One additional note,

I would consider making switch 1 your root bridge and then 2 your secondary. Either one could be your root, but the two switches 1 and 2 in Leo's layout form your core. In this configuration, switch 4 should block on the port toward the secondary and switch 3 should block on the port toward the secondary.

This configuration will provide very good redundancy and you only use 1 extra port on switches 1 and 2 provided you keep the stack cable in place.

HTH

Iamsong,

You have a three-location ring. (Switches 1 and 2 are connected by GigaStack cable, so they must be within 1m of each other; I count them as one location.) Each location connects to two other locations by fiber. Each location can survive catastrophic failure of one fiber bundle that connects it to another site; but failure of both fiber bundles results in isolation. There’s no way around that, unless you build more fiber and run it along entirely different paths than what is there now.

You have four switches connected right now in a ring topology. Each switch connects to at least two, and no more than two, other switches. Switch “X” can survive the catastrophic failure of one of the switches it connects to; but failure of both of the switches it connects to results in isolation. The only way around that is to construct a meshed topology, where the switches can have more than two connections to other switches. In your case, you could build a full mesh (each switch connects to every other switch) by creating just two more links. This is what Leo did in his post.

You already have links 1-2 (GigaStack), 1-3 (Gigabit fiber), 2-4 (Gigabit fiber), and 3-4 (Gigabit fiber). You need to create links 1-4 and 2-3 to complete the full mesh. If you have an extra pair of fiber strands in the bundle with the 1-3 link, you can create the 2-3 link; similarly, if you have extra strands in the bundle with the 2-4 link, you can create the 1-4 link.

If your 3550s are the 48-port or 24-port versions, then you will have to use 10/100 Fast Ethernet ports with media converters to make the new mesh connections, since all your GBIC slots are in use. If you configure those connections to operate at Layer 2, then Spanning Tree will block them, preferring the Gigabit pathways that are in place. Neither 10/100 connection will forward traffic from a switch until both the Gig links from that switch are down; and even then, they will forward at only one-tenth of the speed. But some connectivity is better than no connectivity.

Since you have 3550s, if you configure Layer 3 IP connectivity over these two new links, then depending on how your VLANs are set up and distributed, you might actually be able to use the new links to forward traffic. They won’t be as fast as the Gig connections, but they will do some useful work instead of just sitting there.

What Murph said also is a good idea. Switches 1 and 2 as your root bridges for each VLAN, with UplinkFast running on switches 3 and 4, should minimize your convergence time.

Hope this helps.

Dear fellows,

Really appreciate your suggestions to my question:)

According to the topology,the network connecting with 4 is a server farm while 1,2,3 are connecting with individual users.It is required that either of the links from 4 to 3 and 2 are disconnected in a failure will NOT lead to network cut-down from pcs to servers.

So I setup STP among the 4 3550 switches as below:

1,2,3,4 are enabled STP while 2,3 are playing the role of root bridge primary and secondary respectively.

After that,the port at 4 linked to 2 is turning into blocking and vice versa.

Accidentally,the fiber failure is occurred in the setup and 3 to 4 is disconnected.Later,I found the traffic flow changes its direction from 4 to 2.The blocking ports on 2 and 4 turned into the forwarding.

Now I'm asking the cabling engineer to recover the fiber from 3 to 4.Can I assume the traffic work will change back to the orininal direction of 3 to 4 while still blocking the ports on 2,4?

Many thanks!

iamsong

Iamsong,

When they fix the fiber from 3 to 4, the traffic should go back to the way it was flowing before. It concerns me that you have a blocked link to your server farm switch, though.

If switch 4 is a server farm, you should make it the Root Bridge. That way, all links directly connected to it will be forwarding, and traffic from the user PCs through the access switches 1, 2, and 3 will follow the most efficient path.

You don't want blocked ports on the server farm switch, or on links directly connected to it. Blocked ports on these links mean that network traffic that could otherwise be going directly to that switch is instead taking the long way around to get there. Not good.

By the way, what kind of switches are your 3550s? (-12G, -12T, -48, or -24? If -48 or -24, with SMI or EMI software?) What kind of fiber cable between locations? (single mode or multimode?) And how far apart are your locations from each other?

I have an idea how you might be able to use Gigabit EtherChannel (GEC) between 2 and 4, and another GEC between 3 and 4. This would make sure that there are NO network disconnects from PCs on switches 2 and 3 to servers on 4, if one of the fiber bundles is cut. STP would never even have to reconverge. But it depends on the switches, what ports are available, the fiber, and the distances.

Here's an overview of the 3-4 GEC. Basically, you create a two-link GEC; but the fiber segments that make up the two links take diverse paths to get from 3 to 4. (The 2-4 GEC does something similar, just in the opposite direction.)

To do this, you need extra Gigabit ports on the switches 2, 3, and 4; fiber patch cables; optical GBICs or copper-to-fiber Gigabit media converters; and extra fiber pairs between locations. You also need to know how much fiber there is between switches, to predict the optical power attenuation on the longer links of the GECs.

-Larry

Something is not quite right.

You stated that switch 2 and 3 were root bridge primary and secondary respectively.

If switch 4 has direct fiber links to 2 and 3, swich 4 should be blocking toward switch 3 the secondary. The port going to swich 2 should be forwarding. The fact that it is the other way around, indicates something is not quite as it should be.

This network is small, but you would usually want the root bridge in the center of your network and not off to the side on an end point switch. The reason behind this is convergence time. Since topology changes are propogated from the root outward, being in the center make sthe convergence time as quick as possible. A network this small would not make much of a difference though.

HTH