Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2488
Views
0
Helpful
4
Replies

BPDU problems on a VRRP setup

boutin.jerome
Level 1
Level 1

‎07-24-2011 09:01 AM - edited ‎03-07-2019 01:22 AM

Hi guys,

I have had time to figure what is wrong on me setup. I receive an Internet feed via two gigabit interfaces. The provide offer me a dual home setup where the managed the routing (BGP4). Their way to provide an unique path is via VRRP. Me provide is using Extreme X450s switches at his end and on our side we are using Cisco Catalyst 4948.

Here is me port configuration:

sw1:

spanning-tree mode pvst

spanning-tree portfast default

spanning-tree portfast bpduguard default

spanning-tree extend system-id

no spanning-tree vlan 101

spanning-tree vlan 102,107 priority 16384

spanning-tree vlan 103 priority 8192

!

vlan internal allocation policy ascending

!

interface Port-channel22

description to-sw2

switchport trunk encapsulation dot1q

switchport trunk native vlan 155

switchport mode dynamic desirable

!

interface GigabitEthernet1/0/47

description to-sw2

switchport trunk encapsulation dot1q

switchport trunk native vlan 155

switchport mode dynamic desirable

channel-group 22 mode on

spanning-tree portfast disable

!

interface GigabitEthernet1/0/48

description to-sw2

switchport trunk encapsulation dot1q

switchport trunk native vlan 155

switchport mode dynamic desirable

channel-group 22 mode on

spanning-tree portfast disable

!

interface GigabitEthernet1/0/50

switchport access vlan 155

speed nonegotiate

no cdp enable

spanning-tree portfast disable

sw2:

spanning-tree mode pvst

spanning-tree portfast default

spanning-tree portfast bpduguard default

spanning-tree extend system-id

no spanning-tree vlan 101

spanning-tree vlan 102,107 priority 8192

spanning-tree vlan 103 priority 16384

!

vlan internal allocation policy ascending

!

interface Port-channel21

description to-sw1

switchport trunk encapsulation dot1q

switchport trunk native vlan 155

switchport mode dynamic desirable

!

interface GigabitEthernet1/0/47

description to-sw1

switchport trunk encapsulation dot1q

switchport trunk native vlan 155

switchport mode dynamic desirable

channel-group 21 mode on

spanning-tree portfast disable

!

interface GigabitEthernet1/0/48

description to-sw1

switchport trunk encapsulation dot1q

switchport trunk native vlan 155

switchport mode dynamic desirable

channel-group 21 mode on

spanning-tree portfast disable

!

interface GigabitEthernet1/0/50

description isp-link2

switchport access vlan 155

speed nonegotiate

no cdp enable

spanning-tree portfast disable

Me provider is saying that we don't send BPDU and that it is require for his setup to block a port. Do you have an idea how could I resolve this issue?

Here is the show spanning-tree detail for each interface:

SW1:

Port 50 (GigabitEthernet1/0/50) of VLAN0155 is forwarding

   Port path cost 4, Port priority 128, Port Identifier 128.50.

   Designated root has priority 4096, address 0004.9635.29b6

   Designated bridge has priority 32923, address 0022.5602.5800

   Designated port id is 128.50, designated path cost 20007

   Timers: message age 0, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   Link type is point-to-point by default

   BPDU: sent 31516, received 0

Port 656 (Port-channel22) of VLAN0155 is forwarding

   Port path cost 3, Port priority 128, Port Identifier 128.656.

   Designated root has priority 4096, address 0004.9635.29b6

   Designated bridge has priority 32923, address 0022.be9e.7400

   Designated port id is 128.648, designated path cost 20004

   Timers: message age 3, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   Link type is point-to-point by default

   BPDU: sent 3, received 31536

SW2:

Port 50 (GigabitEthernet1/0/50) of VLAN0155 is forwarding

   Port path cost 4, Port priority 128, Port Identifier 128.50.

   Designated root has priority 4096, address 0004.9635.29b6

   Designated bridge has priority 8192, address 0004.9635.29e8

   Designated port id is 128.47, designated path cost 20000

   Timers: message age 2, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   Link type is point-to-point by default

   BPDU: sent 3, received 31471

!

Port 648 (Port-channel21) of VLAN0155 is forwarding

   Port path cost 3, Port priority 128, Port Identifier 128.648.

   Designated root has priority 4096, address 0004.9635.29b6

   Designated bridge has priority 32923, address 0022.be9e.7400

   Designated port id is 128.648, designated path cost 20004

   Timers: message age 0, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   Link type is point-to-point by default

   BPDU: sent 31491, received 3

Jerome

Labels:
0 Helpful
4 Replies 4

andrew.prince
Level 10
Level 10

‎07-24-2011 09:21 AM

Cant see the link between a layer 2 loop avoidance and dynamic layer 3 failover.

Why do you think a blocking spanning tree port will fix your issue?

Sent from Cisco Technical Support iPad App

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to andrew.prince

‎07-24-2011 09:56 AM

Hello Jerome,

I agree with Andrew - the VRRP is probably not related to your issue with BPDUs.

I fail, however, to see the bigger picture. What are you actually trying to achieve? So far, we only understand that your ISP complains about some BPDUs missing from your side. However, what is to be achieved by that?

Furthemore, I am somewhat surprised by the information about the ports Gi1/0/50 on both switches.  Specifically, on SW1, it says:

Timers: message age 0, forward delay 0, hold 0

I do not see any reason why should a port sending BPDUs have all STP timers set to 0.

Furthermore, on SW2, the same port says:

BPDU: sent 3, received 31471

The output says that this port is forwarding - does it mean that the Gi1/0/50 on SW2 is the root port? In that case, it would be logical that it does not send any BPDUs - root ports send BPDUs only during topology changes.

Best regards,

Peter

0 Helpful

boutin.jerome
Level 1
Level 1
In response to Peter Paluch

‎08-12-2011 08:05 AM

Hello Peter,

We found the problem. As I was suspecting our provider has misconfigured their setup and our layer 2 root bridge was onto another customer edge switch. The provider was trying to explain me that it was because we are having a BGP configuration, how lame is that response. They finally admit they screwed up their config and now the problem is resolved.

Thanks for your inputs,

Jerome

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to boutin.jerome

‎08-12-2011 08:11 AM

Hello Jerome,

You're welcome - although I have not helped much in your case. Thank you very much for being so kind to keep me informed about this issue. Hopefully, it will be working flawlessly from now on

Aaaah, the almighty, ever-truthful, flawless ISPs...

Best regards,

Peter

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card