cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
925
Views
30
Helpful
10
Replies
bolybay
Beginner

can etherChannel useful in stp max instances

Hi all... 

I wish you have a nice day and I hope you'll excuse me for my bad language
I'm a little confused about a problem in my work environment 
in brief 
As shown in the figure below we have  4 switches in the distribution layer grouped in one stack connected to 2 stacks in the access layer, every stack consists of 2 switches and the access layers stacks are connected with 4 cables to the distribution stack...
 
Capture.PNG
 
in this case, the pvst by the default is working to prevent loops between access stack 1 and distribution stack or between access stack 2 and distribution stack.
 
we have the same 128 VLANs in the whole network and all of them are used which mean that pvst created 1 instance per VLAN i.e 128 instances in total.
3750 cisco switches have a platform limit of 128 stp instances so I can't add more VLANs 
my question is: if I want to add more VLANs without pruning any existing VLANs as we use them all, should I use mst so I can map many VLANs to one instance? if yes .. is there any problem if I mapped all VLANs to one instance?
 
Another question is: if I create VLAN 129 the pvst will not create an instance to this VLAN so stp was disabled in the exceeded VLAN and network loop will happen but what if I use EtherChannel which means that stp will consider four physical cables as one cable so the loop will not be happed based on that and if I create VLAN 129 then no problem will be found although stp will be disabled for VLAN 129 but because of EtherChannel the loop will not happen and the stp have no role now because we have one logical cable (four physical cables ) finally i can add more than 128 VLANs without worrying about stp max instances .. am I right?
1 ACCEPTED SOLUTION

Accepted Solutions

Hi

 Sorry about the delay. And sorry about criticizing you solution, I know public sector have some delay when it comes to update technology.  But it is ok. At least you have Cisco switches. 

 Well, firstly I´d like to say that looking your topology and considering that you have one stack of 4 switches (Distribution) connected to 4 stack of 2 switches (Access) , you dont have risk of loop. And that´s a good thing.  You would have loop risk, if you interconnect the stacks with 2 switch (Access). If I understood correctly, each access stack has 4 interfaces connecting to the distribution stack (on per switch maybe?). 

 As we are talking about stacks, this means that the 4 switches stacks represent, after all, one single switch. Which means, your logical topogy is one switch connected to another switch using 4 cables. If you group those 4 cables in on port-channel, you can have (considering 100 Mps interface) 400 Mbps uplink. But,  If do not use channel, then, 3 interfaces will be blocked by spanning-tree and you are wasting 3 cables for each stack.

 That´s make sense?

 

About the Spanning-tree.

 

Well, as you said, MST overcome your Vlan limitation and yes, as you are using stacks, you can use one Region and one  Instance, with no problem.

 

 

 

View solution in original post

10 REPLIES 10
Flavio Miranda
Advisor

I can´t see any image attached. But,MST must solve the limitation problem although will add complexity if you had to divide in multiple regions.

 

and Yes, you assumption seems to make sense. Honestly I never had to create 129 vlans in one switch to be sure about the behavior.

 

However, I can´t imagine why you need 128 VLANs in a switch. Considering the idea of vlans is segmentation and the switch has 48 ports top, two switch on the stack you have 96 ports.  I mean, you have 2 vlans for each port on the access switch.

 I know you did not came here for me to judge your topology, sorry for the comment,  but I need to advise you that you need to start think of move to a new solution. STP,MST,etc is all old stuff, the same as 3750.

 If your critical requirement is segmentation at all cost, there are better solution for that.

 

Dear Flavio thanks for your reply

 

Firstly: about using mst, you said that it will be complex if I create more than one region but what about using one region... I mean making all networks (all switches) in one region ... actually, I was intending to do that .. grouping all switches access layer and distribution layer in one region so if I do that is there will be any problem?

secondly:  about 129 VLANs I know it's a weird thing but this is due to my work type. I'm working in a datacenter belonging to a governmental company where we have a lot of governmental projects so we made one VLAN per project for segmentation as you said

 

I know that our stuff is old whether switches or technology but I have to treat with that at present until new hardware be available 

 

I hope I was able to convey what I mean to you

 

notice: cisco 3750 switch is 24 ports, not 48

 

Best Regards.

bolybay
Beginner

Any help! 

Hi

 Sorry about the delay. And sorry about criticizing you solution, I know public sector have some delay when it comes to update technology.  But it is ok. At least you have Cisco switches. 

 Well, firstly I´d like to say that looking your topology and considering that you have one stack of 4 switches (Distribution) connected to 4 stack of 2 switches (Access) , you dont have risk of loop. And that´s a good thing.  You would have loop risk, if you interconnect the stacks with 2 switch (Access). If I understood correctly, each access stack has 4 interfaces connecting to the distribution stack (on per switch maybe?). 

 As we are talking about stacks, this means that the 4 switches stacks represent, after all, one single switch. Which means, your logical topogy is one switch connected to another switch using 4 cables. If you group those 4 cables in on port-channel, you can have (considering 100 Mps interface) 400 Mbps uplink. But,  If do not use channel, then, 3 interfaces will be blocked by spanning-tree and you are wasting 3 cables for each stack.

 That´s make sense?

 

About the Spanning-tree.

 

Well, as you said, MST overcome your Vlan limitation and yes, as you are using stacks, you can use one Region and one  Instance, with no problem.

 

 

 

bolybay
Beginner

That's right 

 

now I'm using etherchannel and grouped 4 interfaces into one interface so I can use the full bandwidth.

 

I'm curious about knowing how new technology will treat that.. or How would this be useful in this case ??

 

 

so if you don't mind please explain to me this point

 

thanks you again 

 

I really appreciate your efforts ...

The Etherchannel does not change any kind of spanning tree bahavior. The different is that those 4 interface will be seing as one interface. For example, if you config another etherchannel with 4 interface on the same access switch and connect it to the core switch, the spanning tree will block on etherchannel to prevent loop. Which means, the behavior is the same.

 

 This is the right devision to make. The previous scenario does not make sense as you will be sacrifycing 3 interfaces for nothing. 

yes, of course, I'm already applying this scenario 

 

I know that etherchannel doesn't change stp behavior 

 

as shown in the attachment you'll see stp details for VLAN 6 on Dis stack  and po6 which is connected to access stack is Desg 

 

and  the other image shows channel-group 6 which 4 interfaces

 

 

 

what I meant is how new technology treats with 128 max instances .. how new technology treats that problem generally  

 

as you said " If your critical requirement is segmentation at all cost, there are better solutions for that. "

 

I'm wondering what is a better solution you mentioned

MST does not consider a per vlan scanerio and it creates the concept of Instances and Regions. But the loop prevention mechanism keep working, that´s what matter.

 

About better solution, well, this will require better devices as well. 

We can think about Layer 3 switches with Layer 3 uplinks (Which does not requires Spanning tree) and you can use routing protocol to forward traffic among them.  You can use VRF to isolate one kind of traffic from the other and you can also use Access List to permit or deny any kind of traffic.

Ultimatly, you also have the brand new SDA concept, which requires DNAC and ISE where you can segment you network extremelly. 

Wonderful!

 

that really seems good 

 

I'm really thank you and I'm very glad about this discussion 

 

I wish you a nice day 

 

thank you a lot, Flavio Miranda 

You are welcome!

I glad I helped some way.