Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2219
Views
0
Helpful
7
Replies

Cat3K core to Meraki MS250 access switch stacks - STP issues

supermop2000
Level 1
Level 1

‎03-02-2020 04:30 AM - edited ‎03-02-2020 04:32 AM

Hi all - I had to install some new Meraki MS250 access switches over the weekend. They replaced some really old Cat 2960's. We decided to stack the Meraki switches and trunk them to the core with copper trunks spread across the stack using LACP etherchannel.

 

However, it looks like STP is blocking the secondary links, meaning I'm only getting 2x trunk links to stay up. For info we have used 2x trunks in the top switch and 2x trunks in the bottom, to spread load and give us some hardware resilliency. Meraki stacks are a little different to how I'd expect a Cisco stack to behave, in that they are all still operating as individual switches, and virtually stacked (we are using the Meraki stack cables here).

 

Coupled with the fact that Meraki STP is just weird - it doesnt fully support PVST+ which we were using on the core, and I don't really understand how to configure MST on the older 3750 core switches properly. At present, the Meraki access switch is acting as STP root bridge for everything, which definitely isnt ideal.

 

My question is how should I be configuring STP in this scenario? I'm really struggling to find a definitive answer. It's a very simple layer 2 topology, consisting of a core switch stack, and the Meraki access layer switches trunked to the core. However STP is blocking the secondary trunks, which are all configured correctly for port aggregation, with identical port configs etc.

 

Core interface config:

interface GigabitEthernet1/0/1
 description UKCCD-C-ASW01
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
 channel-group 1 mode active
end
interface GigabitEthernet1/0/2
 description UKCCD-C-ASW01
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
 channel-group 1 mode active
end
interface GigabitEthernet2/0/1
 description UKCCD-C-ASW05
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
 channel-group 1 mode active
end
interface GigabitEthernet2/0/2
 description UKCCD-C-ASW05
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
 channel-group 1 mode active
end
interface Port-channel1
 description UKCCD-C-SWS01
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
end
interface Port-channel2
 description UKCCD-C-SWS02
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
end

Meraki port config on switch 1/stack1:

meraki1.jpg

 

Meraki port config on switch 5/stack1:

meraki2.jpg

 

At present, the core switch is running spanning-tree in MST mode - changed from PVST+ after reading around, but not sure this was the right move or not as I cant set a priority on this mode on the 3750's.

 

Any advice here would be appreciated!

0 Helpful
7 Replies 7

marce1000
VIP
VIP

‎03-02-2020 05:20 AM

 

 - For starters and as you already paritially indicated : use common understood STP protocol (version and methodology) 2) Use core as root  bridge for STP.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

supermop2000
Level 1
Level 1
In response to marce1000

‎03-02-2020 05:57 AM

@marce1000 wrote:

2) Use core as root  bridge for STP.

 M.

This is what I'm a little stuck on. For starters I cant seem to figure out how to set the STP priority for the Catalyst 3750 core, and I've never configured MST mode spanning tree before - only ever used PVST+. Is there a way to force the core to be the root bridge in MST mode?

 

From what I understand, Meraki can only run STP over VLAN1, which is another issue - as we have VLAN1 shutdown here, and don't use it. I can easily bring the VLAN up if needed, but hoping it doesnt come to that.

0 Helpful

marce1000
VIP
VIP
In response to supermop2000

‎03-02-2020 06:19 AM

 

 - I may dig some more, but it astonishes me that you shutdown vlan1, as usually it is a standard for carrying stp and other 'bridge managerial' stuff/protocols. I think it should not be shutdown on either platform(s).

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

supermop2000
Level 1
Level 1
In response to marce1000

‎03-02-2020 06:50 AM - edited ‎03-02-2020 06:50 AM

@marce1000 wrote:

 

it astonishes me that you shutdown vlan1, as usually it is a standard for carrying stp and other 'bridge managerial' stuff/protocols. I think it should not be shutdown on either platform(s).

 M.

Thanks for the replies. Astonish is somewhat of a strong reaction to this lol. Generally speaking, this is not the case for Cisco (or non-Meraki). We shutdown VLAN1 generally for LAN security purposes - we dont actually use this VLAN ID, so it has no reason to be active. Granted, the risk of a breach because VLAN1 is active but not in use is minimal, but it is/was standard practice.

 

As said, I have no issue bringing this up, and it looks like this may resolve my STP issues - Now just to find an outage window where I can configure it :)

0 Helpful

marce1000
VIP
VIP
In response to supermop2000

‎03-02-2020 06:54 AM

 

 - Yes, as the document indicates, this integration path will require the use of Vlan1 for STP setup(s).

   M,



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

marce1000
VIP
VIP
In response to supermop2000

‎03-02-2020 06:32 AM

 

 - Below is an integration guide for adding m-switches to a Cisco network : I provide some  highlights for starters

>... All interfaces are configured as TRUNK with Native VLAN 1

>....

>....

PVST/PVST+

This is a Cisco proprietary protocol on Catalyst/Nexus switches that is compatible with spanning tree (802.1D). It is important to note however that because PVST/PVST+ is a multi-VLAN spanning tree protocol, in order for the MS series switches to participate in spanning tree a spanning tree instance must be running on VLAN 1 of all switches and VLAN 1

 

           https://documentation.meraki.com/MS/Deployment_Guides/Advanced_MS_Setup_Guide

 

M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

paul driver
VIP
VIP

‎03-02-2020 10:54 AM

Hello 

Meraki's support 802.1w (rapid stp) and so do the 3750's, so all you would have needed to do would to go to the switch settings on the meraki and set the default bridge id to be a higher (less preferred) then the 3750 core.

 

As for the stacking it doesn't sound like you are actually stacking them so can you confirm how are you doing the stacking, via actual physical stack cabling or flexible stacking via designated ports you have chosen, if the later are they actual in stacked mode

 

Lastly regards STP  will see the PC as just one stp instance and not a instance for each physical link in that PC


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card