Spanning tree loop with backup interface configuration

gbusson · ‎06-23-2009

Hi,

here is my pb

Having one 7604 routeur with 12.2.33-SRC3 running Rapid-PVST spanning tree mode and setting prtiority ti 0 to be sure routeur will not be root bridge(spanning tree vlan 1-1024 priority)

Having 2 3750 running MST spanning tree mode with 3 instances, and switch A designed root for all MST instances

Make a loop of connection :

Switch A connected to switch B

Router have 4 lan interfaces, two are connected to switch A, the 2 other to switch B.

Router interface 1 to switch A :

Swicthport trunk allowed vlan 1-100

Router interface 2 to switch A :

Swicthport trunk allowed vlan 101-200

Router interface 3 to switch B :

Swicthport trunk allowed vlan 1-100

Router interface 4 to switch B :

Swicthport trunk allowed vlan 101-200

Works fine, router block all vlan on interface 3 and 4

Now want to setup backup interface configuration one interface 1 and 2 to manage which interface is active

Router interface 1 to switch A :

Swicthport trunk allowed vlan 1-100

switchport backup interface 3

Router interface 2 to switch A :

Swicthport trunk allowed vlan 101-200

switchport backup interface 4

Router interface 3 to switch B :

Swicthport trunk allowed vlan 1-100

Router interface 4 to switch B :

Swicthport trunk allowed vlan 101-200

Works fine, router block all vlan on interface 3 and 4

Now want to allow vlan 101 on interface 1 and 3

Router interface 1 to switch A :

Swicthport trunk allowed vlan 1-101

switchport backup interface 3

Router interface 2 to switch A :

Swicthport trunk allowed vlan 101-200

switchport backup interface 4

Router interface 3 to switch B :

Swicthport trunk allowed vlan 1-101

Router interface 4 to switch B :

Swicthport trunk allowed vlan 101-200

Works fine, router block all vlan on interface 3 and 4

An here is the spanning tree loop with 100 % CPU usage on switch and routeur

If i do the same configuration within backup interface configuration there is no problem

Seems to be a bug ? Any idea about this ?

Best regards

Giuseppe Larosa · ‎06-23-2009

Hello Gilles,

first of all the less is the priority the best is considered so if you set priority to 0 you are actually asking the C7604 to be the root bridge.

This can the root cause of your problems because it is recommended that the root bridge has to be on the MST region for all vlans.

2) I would deploy a single STP type in the network so if possible move the C7604 to MST.

3) I would use MST rapid STP and would let it to choice what links are in STP forwarding state and what have to be blocked.

in fact flex links disable STP

STP is disabled on Flex Links ports. If STP is disabled on the switch, be sure that there are no Layer 2 loops in the network topology.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/flexlink.html#wp1042217

With your config vlan 101 is permitted on interface 1 and 3 you have used

Router interface 1 to switch A :

Swicthport trunk allowed vlan 1-101

switchport backup interface 3

Router interface 2 to switch A :

Swicthport trunk allowed vlan 101-200

switchport backup interface 4

this creates a loop in vlan 101

so if this is the real config you get a loop.

Again I wouldn't use flexlinks but you could use etherchannels instead that allow STP to run over them.

Hope to help

Giuseppe