Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1905
Views
0
Helpful
11
Replies

Spanning-tree

soda009191
Level 1
Level 1

‎04-29-2011 04:29 PM - edited ‎03-04-2019 12:13 PM

I have a question regarding Spanning-tree. We have several office locations that are connection through a private VPN. I reside in our main office and we are running Spanning tree on our network here. The question is as follows in my location, let's call it location A. We are running VLANs 1,2,3,4. In a newly connection office that I set up I have two 3750 that are connected via stack wise cable. I want to duplicate the same VLANs at this location for consistency. I do not want the switches to be part of the same VTP domain but yet have the same setup as my location. So if at location B VLANs 1,2,3,4 are created will Spanning tree see those VLANs also and possibly cause me problems? Or is it better to choose different numbered VLANs?

Please provide any insight.

Labels:
0 Helpful
11 Replies 11

Reza Sharifi
Hall of Fame
Hall of Fame

‎04-29-2011 05:02 PM

It does not matter, you run the same vlans in both locations or use new vlans numbers in your new location. The spanning three is there to prevent loop in your network.  If you have any type physical loop in your network, you have to run spanning three.

can you provide a topology of your network?

0 Helpful

soda009191
Level 1
Level 1
In response to Reza Sharifi

‎04-29-2011 06:14 PM

My concern is that Spanning creates a central focal point in the network. And I thought there might be a possibilty that it may choose a switch at a branch office that is using the same VLANs as the focal point.

0 Helpful

soda009191
Level 1
Level 1
In response to soda009191

‎04-29-2011 06:59 PM

I added a drawing . Every site is connected to a private VPN with a managed router. The layer 3 switch at each site contains all the VLANs.

85619-network.vsd.zip
0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to soda009191

‎04-29-2011 07:13 PM

I see.  Since you have a router in each location, keep the vlans separate per location. Don't extended the vlans across the VPN cloud.

Example:

location A vlans 1,2,3,4 subnet        10.10.1.0/24, 10.10.2.0/24, 10.10.3.0/24,10.10.4.0/24

location B vlans 5,6,7,8  subnets     10.10.5.0/24, 10.10.6.0/24, 10.10.7.0/24,10.10.8.0/24

location C vlans 9,10.11,12 subnets 10.10.9.0/24, 10.10.10.0/24, 10.10.11.0/24,10.10.12.0/24

You can deploy smaller subnets if you do not need /24s

HTH

Reza

0 Helpful

soda009191
Level 1
Level 1
In response to Reza Sharifi

‎04-29-2011 07:17 PM

The switches will not be part of the same VTP domain so I will not be extending the current VLANs. My question was if I had the same VLANs at multiple location will spanning tree pick a root switch at a branch office if it has a lower priorty.

0 Helpful

soda009191
Level 1
Level 1
In response to soda009191

‎04-29-2011 07:40 PM

I was doing some thinking about the Spanning-tree. Since it is a layer 2 protocol it is not routable. Is it best practice to have the different numbered VLANs as mentioned?

0 Helpful

sarahr202
Level 5
Level 5
In response to soda009191

‎04-29-2011 08:36 PM 

soda009191 wrote:
The switches will not be part of the same VTP domain so I will not be extending the current VLANs. My question was if I had the same VLANs at multiple location will spanning tree pick a root switch at a branch office if it has a lower priorty.

Since your sides are connected by layer 3( vpn),   therefore spanning-tree protocol confines with in a branch.  In other words  treat each branch  independently with regard to Spanning- tree protocol.  That means you could have identical vlans at two branch offices connected by VPN.

Second thing  i want to point out  is  VTP domain,  VTP domain  also terminates at  Layer 3.  Since your branches are connected by VPN,therefore   vtp domain can not extend over layer 3 as vtp  requires trunk link between  switches which is layer 2.

Please feel free to ask again.

Thanks and have a nice weekend.

0 Helpful

sarahr202
Level 5
Level 5
In response to Reza Sharifi

‎04-29-2011 08:50 PM 

I see.  Since you have a router in each location, keep the vlans 
separate per location. Don't extended the vlans across the VPN cloud.

HI Reza.

would you please elaborate how can we extend vlan over layer 3 (  vpn connection) ?   My understanding is since  we need trunk to carry vlans  as trunk operate at layer 2, therefore  we can not extend vlans over layer 3.

Thanks and have a great weekend.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to sarahr202

‎04-30-2011 03:03 AM

Sarah

You would use something like L2TPv3 which allows you to extend a layer 2 vlan(s) across a L3 link. See this doc for full details -

L2TPv3

Personally, at least for ethernet, i only regard this as a temporary short term solution. If you find you are having to extend multiple vlans then you probably need to look at the design of your network and why you are having to do this.

Jon

0 Helpful

sarahr202
Level 5
Level 5
In response to Jon Marshall

‎04-30-2011 04:41 AM

Thanks Jon.

0 Helpful

soda009191
Level 1
Level 1
In response to Jon Marshall

‎04-30-2011 05:29 AM

So we are all in agreement that there are no possible issues with Spanning tree or VTP domains crossing the VPN WAN since they are layer 2? On a side note we connected one of our offices with a wireless bridge and extended the VLANs over to the site in order to have disaster recovery. It has worked very well so far.

0 Helpful
Customers Also Viewed These Support Documents