Dear Peter,

I have already created several instances in our Corporate switching LAN so I want to bind this two sites  to our corporate  LAN

IT is my core switch config which stand between Corporate and ISP's

spanning-tree mst configuration

name B

instance 1 vlan 59, 128, 191, 352, 406

instance 2 vlan 130, 600-601

instance 3 vlan 9, 100, 300, 302

instance 4 vlan 126-127, 129

instance 5 vlan 160

instance 6 vlan 200

instance 7 vlan 942

instance 8 vlan 58, 143

instance 9 vlan 701

instance 10 vlan 31, 99, 318

!

spanning-tree mst 0 priority 0

spanning-tree mst 3-4 priority 8192

interface GigabitEthernet0/47

description AZ-1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 2-4

switchport mode trunk

ip arp inspection trust

spanning-tree mst 1 cost 100

spanning-tree mst 2 cost 200

ip dhcp snooping trust

end

Switch#sh run int gi 0/48

Building configuration...

Current configuration : 260 bytes

!

interface GigabitEthernet0/48

description AZ-2

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 2-4

switchport mode trunk

ip arp inspection trust

spanning-tree mst 1 cost 200

spanning-tree mst 2 cost 100

ip dhcp snooping trust

Hello,

Thank you. So according to this configuration, you already have a working MST configuration including a division of VLANs into instances. I also see that some of your ports are already configured with differing MST costs in different instances.

My question is now - what exact assistance do you need? As I do not know your network in detail, I can not give you exact examples of how to configure your switches but all basic commands are already present - especially the spanning-tree mst cost commands that you need to use in your case. What exact guidance are you now seeking for, assuming that this configuration is already in place?

Best regards,

Peter

Dear Peter,

I have two switches located in different places but they have same services from same prividers for backup purposes and I asked to  ISP's  engineer to loop traffic that I may control  it using mstp for load failure

if one failed then other switch wil take over

My question how to control this type of  topology using mstp?

Picture shows that  core switch  located in our main office and  two other switche's  --  switch 1 in one place and  switch two in other place as I mentioned for load failure

for example I want vlan 2 active in switch 1   but standby in switch 2 also vlan  3 active in switch 2 but standby in switch 1

Switch1--- vlan 2,4 active

switch 2---- vlan 2,4 blocked

Thanks

Dear Peter,

Lets  think  that switch one  working enviroment I mean it actually working infrastucture that pases all vlan ann services coming from different    ISP's

and switch 2 is new installed so I have tested  Loop exist between  me and ISP because when I connected switch 2 there was loop and both ISP and we experienced problems )

I am testing it only with one isp  for now.

I have tested  switch 2 when  turning off switch  1 uplink  in ISP side services are working in switch 2

I mean  virtually  loop exist but when I tried to test mstp as you said it didn't work because  we experienced loop

what do you think is there  missing something >?

Thanks

Dear Peter,

When I converting  span-tree to rapi-pvst  or pvst it is  working as expected but   in mstp  mode it doesn't

Thanks

Hello my friend,

So when you start MSTP, what exactly goes wrong? Do you get switching loops? Is the traffic not load balanced although according to the MST settings, it should?

Best regards,

Peter

Dear Peter,

yes  lswitching loop occured

and mstp  doesn't block vlan that  has higher cost

but when switching mstp to rpvst it works as expected

Thanks

Hello,

Hmmm. Strange. This sounds as if your service provider was not passing the MST BPDUs through its cloud. It is quite common that providers of L2VPN services do not pass regular Layer2 control traffic such as standardized STP, RSTP or MSTP. The reason RPVST+ works is most probably because it uses a different destination MAC address that does not match the address used by STP/RSTP/MSTP and thus the provider simply considers the RPVST+ to be a multicast application.

Please ask your VPN operator very clearly if he currently allows MSTP BPDUs to be carried through his network so that they can cross the VPN.

Best regards,

Peter

Dear Peter,

I have emulated this topology in my lab.

core sw. 3560x

sw1-2960------ sw2-2960

ISP side web sw with rstp support

in my lab i have emulated this topology and  result was unsuccesful

All sw  are in one mstp region except isp side

what should be done to

Hello,

It is good that you have tried to configure a similar topology in your lab. Sadly, unless you precisely know what the ISP is doing you can not realistically emulate it on your web-based ISP switch.

To me, it looks like your ISP is not transporting your MST BPDUs over his network. PVST+ and RPVST+ did go through and the switches avoided the loop. But you've told me yourself that after you activated the MSTP, you had a loop - I assume it closed itself through the provider's network.

So I repeat my question: is your ISP carrying your MST BPDUs between your sites? Can you ask him to perform MSTP BPDU tunneling?

Best regards,

Peter

Dear Peter,

Is there any other method for this kind of topology?

Thanks

Hello,

Hm, you have said RSTP works for you. Would it be acceptable for you to use RSTP, then?

Best regards,

Peter