Re: Spanning Tree Problem - Page 2

smahrous · ‎02-09-2005

we have 2 core switches (6513) connected to 50 edges (3550) by dual links , I attached a visio diagram for illustration .All the network work probarly every day , we daily add new vlans on the edge switches to configure ports . ( we dont use VTP ) . The 2 cores are root bridges for the vlans vlans

Yestarday suddenly when we created a vlan on the edge switch ( already defined on the core switches ) all the network goes down. i have noticed that when i created the vlan on the edge ,it becomes the root for that vlan and the 2 up links becomes forward state and the networks becomes down.which means that the edge stop recieving the root BPDUs or the core switch stop sending it .

I tested other vlans on the night and it cause the same failure ,

when i removed the uplinks of edge and reconnected it again everything becomes ok and the core becomes the root of that vlan.

Why when i create this vlan or any new one on the core and gives it a priority 4096 and create it on the edge the network goes down because the edge becomes the root for that vlan i don't know why?

I don't know if there is a GBIC failure in the edges or what is the problem?

All the edge switches have this problem.

May be there is a hardware failure in the GBIC i don't know.what do you think about that?

i have upgraded all the edges switches to higher version but the problem is still exist.

Note that the network works fine every day , why suddenly that happened !!!!!

Any advices

regards,

smahrous · ‎02-19-2005

We run VTP and so the error is removed ( which i am not sure if VTP solve it or not ). Anyhow my technical consultant recomends to Reduce the STP instances by

allowing only the available vlans on the trunk .IS that recomended ? even if we are in a dynamic environment?

Please advise

hnorvik · ‎02-23-2005

Yes, you should prune VLANs off the trunks.

Check http://www.cisco.com/warp/public/473/21.html#vtp_span_tree

The manual way of pruning is the preferred way instead of enabling VTP pruning. If not, you will not reduce the number of STP instances.

The document has a lot of other useful info as well.

It also looks like your STP loop problem (network down) was caused by some kind of trunking or VLAN definition issues.

smahrous · ‎02-27-2005

Yes

Iam now running VTP pruning , but what about other enhancemnts are they required to avoid future spanning tree loops ? Please advise for each

1- Enabling PortFast ,UplinkFast ,BackboneFast

2- BPDU Filtering ,BPDU Guard

3- Root Guard , Loop Guard

4- EtherChannel Guard

5- Configuring UDLD

hnorvik · ‎02-27-2005

VTP pruning will not reduce the number of STP instances.

I don't really see the purpose of VTP pruning, and Cisco does also recommend to use manual pruning. I have found this is especially important on edge switches (29xx/35xx) where you're low on STP instances.

There are several documents on Cisco.com regarding STP and the different options. Check them out.

My general rule is:

1) Portfast on PC and server connections - especially DHCP/BOOTP/PXE devices. If in doubt if a certain port could have another switch attached - don't use Portfast.

Uplinkfast may be used on edge switches in your setting if your secondary core (voice?) is also a failover for data in case your primary core fails.

Backbonefast you won't be using in your setting.

2 & 3) BPDU filtering/guard/Root guard - only if you have equipment in your network outside of your control. E.g. being able to disable a port if you receive a BPDU (someone connected another switch), or ignore BPDUs that could lead to a rogue switch being the root in your STP.

4) Etherchannel guard is recommended if you have configured etherchannels. I think this is enabled by default. A failed etherchannel could introduce a STP loop if it is not detected properly.

5) UDLD I find is most useful for fiber links where it is easier to have a broken pair than within a UTP cable.

You should however look into all these techniques when designing your network. Check out Cisco's Best Practice documents.

regards,