04-08-2010 08:32 AM - edited 03-04-2019 08:04 AM
We are bringing up an hp pclass blade enclosure in our dmz. Historically our dual 4507's for our dmz have been running rapid-pvst but the hp
pclass enclosure software rev does not support rapid-pvst. Before we change the mode back to pvst we want to understand the impact to our switches and the servers connected to them. This is the first enclosure we will have in our dmz as all other servers are regular rackmount type with dual nic's with one nic home run back to each of the two dmz switches. Primarily, will we create any loops during the changes and if so is there anything we can do to prevent it or will stp simply converge without issue. All feedback and links to documentation are appreciated.
Thanks,
Rachel
04-08-2010 08:55 AM
Hello Rachel,
I would consider to keep using Rapid PVST it is backward compatible on a per port basis with older STP
PVST and IEEE 802.1D uses protocol version 1 so it is easy to detect a legacy device on a port
in this way you can still take advantage of Rapid PVST on other ports of your network
Hope to help
Giuseppe
04-08-2010 09:13 AM
Guiseppe,
We read that too but it is not working correctly in practice. A little more about our setup. We have two 4507's that are trunked together. The blade enclosure has two switches that are also trunked together via the internal fabric in the enclosure. The global config on 4507A is this:
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 2-1000 priority 4096
Our test vlan is 300. The spanning-tree for vlan 300 looks like this:
VLAN0300
Spanning tree enabled protocol rstp
Root ID Priority 4396
Address 0015.62a4.6080
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 4396 (priority 4096 sys-id-ext 300)
Address 0015.62a4.6080
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi3/7 Desg FWD 4 128.135 P2p
Gi3/43 Desg FWD 4 128.171 P2p
Port 3/7 is connected to enclosure switch A
The global config on 4507B is the same as side A and the spanning-tree for vlan 300 looks like this:
VLAN0300
Spanning tree enabled protocol rstp
Root ID Priority 8492
Address 0015.62a4.57c0
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 8492 (priority 8192 sys-id-ext 300)
Address 0015.62a4.57c0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi3/7 Desg FWD 4 128.135 P2p
Gi3/13 Desg FWD 4 128.141 P2p
Port 3/7 is connected to enclosure switch B. Currently both 4507's think they are the root for vlan 300 so that is problem 1. On the enclosure switches side A thinks that side B is the root, side be agrees with side A and also thinks it is root.
Spanning Tree Group 1: On
VLANs: 1 300
Current Root: Path-Cost Port Hello MaxAge FwdDel Aging
fde8 00:0f:6a:f3:14:00 4 17 2 20 15 180
Parameters: Priority Hello MaxAge FwdDel Aging
65000 2 20 15 180
Spanning Tree Group 1: On
VLANs: 1 300
Current Root: Path-Cost Port Hello MaxAge FwdDel Aging
fde8 00:0f:6a:f3:14:00 0 0 2 20 15 180
Parameters: Priority Hello MaxAge FwdDel Aging
65000 2 20 15 180
We know that the legacy enclosure switches do not support rapid-pvst so we are suspecting that they are not sending the correct bpdu's to the 4507's and therefore they are not properly electing the 4507 as the root. If there is a way to manually set the port 3/7 to pvst instead of rapid-pvst I haven't been able to find out how to do it. If you know how to force the port on the 4507 to use pvst please share. If you have more questions please let me know.
04-08-2010 09:49 AM
Hello Rachel,
these devices look like to support 802.1D legacy STP
>> Spanning Tree Group 1: On
VLANs: 1 300
so they have only one instance for all Vlans that travel on vlan 1.
Who is the root bridge in vlan1 from the point of view of C4507?
you may need to enforce root bridge in vlan 1 in order to see the desired root bridge on legacy switches also for vlan 300
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide