Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
83
Views
1
Helpful
2
Replies

9300 L2 switch forwarding out a STP blocked port.

Go to solution
Jim495
Level 1
Level 1

‎02-24-2025 08:28 AM

9300-switch#sh spanning-tree

 

VLAN0024

  Spanning tree enabled protocol ieee

  Root ID    Priority    12312

             Address     38ed.186d.7280

             Cost        4000

             Port        56 (TenGigabitEthernet1/1/4)

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec


  Bridge ID  Priority    24600  (priority 24576 sys-id-ext 24)

             Address     00b6.70fd.7300

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  300 sec


Interface           Role Sts Cost      Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Te1/1/3             Altn BLK 4000      128.55   P2p

Te1/1/4             Root FWD 2000      128.56   P2p

Te2/1/3             Altn BLK 3000      128.151  P2p Monitor Capture on this interface

Te2/1/4             Altn BLK 2500      128.152  P2p

Gi3/0/44            Desg FWD 20000     128.236  P2p

I have spanning-tree as showing Vlan 24 (172.24.24.x) forwarding out port T1/1/4 and blocked on all other ports, which is what I want. However, when I run a monitor capture on port T2/1/3, I see traffic from Vlan 24 (172.24.24.x) being forwarded out the blocked port. This appears to be Meraki broadcast traffic using UDP 61111. Is there a reason that spanning-tree is allowing/forwarding this traffic out the blocked port?

Monitor Capture:

    1   0.000000 172.24.6.107 -> 51.132.193.104 TCP 1494 [TCP segment of a reassembled PDU]

    2   0.000063 172.24.6.107 -> 51.132.193.104 TLSv1.2 235 Application Data

    3   0.004476 172.24.24.49 -> 255.255.255.255 UDP 112 61111 -> 61111 Len=66

    4   0.011867 172.24.24.54 -> 255.255.255.255 UDP 64 61111 -> 61111 Len=11

    5   0.013474 172.24.24.54 -> 255.255.255.255 UDP 64 61111 -> 61111 Len=11

    6   0.013501 172.24.24.54 -> 255.255.255.255 UDP 64 61111 -> 61111 Len=11

    7   0.015763 172.24.24.16 -> 255.255.255.255 UDP 64 61111 -> 61111 Len=11

    8   0.018268 172.24.24.37 -> 255.255.255.255 UDP 64 61111 -> 61111 Len=16

    9   0.056293 172.24.6.102 -> 52.123.129.14 TLSv1.2 318 Application Data

   10   0.065487 172.24.24.50 -> 255.255.255.255 UDP 112 61111 -> 61111 Len=66

snip--

Thanks Jim

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP

‎02-24-2025 09:24 AM

@Jim495 

 Do you see the traffic getting to the other side of the link? Maybe it is sent but will be dropped on the port. Theorically, it should not cross the link with block port. 

View solution in original post

0 Helpful

Go to solution
Jim495
Level 1
Level 1
In response to Flavio Miranda

‎02-24-2025 09:49 AM - edited ‎02-24-2025 09:50 AM

Excellent call Sir!!

I'm load balancing my different traffic flows across multiple low speed links. Just when I thought spanning-tree was failing me. Seems the STP filter (block) is after the traffic monitor view.

THANKS JIM

View solution in original post

2 Replies 2

Go to solution
Flavio Miranda
VIP
VIP

‎02-24-2025 09:24 AM

@Jim495 

 Do you see the traffic getting to the other side of the link? Maybe it is sent but will be dropped on the port. Theorically, it should not cross the link with block port. 

0 Helpful

Go to solution
Jim495
Level 1
Level 1
In response to Flavio Miranda

‎02-24-2025 09:49 AM - edited ‎02-24-2025 09:50 AM

Excellent call Sir!!

I'm load balancing my different traffic flows across multiple low speed links. Just when I thought spanning-tree was failing me. Seems the STP filter (block) is after the traffic monitor view.

THANKS JIM

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card