Hi Peter,I think I verified

mramirez · ‎03-29-2015

I am getting the following error after a circuit upgrade from a ISP CSME to a ISP ASE (Switched Ethernet). The remote end is the one that is producing the error below. I have posted the config on the Catalyst switch. They are 4510's with Sup7 engines.

Mar 29 08:33:23 CDT: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port TenG

igabitEthernet1/1 on VLAN0016.

.Mar 29 08:33:25 CDT: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port

TenGigabitEthernet1/1 on VLAN0016.

Config on both ends

Data Center

interface TenGigabitEthernet5/1

description Link to ATT ASE Circuit

switchport access vlan 16

switchport mode access

speed nonegotiate

spanning-tree guard loop

end

Remote Site

interface TenGigabitEthernet1/1

description LINK TO ATT ASE CIRCUIT KRFN102838

switchport access vlan 16

switchport mode access

speed nonegotiate

spanning-tree guard loop

end

I turned on spanning-tree debugging on the remote end and got the following below.

Mar 29 08:29:06 CDT: RSTP(16): transmitting a proposal on Gi2/3RSTP(16):
.Mar 29 08:29:06 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8043 A:300 T:14.2.F
.Mar 29 08:29:06 CDT: RSTP(16): transmitting a proposal on Gi2/4RSTP(16):
.Mar 29 08:29:06 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8044 A:300 T:14.2.F
.Mar 29 08:29:06 CDT: RSTP(16): transmitting a proposal on Gi2/5RSTP(16):
.Mar 29 08:29:06 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8045 A:300 T:14.2.F
.Mar 29 08:29:06 CDT: RSTP(16): transmitting a proposal on Gi2/6RSTP(16):
.Mar 29 08:29:06 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8046 A:300 T:14.2.F
.Mar 29 08:29:06 CDT: RSTP(16): received an agreement on Gi2/5
.Mar 29 08:29:06 CDT: RSTP(16): received an agreement on Gi2/2
.Mar 29 08:29:06 CDT: RSTP(16): received an agreement on Gi2/3
.Mar 29 08:29:06 CDT: RSTP(16): received an agreement on Gi2/4
.Mar 29 08:29:06 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:29:06 CDT: RSTP(16): transmitting a proposal on Gi2/6RSTP(16):
.Mar 29 08:29:06 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8046 A:300 T:14.2.F
.Mar 29 08:29:06 CDT: RSTP(16): received an agreement on Gi2/6
.Mar 29 08:29:06 CDT: RSTP(16): Gi2/6 rcvd info expired
.Mar 29 08:33:23 CDT: RSTP(16): Te1/1 rcvd info expired
.Mar 29 08:33:23 CDT: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port TenG
igabitEthernet1/1 on VLAN0016.
.Mar 29 08:33:23 CDT: RSTP(16): updt roles, information on root port Te1/1 expir
ed
.Mar 29 08:33:23 CDT: RSTP(16): we become the root bridge
.Mar 29 08:33:23 CDT: RSTP(16): updt roles, received superior bpdu on Gi2/5
.Mar 29 08:33:23 CDT: RSTP(16): Gi2/5
.Mar 29 08:33:23 CDT: F:FLD R:A010.4c00.82ff.f800 C:0 B:A010.4c00.82ff.f800 P:80
41 A:0 T:14.2.F
.Mar 29 08:33:23 CDT: RSTP(16): Gi2/5 is now root port
.Mar 29 08:33:23 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:33:25 CDT: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port
TenGigabitEthernet1/1 on VLAN0016.
.Mar 29 08:33:25 CDT: RSTP(16): initializing port Te1/1
.Mar 29 08:33:25 CDT: RSTP(16): Te1/1 is now designated
.Mar 29 08:33:25 CDT: RSTP(16): updt roles, received superior bpdu on Te1/1
.Mar 29 08:33:25 CDT: RSTP(16): Te1/1
.Mar 29 08:33:25 CDT: F:FLD R:8000.000f.3574.2810 C:17 B:A010.4c00.82f1.a600 P:8
101 A:200 T:14.2.F
.Mar 29 08:33:25 CDT: RSTP(16): Te1/1 is now root port
.Mar 29 08:33:25 CDT: RSTP(16): Gi2/5 blocked by re-root
.Mar 29 08:33:25 CDT: RSTP(16): syncing port Gi2/2
.Mar 29 08:33:25 CDT: RSTP(16): syncing port Gi2/3
.Mar 29 08:33:25 CDT: RSTP(16): syncing port Gi2/4
.Mar 29 08:33:25 CDT: RSTP(16): syncing port Gi2/6
.Mar 29 08:33:25 CDT: RSTP(16): Gi2/5 is now designated
.Mar 29 08:33:25 CDT: STP[16]: Generating TC trap for port TenGigabitEthernet1/1
.Mar 29 08:33:25 CDT: RSTP(16): transmitting a proposal on Gi2/2RSTP(16):
.Mar 29 08:33:25 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8042 A:300 T:14.2.F
.Mar 29 08:33:25 CDT: RSTP(16): transmitting a proposal on Gi2/3RSTP(16):
.Mar 29 08:33:25 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8043 A:300 T:14.2.F
.Mar 29 08:33:25 CDT: RSTP(16): transmitting a proposal on Gi2/4RSTP(16):
.Mar 29 08:33:25 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8044 A:300 T:14.2.F
.Mar 29 08:33:25 CDT: RSTP(16): transmitting a proposal on Gi2/5RSTP(16):
.Mar 29 08:33:25 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8045 A:300 T:14.2.F
.Mar 29 08:33:25 CDT: RSTP(16): transmitting a proposal on Gi2/6RSTP(16):
.Mar 29 08:33:25 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8046 A:300 T:14.2.F
.Mar 29 08:33:25 CDT: RSTP(16): received an agreement on Gi2/6
.Mar 29 08:33:25 CDT: RSTP(16): received an agreement on Gi2/3
.Mar 29 08:33:25 CDT: RSTP(16): received an agreement on Gi2/5
.Mar 29 08:33:25 CDT: RSTP(16): received an agreement on Gi2/2
.Mar 29 08:33:25 CDT: RSTP(16): received an agreement on Gi2/4
.Mar 29 08:33:25 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:33:40 CDT: %SYS-5-CONFIG_I: Configured from console by mwallace on vt
y0 (10.1.4.3)
.Mar 29 08:34:07 CDT: RSTP(16): Te1/1 rcvd info expired
.Mar 29 08:34:07 CDT: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port TenG
igabitEthernet1/1 on VLAN0016.
.Mar 29 08:34:07 CDT: RSTP(16): updt roles, information on root port Te1/1 expir
ed
.Mar 29 08:34:07 CDT: RSTP(16): we become the root bridge
.Mar 29 08:34:07 CDT: RSTP(16): updt roles, received superior bpdu on Gi2/5
.Mar 29 08:34:07 CDT: RSTP(16): Gi2/5
.Mar 29 08:34:07 CDT: F:FLD R:A010.4c00.82ff.f800 C:0 B:A010.4c00.82ff.f800 P:80
41 A:0 T:14.2.F
.Mar 29 08:34:07 CDT: RSTP(16): Gi2/5 is now root port
.Mar 29 08:34:07 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:34:09 CDT: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port
TenGigabitEthernet1/1 on VLAN0016.
.Mar 29 08:34:09 CDT: RSTP(16): initializing port Te1/1
.Mar 29 08:34:09 CDT: RSTP(16): Te1/1 is now designated
.Mar 29 08:34:09 CDT: RSTP(16): updt roles, received superior bpdu on Te1/1
.Mar 29 08:34:09 CDT: RSTP(16): Te1/1
.Mar 29 08:34:09 CDT: F:FLD R:8000.000f.3574.2810 C:17 B:A010.4c00.82f1.a600 P:8
101 A:200 T:14.2.F
.Mar 29 08:34:09 CDT: RSTP(16): Te1/1 is now root port
.Mar 29 08:34:09 CDT: RSTP(16): Gi2/5 blocked by re-root
.Mar 29 08:34:09 CDT: RSTP(16): syncing port Gi2/2
.Mar 29 08:34:09 CDT: RSTP(16): syncing port Gi2/3
.Mar 29 08:34:09 CDT: RSTP(16): syncing port Gi2/4
.Mar 29 08:34:09 CDT: RSTP(16): syncing port Gi2/6
.Mar 29 08:34:09 CDT: RSTP(16): Gi2/5 is now designated
.Mar 29 08:34:09 CDT: STP[16]: Generating TC trap for port TenGigabitEthernet1/1
.Mar 29 08:34:09 CDT: RSTP(16): transmitting a proposal on Gi2/2RSTP(16):
.Mar 29 08:34:09 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8042 A:300 T:14.2.F
.Mar 29 08:34:09 CDT: RSTP(16): transmitting a proposal on Gi2/3RSTP(16):
.Mar 29 08:34:09 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8043 A:300 T:14.2.F
.Mar 29 08:34:09 CDT: RSTP(16): transmitting a proposal on Gi2/4RSTP(16):
.Mar 29 08:34:09 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8044 A:300 T:14.2.F
.Mar 29 08:34:09 CDT: RSTP(16): transmitting a proposal on Gi2/5RSTP(16):
.Mar 29 08:34:09 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8045 A:300 T:14.2.F
.Mar 29 08:34:09 CDT: RSTP(16): transmitting a proposal on Gi2/6RSTP(16):
.Mar 29 08:34:09 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8046 A:300 T:14.2.F
.Mar 29 08:34:09 CDT: RSTP(16): received an agreement on Gi2/4
.Mar 29 08:34:09 CDT: RSTP(16): received an agreement on Gi2/5
.Mar 29 08:34:09 CDT: RSTP(16): received an agreement on Gi2/6
.Mar 29 08:34:09 CDT: RSTP(16): received an agreement on Gi2/3
.Mar 29 08:34:09 CDT: RSTP(16): received an agreement on Gi2/2
.Mar 29 08:34:09 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:35:48 CDT: RSTP(16): Te1/1 rcvd info expired
.Mar 29 08:35:48 CDT: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port TenG
igabitEthernet1/1 on VLAN0016.
.Mar 29 08:35:48 CDT: RSTP(16): updt roles, information on root port Te1/1 expir
ed
.Mar 29 08:35:48 CDT: RSTP(16): we become the root bridge
.Mar 29 08:35:48 CDT: RSTP(16): updt roles, received superior bpdu on Gi2/5
.Mar 29 08:35:48 CDT: RSTP(16): Gi2/5
.Mar 29 08:35:48 CDT: F:FLD R:A010.4c00.82ff.f800 C:0 B:A010.4c00.82ff.f800 P:80
41 A:0 T:14.2.F
.Mar 29 08:35:48 CDT: RSTP(16): Gi2/5 is now root port
.Mar 29 08:35:48 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:35:50 CDT: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port
TenGigabitEthernet1/1 on VLAN0016.
.Mar 29 08:35:50 CDT: RSTP(16): initializing port Te1/1
.Mar 29 08:35:50 CDT: RSTP(16): Te1/1 is now designated
.Mar 29 08:35:50 CDT: RSTP(16): updt roles, received superior bpdu on Te1/1
.Mar 29 08:35:50 CDT: RSTP(16): Te1/1
.Mar 29 08:35:50 CDT: F:FLD R:8000.000f.3574.2810 C:17 B:A010.4c00.82f1.a600 P:8
101 A:200 T:14.2.F
.Mar 29 08:35:50 CDT: RSTP(16): Te1/1 is now root port
.Mar 29 08:35:50 CDT: RSTP(16): Gi2/5 blocked by re-root
.Mar 29 08:35:50 CDT: RSTP(16): syncing port Gi2/2
.Mar 29 08:35:50 CDT: RSTP(16): syncing port Gi2/3
.Mar 29 08:35:50 CDT: RSTP(16): syncing port Gi2/4
.Mar 29 08:35:50 CDT: RSTP(16): syncing port Gi2/6
.Mar 29 08:35:50 CDT: RSTP(16): Gi2/5 is now designated
.Mar 29 08:35:50 CDT: STP[16]: Generating TC trap for port TenGigabitEthernet1/1
.Mar 29 08:35:50 CDT: RSTP(16): transmitting a proposal on Gi2/2RSTP(16):
.Mar 29 08:35:50 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8042 A:300 T:14.2.F
.Mar 29 08:35:50 CDT: RSTP(16): transmitting a proposal on Gi2/3RSTP(16):
.Mar 29 08:35:50 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8043 A:300 T:14.2.F
.Mar 29 08:35:50 CDT: RSTP(16): transmitting a proposal on Gi2/4RSTP(16):
.Mar 29 08:35:50 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8044 A:300 T:14.2.F
.Mar 29 08:35:50 CDT: RSTP(16): transmitting a proposal on Gi2/5RSTP(16):
.Mar 29 08:35:50 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8045 A:300 T:14.2.F
.Mar 29 08:35:50 CDT: RSTP(16): transmitting a proposal on Gi2/6RSTP(16):
.Mar 29 08:35:50 CDT: F:DPTc R:8000.000f.3574.2810 C:1B B:A010.bc16.6542.1800 P:
8046 A:300 T:14.2.F
.Mar 29 08:35:50 CDT: RSTP(16): received an agreement on Gi2/4
.Mar 29 08:35:50 CDT: RSTP(16): received an agreement on Gi2/5
.Mar 29 08:35:50 CDT: RSTP(16): received an agreement on Gi2/6
.Mar 29 08:35:50 CDT: RSTP(16): received an agreement on Gi2/3
.Mar 29 08:35:50 CDT: RSTP(16): received an agreement on Gi2/2
.Mar 29 08:35:50 CDT: STP[16]: Generating TC trap for port GigabitEthernet2/5
.Mar 29 08:36:36 CDT: %SYS-5-CONFIG_I: Con

Peter Paluch · ‎03-29-2015

Hi,

I believe you need to discuss this with your ISP. What we can see here is that after the Te1/1 is elected a root port, at some point it ceases receiving BPDUs. The Loop Guard will kick into action and put the port into Loop-Inconsistent state, but a couple of seconds after, the BPDUs start arriving again so all is good for a moment, and then the situation repeats.

From the debugs, the Te1/1 on your remote switch receives BPDUs where the Root ID is identified as having the MAC address of 000f.3574.2810 and a priority of 32768. However, the immediate neighbor who forwards these BPDUs to you has the MAC address of 4c00.82f1.a600 and a priority of 40960. Do you recognize these two switches by their MAC addresses? Are they yours?

Can you verify with your ISP that he is tunneling the BPDUs across the circuit without processing them?

Best regards,
Peter

mramirez · ‎03-29-2015

Hi Peter,

I think I verified that both mac address that you listed are both mine, remote site and data center side.

I can ask my ISP but wasn't sure if it was a misconfiguration on my end. Let me know if you have any suggestions.

Remote#sh spanning-tree vlan 16

VLAN0016
Spanning tree enabled protocol rstp
Root ID Priority 32768
Address 000f.3574.2810
Cost 27
Port 1 (TenGigabitEthernet1/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 40976 (priority 40960 sys-id-ext 16)
Address bc16.6542.1800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- -----------------------------
Te1/1 Root FWD 4 128.1 P2p
Gi2/2 Desg FWD 4 128.130 P2p
Gi2/3 Desg FWD 4 128.131 P2p
Gi2/4 Desg FWD 4 128.132 P2p
Gi2/5 Desg FWD 4 128.133 P2p
Gi2/6 Desg FWD 4 128.134 P2p

DataCenter#sh int tenGigabitEthernet 5/1
TenGigabitEthernet5/1 is up, line protocol is up (connected)
Hardware is Ten Gigabit Ethernet Port, address is 4c00.82f1.a600 (bia 4c00.
1.a600)
Description: Link to ATT ASE Circuit
MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 10Gb/s, link type is force-up, media type is 10GBase-LR
input flow-control is on, output flow-control is on
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:13, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 939000 bits/sec, 815 packets/sec
5 minute output rate 2175000 bits/sec, 814 packets/sec
92506773 packets input, 17926226882 bytes, 0 no buffer
Received 288851 broadcasts (286936 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
95354889 packets output, 43239726436 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

DataCenter#sh spanning-tree vlan 16

VLAN0016
Spanning tree enabled protocol rstp
Root ID Priority 32768
Address 000f.3574.2810
Cost 23
Port 1 (GigabitEthernet1/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 40976 (priority 40960 sys-id-ext 16)
Address 4c00.82f1.a600
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- -------------------------------
Gi1/1 Root FWD 4 128.1 P2p
Gi1/2 Desg FWD 4 128.2 P2p
Te5/1 Desg FWD 2 128.513 P2p

mramirez · ‎03-29-2015

Hi Peter,

I forgot to mention but both switches can see each other if I do a show cdp neigh. Before with the old circuit, they were not able to see each other.

Remote#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID

DataCenter Ten 1/1 162 R S I WS-C4510R Ten 5/1

DataCenter#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID

Remote Ten 5/1 140 R S I WS-C4506- Ten 1/1

mramirez · ‎03-29-2015

I had not noticed this but on the Datacenter side, I see all my remote sites going up and down in the log. I am sure it's due to the %SPANTREE-2-LOOPGUARD_BLOCK and UNBLOCK.

Mar 29 12:30:53 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.6 (Vl
an16) is down: holding time expired
Mar 29 12:30:54 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.11 (V
lan16) is down: holding time expired
Mar 29 12:30:54 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.8 (Vl
an16) is down: holding time expired
Mar 29 12:30:54 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.3 (Vl
an16) is down: holding time expired
Mar 29 12:30:54 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.5 (Vl
an16) is down: holding time expired
Mar 29 12:30:55 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.10 (V
lan16) is down: holding time expired
Mar 29 12:30:55 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.4 (Vl
an16) is down: holding time expired
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.5 (Vl
an16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.10 (V
lan16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.3 (Vl
an16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.8 (Vl
an16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.11 (V
lan16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.2 (Vl
an16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.6 (Vl
an16) is up: new adjacency
Mar 29 12:31:00 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.4 (Vl
an16) is up: new adjacency
Mar 29 13:46:05 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.8 (Vl
an16) is down: holding time expired
Mar 29 13:46:05 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.6 (Vl
an16) is down: holding time expired
Mar 29 13:46:10 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.8 (Vl
an16) is up: new adjacency
Mar 29 13:46:10 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.6 (Vl
an16) is up: new adjacency
Mar 29 16:25:17 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.2 (Vl
an16) is down: holding time expired
Mar 29 16:25:18 CDT: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.254.254.8 (Vl
an16) is down: holding time expired

mramirez · ‎03-29-2015

Hi Peter,

I think I have narrow down the issues. I think what is happening is that the remote site changes itself from a root bridge and then elects VLAN 16 which is the Data Center Switch. How do I go about stopping the election on VLAN 16? Not sure if I'm in the right direction?

Remote# sh spanning-tree root port

VLAN0001 This bridge is root

VLAN0016 TenGigabitEthernet1/1

VLAN0040 This bridge is root

VLAN0041 This bridge is root

VLAN0042 This bridge is root

VLAN0043 This bridge is root

VLAN0044 This bridge is root

VLAN0045 This bridge is root

VLAN0046 This bridge is root

VLAN0048 This bridge is root

Peter Paluch · ‎03-30-2015

Hi,

I do not think this is the root cause of the problem. You cannot stop root bridge elections in STP - it is one of inseparable steps in STP operation. However, once a root bridge is elected, it should remain stable. There is no reasonable explanation for two switches to continue passing on the root bridge role. One of the switches has to have the smallest Bridge ID and that one will become and remain the root switch as long as its Bridge ID remains the smallest available.

Just wondering - did these problems come in after activating the Loop Guard feature? Or did you have the Loop Guard there before, and the problems started only after changing the Service Provider?

Best regards,
Peter

mramirez · ‎03-30-2015

Hi Peter,

The problem came in after changing the Service provider circuit. The only way for me to stop the errors is by adding the following commands below. Not sure if this was the correct way to do it but now the data center is the root bridge for vlan 16 for all the remote sites. At the remote sites, the root bridge for vlan 16 is the data center, all other vlans is the local switch.

router eigrp 10

passive-interface default

no passive-interface Vlan16

no passive-interface TenGigabitEthernet1/1

no spanning-tree loopguard default

no spanning-tree portfast bpduguard default

no spanning-tree uplinkfast

no spanning-tree backbonefast

mramirez · ‎03-30-2015

Here is an example just to be clear. Thanks again for your help!

Remote#sh spanning-tree root port
VLAN0001         This bridge is root
VLAN0016         TenGigabitEthernet1/1   (Link for Data Center)
VLAN0021         This bridge is root
VLAN0061         This bridge is root
VLAN0062         This bridge is root
VLAN0063         This bridge is root
VLAN0064         This bridge is root
VLAN0065         This bridge is root
VLAN0066         This bridge is root
VLAN0067         This bridge is root
VLAN0068         This bridge is root
VLAN0620         This bridge is root
VLAN0632         This bridge is root

DataCenter#sh spanning-tree root port
VLAN0001         This bridge is root
VLAN0002         This bridge is root
VLAN0003         This bridge is root
VLAN0004         This bridge is root
VLAN0005         This bridge is root
VLAN0006         This bridge is root
VLAN0007         This bridge is root
VLAN0008         This bridge is root
VLAN0009         This bridge is root
VLAN0010         This bridge is root
VLAN0011         This bridge is root
VLAN0012         This bridge is root
VLAN0014         This bridge is root
VLAN0016         This bridge is root
VLAN0019         This bridge is root

mramirez · ‎03-30-2015

I guess now what I am trying to do is for every site to be its own root bridge even on vlan 16 if that is correct way of doing so.

Peter Paluch · ‎03-30-2015

Hi,

Just wondering - is it possible you have something similar configured on any of your switches?

spanning-tree portfast default
spanning-tree portfast bpdufilter default

Best regards,
Peter

Peter Paluch · ‎04-12-2015

Hi,

I apologize for dropping out from this thread over the past few weeks - they've been busy.

Have you been able to rectify this issue? Did you find any solution on this? If yes, can you perhaps share it with us?

Best regards,
Peter