Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1499
Views
10
Helpful
4
Replies

Can a switch that has MSTP enabled, have multiple root ports with a different root port for each MST instance?

eveares
Level 1
Level 1

‎05-02-2021 10:38 PM

As per the title, can a physical switch or other MSTP compatible device that has MSTP enabled, have multiple root ports at the same time with a different root port for each MST instance? 

 

Regards: Elliott.

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎05-03-2021 12:10 AM

yes, that is correct, you can find more information here : ( per VLAN 1 root port and you can have alternative root port) 

 

https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24248-147.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

eveares
Level 1
Level 1
In response to balaji.bandi

‎05-03-2021 12:56 PM

Thanks, I am having issues with MSTP and RSTP integration on some switches. Please note, I am referring to  the standard MSTP specifically and nor PVSTP or any Cisco specific proprietary protocols.

Our core switch and the majority of our local network runs RSTP. We also have two small 3rd party firewalls that are spanning tree capable, currently set to and running in MSTP mode.  Reason for this is there are two "WAN side" vlans that exist between these two firewalls that does not and will not exist anywhere else on our network; i.e. these WAN VLANs on the firewalls are not to be included on our core switch.

 

On both firewalls, I have given the two WAN VLANs and the default unused VLAN 1 a MST instance of 2, whilst I have left the VLANs that connect back to our core switch of the MST instance list so that they are controlled by the CIST rather than the MSTP. My understanding is CIST can talk to RSTP devices like our core switch, where as MSTP can not.

The issue is I have on the firewalls, Is I can't get both interfaces (Being the interface to our core SW and the interface housing the WAN vlans to the other FW) to be in the forwarding state at the same time. On at least one firewall, one interface ends up in the blocking state and comes up as an alternate port. If I apply root guard on the FW to the interface that is in the blocking state, I can get it working but then I get a root-inconsistent error on the firewall that has root guard applied.

What am I doing wrong?  Basically I need each FW to:

1) Have a root port to the core switch

2) One firewall (say FW2) to also at the same time have a root port to the other FW (say FW1) that will in it's self have it's port in a designated state back to the other FW (FW2). 

 

Regards: Elliott.

0 Helpful

paul driver
VIP
VIP

‎05-03-2021 04:25 AM

Hello

MSTP is designed for spanning-tree to run on each instance and not on each vlan as such if two switches was running in mst mode and they had multiple vlans assigned between 2 mst instances and either switch was the stp root for there respective instance and secondary root for each others then each switch would have a root port for each others primary mst.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎05-03-2021 07:54 AM

As already noted by both Balaji and Paul, the answer is yes.

The key to understanding is there's one root per STP topology.  With typical STP, there's only one STP topology regardless of number of VLANs so you're unable to take advantage of using different paths that provide redundancy, except for taking over for a failed link.

With Cisco's per-VLAN STP, you have one STP topology per VLAN.  The disadvantage of this approach, each VLAN's STP processing adds load to the devices supporting it, and even with redundant paths, we seldom really "need' every VLAN to have its own STP topology.

MST, allows to you to define multiple STP instances and decide what goes into them.  Again, each MST region will have its own topology and root.  MST decreases the load of STP processing when many STP instances are not needed yet allows you to have more than one STP topology.

Incidentally, I would consider MST the "best" STP implementation, but often it seems it's not much used, perhaps because it takes a bit more configuration effort and with L2 link bundles, e.g. LACP, and L3 switches so much more common, complex STP setups often are unnecessary.  For example, is your question of concern for building a "real" production network?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card