Method-long Spanning-Tree Cost - Nexus and VSS

Similar Messages

• Spanning-tree cost

  I'm practicing spanning-tree with two 2950 switches (Ver 12.1). I have 3 trunks and 3 vlans. I try to change the cost of the interface (for the 3 vlans) and only 2 vlans change the value after I apply the command. The command is "spanning-tree cost 1" in interface mode. Is there any explanation as why only two of the vlans change the cost? I hope to be clear on the scenario.

  Hello Francisco,
  as Toshi has explained STP calculstes the cost to the root bridge but it does it by adding the local port cost that receives the BPDU to the path cost in the BPDU.
  A switch advertises out its ports not in STP blocking state a BPDU modified in the following manner:
  the sender bridge id is that of the local switch
  the port id is that of the outgoing port
  the total cost to reach the root bridge is:
  cost received on root port + cost of root port
  notice that only port-id changes from port to port.
  This is different from what happens with routing protocols where the cost is added on the outgoing interface.
  So as Toshi notes if one device is the root bridge for one vlan the cost (actually 0) doesn't change if you change the cost of one of its ports.
  Hope to help
  Giuseppe

• Spanning Tree and Admin mac address issues srw2048

  Ok, I have a somewhat complex problem and hopefully someone may shed some light or have an idea as to whats wrong.
  First the scenario:
  I have two Cisco Cat 6509's etherchanneled to each other via two fiber cables.  One of these is the STP/RSTP root.  I have two SRW2048's.. one trunked to each of these 6509 switches.  There is also a trunk between the SRW2048's.  All this is to create a redundant topology so that if one of the switches fail's the others can still forward packets to each other.  Of course the scenario described is in fact a loop that should be handled by STP/RSTP.  I have RSTP enabled on all the switches in the scenario (PV RSTP on the cisco switches as they only do Cisco's brand of per vlan spanning tree).  There are 3 vlan's configured on each of the srw2048's (2,55,96).  There are corresponding vlan's also on the 6509's.  I have put the srw2048's management interface into vlan 2.
  The problem:
  I need to forward packets between the srw2048's primarily and only use the 6509 that is not the root when a failure happens.  I have configured the non-root 6509's spanning tree cost on the etherchannel to be higher then the alternate path through the srw's to the root.  I can hook everything up and view the spanning tree and see that the srw2048's interface that goes to the non-root 6509 is blocked, and all other interfaces on the other switches are forwarding.  I can in fact ping and get to the admin interface on all the switches.  Then for some strange reason the admin interface of the srw2048 plugged into the non-root 6509 stops responding.  If I disable either the interface its plugged into on the 6509 or the other srw2048 everything starts working again.  Sometimes it responds after many failures for no apparent reason.  I looked into the mac-address table on the 6509's and they are conflicting, pointing to each other for the mac-address of the broken srw2048.  When I clear the mac-table the admin port comes back for about 5 seconds then again goes dark.  When reviewing mac-table on the 6509's they are back to pointing to each other.  The odd thing (although I haven't confirmed this completely) is that hosts placed into vlan 2 on that same srw2048 seem to work fine.  If there was an STP loop or something misconfigured, I would expect it to effect any host in vlan 2 or the other vlan's for that matter on the srw2048 that stops responding.  Alas, I am stuck because I need to manage this switch remotely.  My only thought is that for some reason even when the STP status is blocked the broken srw2048 is still sending out arp's of its admin interface and bypassing the STP protocol.  I have no way to confirm this, but maybe someone has an idea as to what I'm doing wrong, or otherwise offer a solution.  For now, I simply removed vlan 2 from the 6509 that the broken srw2048 is plugged into and everything seems fine.
  My apologies for such a long post, but this is somewhat complicated.  Thanks in advance for any info.
  -Geoff
  Message Edited by gmyers on 08-19-2008 10:35 PM

  To follow up, I had a ticket open with Linksys about this for about 3 months with no resolution.  I submitted packet captures, stp outputs, etc and no luck.  I gave up and basically had to revert to a manual failover for redundancy.  It's no perfect or fast, but it works every time.
  Unless linksys issues a firmware upgrade with this as a fix, I doubt we will be able to ever resolve this on our own.

• Do I configure spanning-tree port type ed trunk on LACP port-channels

  Hello,
  Can't seem to see a clear answer and wondering if something could offer some advice please?
  We are using LACP aggregation across all our 10 gig attached servers and also trunking them.  We're running a VPC pair of 5596 Nexus.
  For a standard trunk port I always add the spanning-tree port type edge trunk to the interface config.
  However I think I should be adding this to the overiding port-channel config.  At present a colleague has configured the VPC below omitting the spanning-tree port type config.
  interface port-channel100
    description a-server
    switchport mode trunk
    switchport trunk allowed vlan 100
    vpc 100
  The port member configs are these which do contain the spanning tree port type:
  interface Ethernet1/1
    description a-server(1)
    switchport mode trunk
    switchport trunk allowed vlan 100
    spanning-tree port type edge trunk
    channel-group 100 mode active
  I always try to keep the overiding port channel config the same as its members and obviously for most config, you can't have disparate configs anyway.
  However for the spanning tree config the NexOS allows you to have the members with spanning tree port types and not have to reflect that in the port-channel.
  However I have this issue with STP:
  Switch1# show spanning-tree interface po100
  Vlan             Role Sts Cost      Prio.Nbr Type
  VLAN0100         Desg BKN*200       128.4996 (vPC) Network P2p *BA_Inc
  Is this due to the inconsistency with my port channel to member configs?
  Any advice would be gratefully accepted.
  Thanks!

  Hi Paul, there are some parameters you can define on individual ports and there are some of them that will be inherited from the port-channel configuration no matter what has been configured under the infidividual ports. Spanning-tree configuration is one of the inherited ones. As soon as the port joins into a port-channel, it will start to use spanning-tree settings under the port-channel. When it leaves the channel, then it can continue to use the individual configuration.
  There is a nice summary here under NX-OS Interface Conf Guide > Port-Channel Conf:
  http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/interfaces/configuration/guide/if_portchannel.html#wp1798338
  Evren

• When is it appropriate to use "spanning-tree bpdufilter enable"

  What exactly does enabling bpdu filter do?  I see some examples where bpdu filtering is enabled on access ports?  Is this correct or are there dangers in this approach? 

  Hi John,
  Simple way of saying would that it would disable the STP on that port.
  BPDU filter filters the BPDU's coming in both directions. which means it effectively disable the STP on the port.
  Detailed explanation:
  ===============
  BPDUfilter on the other hand just filters BPDUs in both directions, which effectively disables STP on the port.Bpdu filter will prevent inbound and outbound bpdu but will remove portfast state on a port if a bpdu is received.Enabling BPDU filtering on an interface is the same as disabling spanning tree on it and can result in spanning-tree loops.
  Following are the method to configure BPDU Filter in switches
  Interface mode:
  spanning-tree bpdufilter enable                        (Results port to not participate in STP, loops may occur).
  Global mode:                                                
  spanning-tree portfast bpdufilter default             (It enables bpdufiltering on ports that have port-fast configuration, so it sends a few bpdu while enabling port then it filters bdpu unless receives a bpdu, after that itchanges from port-fast mode and disables filtering for port to operate like a normal port cause it has received bpdu).
  You always should allow STP to run on a switch to prevent loops. However, in special cases when you need to prevent BPDUs from being sent or processed on one or more switch ports, you can use BPDU filtering to effectively disable STP on those ports.you would use bpdufilter when you want a switch plugged into your network but you don't want it participating in spanning tree.
  An example:  In an office environment where someone needs  another network drop under their desk but you don't have time/budget to  run a new line for now.  you are been given a small switch but don't want it to break spanning tree.The switch  you have lying around for this task is a simple unmanaged switch and  will only have one uplink into your network. so you put bpdufilter on your  switch port.
  Ref:https://supportforums.cisco.com/docs/DOC-11825
  HTH
  Regards
  Inayath
  *Plz rate if this info is helpfull and mark as answered if this resolved your query.

• Challenge: Spanning Tree Control Between 2 links from Switch DELL M6220 to 2 links towards 2 switches CISCO 3750 connected with an stack (behavior like one switch for redundancy)

  Hello,
  I have an Spanning tree problem when i conect  2 links from Switch DELL M6220 (there are blades to virtual machines too) to 2 links towards 2 switches CISCO 3750 connected with an stack (behavior  like one switch  for redundancy, with one IP of management)
  In dell virtual machine is Spanning tree rapid stp, and in 3750 is Spanning tree mode pvst, cisco says that this is not important, only is longer time to create the tree.
   I dont know but do you like this solutions i want to try on sunday?:
   Could Spanning tree needs to work to send one native vlan to negociate the bdpus? switchport trunk native vlan 250
  Is it better to put spanning-tree guard root in both 3750 in the ports to mitigate DELL to be root in Spanning Tree?
  Is it better to put spanning- tree port-priority in the ports of Swicht Dell?
  ¿could you help me to control the root? ¿Do you think its better another solution? thanks!
   CONFIG WITH PROBLEM
  ======================
  3750: (the 2 ports are of 2 switches 3750s conected with a stack cable, in a show run you can see this)
  interface GigabitEthernet2/0/28
   description VIRTUAL SNMP2
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 4,13,88,250
   switchport mode trunk
   switchport nonegotiate
   logging event trunk-status
   shutdown
  interface GigabitEthernet1/0/43
   description VIRTUAL SNMP1
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 4,13,88,250
   switchport mode trunk
   switchport nonegotiate
   shutdown
  DELL M6220: (its only one swith)
  interface Gi3/0/19
  switchport mode trunk
  switchport trunk allowed vlan 4,13,88,250
  exit
  interface Gi4/0/19
  switchport mode trunk
  switchport trunk allowed vlan 4,13,88,250
  exit

  F.Y.I for catylyst heroes - here is the equivalent config for SG-300 - Vlan1 is required on the allowed list on the catylyst side (3xxx/4xxx/6xxx)
  In this example:
  VLANS - Voice on 188, data on 57, management on 56.
  conf t
  hostname XXX-VOICE-SWXX
  no passwords complexity enable
  username xxxx priv 15 password XXXXX
  enable password xxxxxx
  ip ssh server
  ip telnet server
  crypto key generate rsa
  macro auto disabled
  voice vlan state auto-enabled !(otherwise one switch controls your voice vlan….)
  vlan 56,57,188
  voice vlan id 188
  int vlan 56
  ip address 10.230.56.12 255.255.255.0
  int vlan1
  no ip add dhcp
  ip default-gateway 10.230.56.1
  interface range GE1 - 2
  switchport mode trunk
  channel-group 1 mode auto
  int range fa1 - 24
  switchport mode trunk
  switchport trunk allowed vlan add 188
  switchport trunk native vlan 57
  qos advanced
  qos advanced ports-trusted
  exit
  int Po1
  switchport trunk allowed vlan add 56,57,188
  switchport trunk native vlan 1
  do sh interfaces switchport po1
  !CATYLYST SIDE
  !Must Explicitly allow VLan1, this is not normal for catalysts - or spanning tree will not work ! Even though it’s the native vlan on both sides.
  interface Port-channel1
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 1,56,57,189
  switchport mode trunk

• IDSM2 spanning tree

  Hi,
  what is a default value of spanning tree cost for data port on IDSM2 module?
  If we put command
  intrusion-detection module 4 data-port 1 spanning-tree cost 1
  what is changed?

  Each link between spanning tree switches has a "cost" associated with the bandwidth of that link. This allows switchs to caculate the lowest "cost" (highest bandwidth) path to the root switch. Here's a table of the STP cost for each bandwidth:
  http://en.wikipedia.org/wiki/Spanning_tree_protocol
  I think that I shall never see
  A graph as lovely as a tree.
  A tree which must be sure to span.
  So packets can reach every LAN.
  First the root must be selected.
  By ID, it is elected.
  Least cost paths from Root are traced.
  In the tree these paths are placed.
  A mesh is made by folks like me.
  Then bridges find a spanning tree.
  - Radia Perlman

• "Peer-switch" command on vPC domain and spanning-tree priority interaction

  Hi guy,
  We have 2 N7K (N7KA and N7KB) which will be running vPC in hybird and pure vPC environment.
  I have a question about the Hybird and pure vPC environment. With the "peer-switch" command enable, should i tune the spanning-tree priority to be the same for all the vlan running on vPC on both N7KA and N7KB? This way, when i enter the "sh spanning-tree vlan X(vPC vlan) detail" command on N7K, it will list both N7K announc itself as "We are the root of the spanning tree".Also the switch running spanning-tree with N7K vPC vlan (Hybird), will see both N7K has the same priority (4096), and it is not desirable for a spanning-tree environment. Therefore, i used the "spanning-tree pseudo-information" on N7KB to tune the spanning-tree priority to "8192" and the switch running spanning-tree with N7K will list N7KB has a priority of 8192(perfect).
  However, I notice some strange "show" output on the switch running Port-channel with the N7KA and N7KB. The "Designated bridge" priority is flapping as show on the switch. It is constantly changing between "4096 and 8192" with the same vPC system wide mac address.
  Entering the "sh spanning-tree vlan X detail" command repeatly on switch with port-channel toward N7KA and N7KB.
  >>sh spanning-tree vlan 10 detail
  Port 65 (Port-channel1) of VLAN10 is root forwarding
  Port path cost 3, Port priority 128, Port Identifier 128.65.
  Designated root has priority 4106, address 0013.05ee.bac8
  Designated bridge has priority 4106, address 0013.05ee.bac8
  Designated port id is 144.2999, designated path cost 0
  Timers: message age 15, forward delay 0, hold 0
  Number of transitions to forwarding state: 1
  Link type is point-to-point by default
  BPDU: sent 5, received 603
  one sec later.
  >>sh spanning-tree vlan 10 detail
  Port 65 (Port-channel1) of VLAN10 is root forwarding Port path cost 3, Port priority 128, Port Identifier 128.65. Designated root has priority 4106, address 0013.05ee.bac8 Designated bridge has priority 8202, address 0013.05ee.bac8 Designated port id is 144.2999, designated path cost 0 Timers: message age 15, forward delay 0, hold 0 Number of transitions to forwarding state: 1 Link type is point-to-point by default BPDU: sent 5, received 603
  Configuration:
  N7KA
  spanning-tree vlan 1-10 priority 4096
  vpc domain 200
  peer-switch
  N7KB
  spanning-tree vlan 1-10 priority 4096spanning-tree pseudo-information vlan 1-10 designated priority 8192
  vpc domain 200
  peer-switch

  We have a issue similar to this in our environment. I am trying to upgrade the existing 3750 stack router with 2 Nexus 5596 running VPC between them. For the transition I have planned to create a channel between 3750 stack and 5596's. Once this environment is set, my plan is to migrate all the access switches to N5k.
  The issue is when I connect the 3750 port channel to both N5Ks, all the Vlans on 3750 started to flap. If I connect the port channel to only one N5K everything is normal; but when I connect the port channel to both N5K running VPC, vlans are flapping. Any idea what is going wrong here? Am I missing something?

• Nexus spanning tree pseudo configuration

  Hi
  I am trying to understand the pseudo configuration commands in a Nexus hybrid topology.
  I have vlans a, b and c only in the vPC side of the topology.  I have peer switch configured and the same stp priority on both switches.
  In the standard Spaning-tree topology I have completely seperate vlans x, y and z.
  What should I be configuring in the pseudo config section ?  Do I define a pseudo root priority for all vlans a, b, c and x, y, z or just for the standard spanning tree vlans x, y and z.  I need to avoid and, even short, spanning tree outages if I take one Nexus out of service for a short time.
  My thinking is that if one Nexus is out of service the physical mac will be used and potentially reduce the root priority of the vPC vlans causing a TCN and STP recalculation in vlans a, b and c.  This can be avoided by configuring a pseudo root priority for all Vlans lower than the current spanning tree priority shared by the vPC peers.  Is this correct ?  However, since I have a shared priority of 8192 on current vPC vlans will configuring, for example, a pseudo root priority of 4096 on those vPC vlans won't this also cause the TCN and recalculation I am trying to avoid ?  Is the benefit of the pseudo root config only obtained if it is configured at the start when the vPC is formed and prior to the peer switch command being issued ?
  Thanks, Stuart.

  Hi Ajay,
  It is recommended that switch-to-switch links are configured with the spanning-tree port type normalcommand. The one exception is the vPC peer-link which is recommended to configure with the spanning-tree port type network command.
  Take a read of the Best Practices for Spanning Tree Protocol Interoperability from page 56 of the vPC Best Practice Design Guide for further information on this.
  Regards

• Core (4500x vss) with Access HP switch spanning tree

  Hello Friends,
  i need your support to guide me for this type of topology network in-order to avoid loops...
  like
  2  4500X series switch configure as a VSS working as core switch
  in access layer i have HP switches which are connected with 1G fiber uplinks to each other (cascaded) and back to these Core switch for Vlan forwarding.
  i need help to configure  spanning tree  for such topology and avoid loops.
  Topology is in attached..

  Hi,
  you mean to say, connect each HP switch back to core (VSS) with 2 uplinks and configure as a ether-channel?
  Yes, exactly.
  actually that is  not possible because the lack of fiber cable between the cabinets (core to access) are not much cores.
  How could it not be possible? According to your drawing in your current design ASW-HP1 and ASW-HP3 both connect to the core VSS, core anyway. So it is just a matter of connecting ASW-HP2 to the core.
  Of course you want 2 uplinks from each HP.
  HTH

• Cisco Switches and HP Interoperability with Spanning-Tree (RSTP)

  Hello All.
  I read a lot of information from this forum about Spaning-Tree interoperability between HP Switches and Cisco Switches.
  Rather than having questions I would like to post that I manage to configure successfully HP and Cisco using RSTP (802.1w).
  SWPADRAO]display stp root
  MSTID  Root Bridge ID        ExtPathCost IntPathCost Root Port
    0    32768.cc3e-5f3a-2939  0           0
  [SWPADRAO]display stp brief
  MSTID      Port                         Role  STP State     Protection
    0        GigabitEthernet1/0/47        DESI  FORWARDING    NONE
    0        GigabitEthernet1/0/48        DESI  FORWARDING    NONE
  [SWPADRAO]display stp instance 0
  -------[CIST Global Info][Mode RSTP]-------
  CIST Bridge         :32768.cc3e-5f3a-2939
  Bridge Times        :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
  CIST Root/ERPC      :32768.cc3e-5f3a-2939 / 0
  CIST RegRoot/IRPC   :32768.cc3e-5f3a-2939 / 0
  CIST RootPortId     :0.0
  BPDU-Protection     :enabled
  Bridge Config-
  Digest-Snooping     :disabled
  TC or TCN received  :17
  Time since last TC  :0 days 0h:1m:52s
  SWNHAM17#show spanning-tree VLAN0001
   Spanning tree enabled protocol rstp
   Root ID    Priority    32768
              Address     cc3e.5f3a.2939
              Cost        4
              Port        26 (GigabitEthernet0/2)
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec  Bridge ID  Priority    61441  (priority 61440 sys-id-ext 1)
              Address     001b.54db.7200
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
              Aging Time 300 Interface        Role Sts Cost      Prio.Nbr Type
  Gi0/1            Altn BLK 4         128.25   P2p
  Gi0/2            Root FWD 4         128.26   P2p
  SWNHAM18#show spanning-tree VLAN0001
   Spanning tree enabled protocol rstp
   Root ID    Priority    32768
              Address     cc3e.5f3a.2939
              Cost        4
              Port        26 (GigabitEthernet0/2)
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec  Bridge ID  Priority    61441  (priority 61440 sys-id-ext 1)
              Address     001b.0cbc.4300
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
              Aging Time 300 Interface        Role Sts Cost      Prio.Nbr Type
  Gi0/1            Desg FWD 4         128.25   P2p
  Gi0/2            Root FWD 4         128.26   P2p

  Hello, David.
  Your command doesn't work because it's made only for tha ports that has command "spanning-tree portfast" in them. Try change spanning tree mode at the HP switch to MSTP if this is possible.

• VLAN spanning-tree root and VLAN L3 SVI

  I have a traditional core/access switches connected, Catalyst 4506 with 802.1Q uplink trunks to two core 6504-E switches. Spanning-tree roots for VLAN's were on core switch with the active HSRP/SVI. Shutdown HSRP/SVI on the cores and moved the SVI to the L3 access switches, but we left the spanning-tree root on the cores... Is this causing the clients/ports in the VLAN on the access switches to do a double/triple hop over the uplink for ingress/egress?  Gig1/1 is the trunkport/uplink to the core, wanted to move L3 functions to the access switch to reduce spanning VLANs across the core network.              
  Current configuration : 253 bytes
  interface Vlan196
  description Tower I - 8th Floor VLAN
  ip address 10.200.196.1 255.255.255.0
  ip access-group 115 in
  ip helper-address 164.103.160.150
  ip helper-address 172.20.135.201
  no ip redirects
  no ip unreachables
  ip pim sparse-mode
  end
  I0504506A8#sh spann          
  I0504506A8#sh spanning-tree vlan 196
  VLAN0196
    Spanning tree enabled protocol ieee
    Root ID    Priority    196
               Address     6400.f1ee.c140
               Cost        4
               Port        1 (GigabitEthernet1/1)
               Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
    Bridge ID  Priority    49348  (priority 49152 sys-id-ext 196)
               Address     0015.f960.9ac0
               Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
               Aging Time 300
  Interface        Role Sts Cost      Prio.Nbr Type
  Gi1/1            Root FWD 4         128.1    P2p
  Gi1/2            Altn BLK 4         128.2    P2p

  Hi Tojackson, I guess this depends on how stuff is interconnecting. It's obvious gi1/1 is forwarding and gi1/2 is blocking. So from the furthest access switch, what path must it take to reach gi1/1? That is the number of hops involved for normal traffic.
  Now, if you're concerned about a specific VLAN and you need gi1/2 forwarding to reduce travel time for other traffic, you may employ RPVST to have that specific VLAN and cost to go to gi1/2.
  In some part of the network I support we have a pair of Cisco 7606 which feeds in to a 4507R and off the 4507R we have a ring of 2955 with even 10-12 L2 switches on the ring. The consequence of multiple layer 2 hops is not of much concern and our spanning tree stops with the 4507 since we're not concerned about broadcast storm on the routed interfaces on the 7600.
  -Tom
  Please mark answered for helpful posts

• Mono spanning-tree and PVST

  Refering to these two links
  http://www.cisco.com/en/US/tech/tk389/tk390/technologies_tech_note09186a0080094665.shtml
  http://www.experts-exchange.com/Hardware/Routers/Q_21349385.html
  IEEE 802.1Q defines a single instance of spanning tree running on the native VLAN for all the VLANs in the network which is called Mono Spanning Tree (MST). This lacks the flexibility and load balancing capability of PVST available with ISL. However, PVST+ offers the capability to retain multiple Spanning Tree topologies with 802.1Q trunking.
  IEEE 802.1Q defines a single instance of spanning tree running on the native VLAN for all the VLANs in the network which is called Mono Spanning Tree (MST). This lacks the flexibility and load balancing capability of PVST available with ISL. However, PVST+ offers the capability to retain multiple Spanning Tree topologies with 802.1Q trunking.
  http://networking.ringofsaturn.com/Certifications/BCMSN.php
  Per-VLAN Spanning Tree (PVST) ? A Cisco proprietary method of connecting through 802.1Q VLAN trunks, the switches maintain one instance of the spanning tree for each VLAN allowed on the trunk, versus non-Cisco 802.1Q switches which maintain one instance for ALL VLANs. This is the default STP used on ISL trunks.
  http://www.informit.com/content/images/1587051427/samplechapter/1587051427content.pdf
  The 802.1Q standard defines one unique Spanning Tree instance to be used by all VLANs in the network. STP runs on the Native VLAN so that it can communicate with both 802.1Q and non-802.1Q compatible switches. This single instance of STP is often referred to as 802.1Q Mono Spanning Tree or Common Spanning Tree (CST). A single spanning tree
  lacks flexibility in how the links are used in the network topology. Cisco implements a protocol known as Per-VLAN Spanning Tree Plus (PVST+) that is compatible with 802.1Q CST but allows a separate spanning tree to be constructed for each VLAN. There is only one active path for each spanning tree; however, in a Cisco network, the active path can be
  I could not get exactly what these Terminology (PVST, instance, PVST+, MST, etc) trying to achieve ?
  Any URL and online resource help me to do some extar reading to clarify these terminology

  Hi,
  The URLs that you have provided all explains the same technical details in different fashion.
  I will summarise them here for better clarity.
  There are two separate technologies that needs clarity.
  1) Method of Trunking many vlans across a link
  2) Spanning tree
  Now for point 1, we have the IEEE standard 802.1q, which mentions how multiple vlans can be carried across a link. As per this standard a 4 byte tag will be inserted in the ethernet packet, ( inserted between the Destination mac address field and the ethertype field)
  This tag will contain the vlan identifier info and some other details ( available in the urls that you have highlighted)
  Cisco has a proprietary technology called ISL which effectively does the same job in a different fashion but can only be used in cisco devices.
  Now for point 2, again we have IEEE standards like 802.1d ( common/mono spanning tree), 802.1w/RSTP ( Rapid spanning tree) and 802.1s/MSTP.
  In 802.1d, there will be only one spanning tree process/instance running for the whole network, irrespective of how many vlans are involved in the network. Hence the whole network is treated as one common domain by the STP protocol.
  So, there can be only one root bridge in the network and other bridges will intelligently block the redundant links, we wont have much control to effectively utilise the redundant links.
  IEEE 802.1w/RSTP also works in the same fashion, but the convergence time is very fast in this protocol.
  Here also there is only one spanning tree instance involved.
  In both the above STP protocols, there is only one instance/process of the protocol running in the network, which is common for all vlans. Hence these protocols consume only very less CPU utilisation.
  In 802.1s/ MSTP ( multiple spanning tree), extends the 802.1w Rapid Spanning Tree Protocol (RSTP) to have multiple STP instances. In this protocol, we can group the desired vlans in to one Instance of the protocol.
  Say for example, lets assume a typical campus network with multiple access switches, 2 distribution/core switches.
  Access switches having dual connectivity to the distribution/core switches.
  In this topology if we deploy 802.1d or 802.1w, the redundant links from the access switches to the distribution/core switches will be blocked. Only one uplink from the access switch to the distribution layer will be working at any point.
  In this network, only one distribution/core switch will be root bridge for the entire network.
  But if we deploy 802.1s for this network, we can design it as follows.
  We can split the vlans in to two groups,
  Group1 => vlan 1 to 50
  Group2 => vlan 51 to 100
  We can create two instance of MSTP protocol with the following mappings
  Instance 1 => for Group 1, with one distribution/core switch as the root bridge
  Instance 2 => for Group 2, with another distribution switch as the root bridge
  --Continued

• SGE2010 switches, VLAN's and a blocked port in spanning-tree

  Folks,
  I have 2 switch groups.
  2 SGE2010's with VLAN's defined as 10,20 and 30
  Vlan 10 is the management VLAN, and it uplinks to our border router.
  Vlan 20 is the workstation VLAN, and all workstations point to the switch as their default GW
  Vlan 30 is the ip phone VLAN, and all phones use this as their gateway.
  I would like to put a LAG between said switches, we have some servers on the ip phone switch that need to be accessed by the workstation clients, and the single 100mb link through the router is probably not going to be enough.
  As I understand it, because the switches have different networks on them, a simple lag will not work. I did create a lag, and assign ip addresses to each side, however in that mode, it doesn't appear I can block vlan 10 from transiting the LAG, and with out that block I will end up with a logical loop, and spanning-tree will block one of the uplinks, or the LAG itself.
  I have attached an image with a diagram of our current set up.
  Any help/advice would be much appreciated.

  Tom,
  I remember our conversation a few weeks ago. I did not get a chance to have a go at MSTP, mainly because I have no expierence with it, and looking at the configuration properities, it looks a little daunting.
  It has also been a very busy few weeks with the deployment of 200+ phones across several sites, and the system is functioning great with out the LAG trunk, I am just trying to plan for the future.
  I made a few postings a few weeks ago, one here and one on the Cisco forums on reddit, and a user there gave me some advice I have been unable to make work (I think it's just wrong), but I would love to go this route if it is in fact possible.
  Here is the thread : http://www.reddit.com/r/Cisco/comments/x91tc/vlan_trunks_spanning_tree_and_a_port_blocked/c5kskch
  This user implies it's possible to block a VLAN across the LAG which would end the logical loop problems.
  It looks like his advice is to make the LAG into a trunk, and then block specific VLAN's from transiting it, but in trunk mode, I can't assign it an IP, so I am sorta wondering how exactly you transport packets across it.
  Can you confirm that his advice is in fact incorrect?
  If MSTP is my only route, then I suppose it's time to dig into the docs and see If I cant get it up and running.

• Multiple Spanning Tree in a Hub and Spoke topology?

  My company is planning to implement Multiple Spanning tree into our hub and spoke topology. Is that possible?
  Should I divide up the vlans into instances based on assigned switch or assigned department?
  Thank You.

  hi, everyone,
  i have search a internet draft to describe this situation, "Using an LSA Options Bit to Prevent Looping in BGP/MPLS IP VPNs", from "http://www.ietf.org/internet-drafts/draft-ietf-ospf-2547-dnbit-03.txt"
  does anyone can tell me how can disable this function and clear the "DN" bit on a cisco router? thanks very much.