PoE, the first generation ones.
We've been advised to implement uplink redundancy and spanning tree on these switches.
I'm sure spanning tree is a checkbox somewhere in the web interface.
How does one implement uplink redundancy besides interconnecting the switches plus turning on spanning tree (RSTP)??
Thank you, Tom
P.S. I also tried to file a service request but it does not work, I get: "Error 500: Request processing failed; nested exception is java.lang.NullPointerException"Hello Thomas,
Thanks for using the Cisco Small Business eSupport Community. I've looked through the articles that are available in our Knowledge Base and found a few that I hope will be able to assist you in setting up spanning tree and link redundancy on your SFP300s:
In regards to link redundancy, the following article on LAG can hopefully provide some guidance:
Link Aggregate Group (LAG) Configuration on 200/300 Series Managed Switches
And for your question on setting up STP, here are a few articles with additional information:
Configure Spanning Tree Protocol (STP) Status and Global Settings on 200/300 Series Managed Switches
Setup Spanning Tree Protocol (STP) on a Interface on the 300 Series Managed Switches
I hope that this information helps! Please remember to mark your question as answered and rate if this solves your problem.
Best,
Gunner -
I am having an issue where 2 2960X-48FPD-L Switches in a redundant flexstack (stack port 1 SW1 to port 2 SW2 and port 2 SW1 to port 1 SW2) ring.
At first running the 15.0(2).EX5 (and earlier EX3, and EX4) version IOS yielded all the ports on the stack master switch refusing to run spanning tree and would only link in amber and not pass any traffic other than CDP information (the slave switch linked in fine).
I upgraded to 15.2(3)E and this solved the problem of the ports not linking in green and participating in spanning tree.
Now, however, about every week or two I lose connectivity to the switch stack and I was able to go to the switch stack locally and found that for some reason the switch stack is blocking and unblocking VLANs on StackPort1 frequently (see below). When I was at the site, I sometimes had connectivity, sometimes not. A stack hard reboot brought everything back up, but this is the second time this has occurred and I would expect the same problem in the next week or so.
Has anyone else run into these issues, and have you found a solution?
I'm guessing that if I either get rid of the redundancy on the switch stack or stack using Ethernet cables between switches the problem will go away, but then what is the point of using stackable switches in a non redundant low speed stack. It seems to me that Spanning tree thinks that I have a spanning tree loop going on with the stack ports which I didn't even think was possible.
What do you think?
Jim
_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:02:59: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
Mar 11 09:03:16: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:03:27: %SPANTREE-2-BLOCK_PVID_PEER: Blocking StackPort1 on VLAN0307. Inconsistent peer vlan.
Mar 11 09:03:42: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
Mar 11 09:03:46: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:03:47: %SPANTREE-2-BLOCK_PVID_PEER: Blocking StackPort1 on VLAN0307. Inconsistent peer vlan.
Mar 11 09:04:12: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
Mar 11 09:04:22: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:04:56: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:05:13: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 207 on StackPort1 VLAN307.
Mar 11 09:05:13: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking StackPort1 on VLAN0307. Inconsistent local vlan.
Mar 11 09:05:30: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:06:00: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:06:04: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
Mar 11 09:06:32: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:07:02: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:07:03: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 207 on StackPort1 VLAN307.
Mar 11 09:07:03: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking StackPort1 on VLAN0307. Inconsistent local vlan.
Mar 11 09:07:34: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
Mar 11 09:07:45: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.Jim,
We have also the same problem with our 2960-X switches (access) connecting to a pair of 4500x (VSS) except our issue is with Portchannel with 2 physical links connecting the 2960xs to the 4500.
If we disconnect one of the physical links from the portchannel everything works fine, but when we connect the same physical link back all users lose connectivity and the physical link starts flapping. Here are some of the messages we see in the logs when both physical links are in the portchannel:
Mar 10 18:00:43 EST: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on Port-channel5 VLAN90.
Mar 10 18:00:43 EST: %SPANTREE-2-BLOCK_PVID_PEER: Blocking Port-channel5 on VLAN0001. Inconsistent peer vlan.
Mar 10 18:00:43 EST: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking Port-channel5 on VLAN0090. Inconsistent local vlan.
Mar 10 18:00:58 EST: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel5 on VLAN0001. Port consistency restored.
Mar 10 18:00:58 EST: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel5 on VLAN0090. Port consistency restored.
Mar 10 18:01:29 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to down
Mar 10 18:01:37 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to up
Mar 10 18:01:48 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to down
Mar 10 18:01:51 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to up
We have upgraded to 15.0(2a).EX5 and still have the same issue.
We have a ticket open with Cisco and have sent them all the logs and debugs and waiting to hear back from IOS developers.
HTH -
Setting up ML cards in 454 so that Spanning Tree one side blocks
Currently we have two ML 1000 cards in our Main ONS 454. We have spanning tree set up on a 3560G switch that brings the IP portion of the SONET to all the other 310's in our network. Now when I do a sh spanning tree on the both ports on the switch that go up to ports 1 on the ML 1000 cards it shows me that both are in forwarding mode. How do I set this up so that one of the is blocking?
ThanksHi,
if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
it should remain like this:
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it. -
Technical Details:
The website does not support encryption for the page you are viewing.
Information sent over the internet withour encryption can be seen by other people while it is in transit
== This happened ==
Not sure how often
== started few days ago. previously never happened before.I was loading a website, it then stated as below, it wasnt any of the problems stated below.
SERVER NOT FOUND
# Check the address for typing errors such as
ww.example.com instead of
www.example.com
# If you are unable to load any pages, check your computer's network
connection.
# If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.
Thus i checked the Page Info, it states that:
Security Info on page:
'''This website does not supply ownership information.
Connection not Encrypted.'''
Technical Details:
The website does not support encryption for the page you are viewing.
Information sent over the internet withour encryption can be seen by other people while it is in transit -
SGE2010 switches, VLAN's and a blocked port in spanning-tree
Folks,
I have 2 switch groups.
2 SGE2010's with VLAN's defined as 10,20 and 30
Vlan 10 is the management VLAN, and it uplinks to our border router.
Vlan 20 is the workstation VLAN, and all workstations point to the switch as their default GW
Vlan 30 is the ip phone VLAN, and all phones use this as their gateway.
I would like to put a LAG between said switches, we have some servers on the ip phone switch that need to be accessed by the workstation clients, and the single 100mb link through the router is probably not going to be enough.
As I understand it, because the switches have different networks on them, a simple lag will not work. I did create a lag, and assign ip addresses to each side, however in that mode, it doesn't appear I can block vlan 10 from transiting the LAG, and with out that block I will end up with a logical loop, and spanning-tree will block one of the uplinks, or the LAG itself.
I have attached an image with a diagram of our current set up.
Any help/advice would be much appreciated.Tom,
I remember our conversation a few weeks ago. I did not get a chance to have a go at MSTP, mainly because I have no expierence with it, and looking at the configuration properities, it looks a little daunting.
It has also been a very busy few weeks with the deployment of 200+ phones across several sites, and the system is functioning great with out the LAG trunk, I am just trying to plan for the future.
I made a few postings a few weeks ago, one here and one on the Cisco forums on reddit, and a user there gave me some advice I have been unable to make work (I think it's just wrong), but I would love to go this route if it is in fact possible.
Here is the thread : http://www.reddit.com/r/Cisco/comments/x91tc/vlan_trunks_spanning_tree_and_a_port_blocked/c5kskch
This user implies it's possible to block a VLAN across the LAG which would end the logical loop problems.
It looks like his advice is to make the LAG into a trunk, and then block specific VLAN's from transiting it, but in trunk mode, I can't assign it an IP, so I am sorta wondering how exactly you transport packets across it.
Can you confirm that his advice is in fact incorrect?
If MSTP is my only route, then I suppose it's time to dig into the docs and see If I cant get it up and running. -
What quality loss is there when cam videos are compressed sent over email?
What quality loss is there when sending videos taken with the iPhone 3GS over email? It seems that it's being compressed in preparation for being sent over email.
Hi Ric,
The Canopus ADVC-100 works fine with FCE. Here are a few tips -
First, make sure you only connect or disconnect it from your Mac when both your Mac and the ADVC-100 are turned off. Make sure that your camera video-out is connected to the s-video port on the front of the ADVC-100. Ditto for the audio connections. Only DIP switch 2 (IRE level) should be in the ON position. Connect a FW cable from your Mac to the 6-pin FW port on the back of the ADVC-100.
Second, once they are connected via FW, make sure the ADVC is turned on and actually in analog-in mode before you start FCE. I have often found the ADVC-100 resets this mode by itself after being turned off or idle for an extended time. (All you need to do is hit the silver button once or twice, depending on the current mode, in order to switch it into Analog-in mode.) If it is not in this mode, FCE will not detect the ADVC and will act as if there is no device connected. (Normally there is a warning message if FCE fails to find a camera or ADVC connected however if you turned off that message at some earlier time you would not see it again.)
Third, you can use either the DV-NTSC or DV Converter easy setup in FCE. I have used both with my ADVC-100 and they both work. -
LMS4.1: blocking Topology Spanning Tree View
Hello,
After selecting a VLAN in Topology's Spanning Tree View to want see forwarding and blocked ports, all TopologyView Windows hangs for ever (>15min, reproduceable). The cancel button doesnt work, killing from task manager is the only possibility to stop.
The managed network is a Multiple Spanning tree where a HP device is the root bridge for migration reasons.
SteffenSorry but that's not a currently offered feature.
It would be nice - the Netsys product that Cisco acquired 18-1/2 years ago (and subsequently abandoned) used to do this quite nicely. -
Spanning tree and blocked ports
Hello
I have a network built with 5 3560 switches. They are linked together over 6 fiber gigabit links. Two of them are for redundancy. I set up STP and all works fine. STP root is on the same switch for all VLANs.
But I'm wondering why blocked links are only show state blocked on one of the two connected switches. I've read the docu but didn't found a hint.
Thanks for any comment.
ThomasI guess your question in fact translates to: why is there only one side of my redundant link that is blocking instead of both ends. There are several possible answers to that:
First, because blocking one side is enough;-)
But the an explanation I prefer is to remind that STP cannot know that this link is a fiber going to a single neighbor bridge. This link could be connected to a hub, where on the top of the neighboring bridge there would be some hosts (PCs, routers etc...). To put it short, STP must provide connectivity to this link. That's why *every* link has a designated port that connects it to the root bridge.
Hope this helps;-)
Francois -
Hi All,
We tried to create a redudancy link between 3 building. When we connect the 3rd link (Red Line) and keep receiving the following error message.
*Nov 3 19:27:44.932: %SW_MATM-4-MACFLAP_NOTIF: Host 6c41.6a13.3580 in vlan 17 is flapping between port Gi4/0/44 and port Gi1/1/1
*Nov 3 19:27:44.957: %SW_MATM-4-MACFLAP_NOTIF: Host 001e.0b66.8561 in vlan 19 is flapping between port Gi4/0/44 and port Gi1/1/1
*Nov 3 19:27:44.965: %SW_MATM-4-MACFLAP_NOTIF: Host 88ae.1dad.2fd3 in vlan 19 is flapping between port Gi1/0/4 and port Gi1/1/1
*Nov 3 19:27:45.032: %SW_MATM-4-MACFLAP_NOTIF: Host 0013.2304.49f6 in vlan 25 is flapping between port Gi1/1/1 and port Gi4/0/44
*Nov 3 19:27:45.074: %SW_MATM-4-MACFLAP_NOTIF: Host 0013.2304.4a1b in vlan 25 is flapping between port Gi1/1/1 and port Gi4/0/44
*Nov 3 19:27:45.091: %SW_MATM-4-MACFLAP_NOTIF: Host a01d.48b7.dcdb in vlan 19 is flapping between port Gi4/0/44 and port Gi3/0/28
*Nov 3 19:27:45.166: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.569e.6d67 in vlan 2 is flapping between port Gi4/0/44 and port Gi1/1/1
*Nov 3 19:27:45.234: %SW_MATM-4-MACFLAP_NOTIF: Host 0013.2307.764a in vlan 25 is flapping between port Gi1/1/1 and port Gi4/0/44
*Nov 3 19:27:45.275: %SW_MATM-4-MACFLAP_NOTIF: Host 28d2.4476.172f in vlan 17 is flapping between port Gi4/0/44 and port Gi1/1/1
I cannot figure out what is wrong with the setting. Any advise?Hey,
I suggest locating the original location of any of these machines from SW85 and then start looking the STP port states in other direction.
Say originally users are reachable over link G3/1/1 so ideally as per STP link G4/0/44 needs to be blocking for these user/vlans. Keep tracing the spanning tree port states over the other link and i am sure you will find something useful.
HTH.
Regards,
RS. -
Is there any way to turn off VTP advertisements - kind of like the way with trunk negotiation by setting both end of the link to "on" ?
I checked several websites with the client, server, and transparent modes and have no luck. Thanks for your assistance.IOS does not have the off mode yet (it's coming soon though). Your only solution is the transparent mode, where no VTP packets are created by the switch but where it still flood the one it receives.
Note that a switch in transparent mode uses the spanning tree for vlan 1 to flood the VTP packet it receives, so removing vlan 1 from the trunks should roughly achieve what the off mode does.
Regards,
Francois
Maybe you are looking for
-
Unaccounted alert sound on 1st gen unibody Macbook Pro
Greetings all, I am having a slight problem with my 1st gen unibody MacBook Pro. At seemingly random intervals it will play the 'Frog' sound without any user interaction. I have checked the Console and have not seen any messages. I have also made sur
-
Where can I download Photoshop CS6 extended?
How do I download Photoshop extended CS6 when I did not receive the DVD from PCMG?
-
Printing from Quicken 2003 delux
I just got the HP Officejet 6500 wireless. When I try to print checks from Quicken 2003 delux program, they are often in colors other than black or don't print at all with the error message about paper size anyone have any ideas what I am missing? Pr
-
ADF Faces + ADF BC : how to pass an url parameter to a backend business ser
Hi, I'm using latest JDev studio version SU 3. My project is using ADF Faces with BC4J in the service layer. I have a backend application module which exposes a method taking a String parameter as an input (ex: void setUsername(String username)) I ne
-
Can i upgrade leopard 10.5.8 to snow leopard
can i upgrade leopard 10.5.8 to snow leopard 10.6.