Solved: Re: Cisco switch on Rapid-PVST and Juniper on VSRT/RSTP Issue

bipinchandra · ‎05-27-2025

I have Cisco 9500/9300 and its connected to Juniper EX4400/QFX 5100 Series. Cisco is on Rapid-PVST and Juniper is on VSTP/RSTP. The Cisco and Juniper are on LACP. STP root bridge selection happen between Cisco and Juniper and configured Cisco to be root as its uplink for Juniper. But for the clients connected on Juniper, the root is showing as Juniper and Cisco is unable to learn the mac addresses of the clients connecting to Juniper switch. When we checked the mac address table in Juniper, it sees the clients connected but vlan name for all client is default which is vlan 1

root@QFX> show ethernet-switching table
Vlan MAC MAC Age GBP Logical NH MAC RTR
name address flags Tag interface Index property ID
DATA b4:0c:25:e0:40:10 D - ae12.0 0 0
PROD b4:0c:25:e0:40:10 D - ae12.0 0 0
SERVER b4:0c:25:e0:40:10 D - ae12.0 0 0
default 78:02:b1:f9:07:25 D - ae12.0 0 0
default 78:02:b1:f9:07:26 D - ae12.0 0 0
default 78:02:b1:f9:27:25 D - ae12.0 0 0
default 78:02:b1:f9:27:26 D - ae12.0 0 0
default b8:e9:24:9c:7a:a4 D - et-1/0/2.0 0 0
default b8:e9:24:9c:7a:a5 D - et-0/0/6.0 0 0
default b8:e9:24:9c:7b:04 D - et-0/0/0.0 0 0
default b8:e9:24:9c:7b:05 D - et-1/0/4.0 0 0
default b8:e9:24:9c:7d:30 D - et-1/0/0.0 0 0
default b8:e9:24:9c:7d:31 D - et-0/0/4.0 0 0
default b8:e9:24:9c:7d:34 D - et-0/0/2.0 0 0
default b8:e9:24:9c:7d:35 D - et-1/0/6.0 0 0
default c4:70:bd:a4:08:d0 D - et-0/0/5.0 0 0
default c4:70:bd:a4:08:d1 D - et-1/0/1.0 0 0
default c4:70:bd:a4:09:36 D - et-1/0/5.0 0 0
default c4:70:bd:a4:09:37 D - et-0/0/1.0 0 0
default c4:70:bd:a4:0a:ec D - et-1/0/7.0 0 0
default c4:70:bd:a4:0b:ac D - et-0/0/7.0 0 0
default c4:70:bd:a4:0b:ad D - et-1/0/3.0 0 0

It does work fine when both Cisco and Juniper are running MST. Has anyone work on this solution ??

Jens Albrecht · ‎05-28-2025

Hello @bipinchandra,

Cisco's implementations of PVST+ and Rapid-PVST+ are not according to RFC standards so that the common solution to operate such mixed vendor environments is to use MSTP. So no surprise that you already noticed that everything works fine if you use MSTP on both sides.

It is also possible to use Rapid-PVSTP between Cisco and Juniper devices but the configs need some adjustment on both sides.

Juniper's implementation of RSTP uses a single instance and is therefore not compatible with Cisco's per-vlan implementation.
So on the Juniper switch you must configure VSTP and configure all vlans as members on the trunk including vlan 1 and the native vlan (assuming you do not use vlan 1 as native).
Of course, the native vlan must match on both sides.

Cisco does also not use the IEEE standard path costs for Rapid-PVST+, while Juniper does.
This needs to be adjusted on the Cisco switch with the command "spanning-tree pathcost method long" to ensure consistent STP calculations.
Again, make sure that on the Cisco switch also all vlans are allowed including vlan 1 and the native vlan.

So you can use Rapid-PVST if you want to/need to or switch to MSTP which is the recommended solution.

HTH!

View solution in original post

marce1000 · ‎05-28-2025

- @bipinchandra >...It does work fine when both Cisco and Juniper are running MST
- You must indeed use a common spanning tree setting on all devices in the network,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

bipinchandra · ‎05-29-2025

Yes it does work fine when both vendors are running MST. I am chekcing on the RPVSTP(cisco) and VSTP (Juniper).

Jens Albrecht · ‎05-28-2025

Hello @bipinchandra,

Cisco's implementations of PVST+ and Rapid-PVST+ are not according to RFC standards so that the common solution to operate such mixed vendor environments is to use MSTP. So no surprise that you already noticed that everything works fine if you use MSTP on both sides.

It is also possible to use Rapid-PVSTP between Cisco and Juniper devices but the configs need some adjustment on both sides.

Juniper's implementation of RSTP uses a single instance and is therefore not compatible with Cisco's per-vlan implementation.
So on the Juniper switch you must configure VSTP and configure all vlans as members on the trunk including vlan 1 and the native vlan (assuming you do not use vlan 1 as native).
Of course, the native vlan must match on both sides.

Cisco does also not use the IEEE standard path costs for Rapid-PVST+, while Juniper does.
This needs to be adjusted on the Cisco switch with the command "spanning-tree pathcost method long" to ensure consistent STP calculations.
Again, make sure that on the Cisco switch also all vlans are allowed including vlan 1 and the native vlan.

So you can use Rapid-PVST if you want to/need to or switch to MSTP which is the recommended solution.

HTH!

bipinchandra · ‎05-29-2025

Hello @Jens Albrecht , I tried those option but it did not help. Juniper switch is not able to identify the correct vlan ids for the mac it is learning from its ports. It considers all mac learnt from default vlan. And thus Cisco is unable to learn any MAC from Juniper. If I add native vlan1 as one of vlan members in the trunk, I start seeing all mac from Juniper on vlan 1 which is wrong again.

Jens Albrecht · ‎05-29-2025

@bipinchandra wrote:

Juniper switch is not able to identify the correct vlan ids for the mac it is learning from its ports. It considers all mac learnt from default vlan.

Hello @bipinchandra,

this sounds like some basic VSTP issue on the Juniper switch and it's interesting that moving to MSTP solves this problem.

So you probably need to talk to some Juniper expert to get this VSTP issue resolved if needed. There is probably nothing else you can do on the Cisco side.

Regards, Jens

bipinchandra · ‎05-29-2025

Yes it does work fine when both vendors are running MST. I am checking on the RPVSTP(cisco) and VSTP (Juniper). And its not working. Anyone has any solution, help me with the correct script on Juniper and Cisco

Jens Albrecht · ‎05-29-2025

You could post your Juniper config here so that we can have a look.
Maybe we can help even though our expertise is on the Cisco side, of course.

paul driver · ‎05-29-2025

Hello

@bipinchandra wrote:

Cisco is on Rapid-PVST and Juniper is on VSTP/RSTP. The Cisco and Juniper are on LACP. STP root bridge selection happen between Cisco and Juniper and

Note- RSTP only runs a single instance of spanning-tree so its not vlan aware, unlike Cisco RPVST, hence why when you run MSTP/MST you have no issues, as the underlying stp is rpvst

Also the cisco switch(s) by default the STP path cost method is proprietary and not IEEE standard so it may not be inline with junos stp path cost method, You could try changing this on the ciscos

Spanning-tree pathcost method long

EDITED- Apologies @Jens Albrecht has already answered roughly stating the same as I have.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

bipinchandra · ‎05-29-2025

Below is the script I am using for connecting betwwen them and STP mode running on them

;;;;;;;;;;;;;;;;;;;;;;;;CISCO CONFIG::::::::::::::::::::::::::::::::::::::::::

Cisco-switch# sh run int po60
interface Port-channel60
description *** Port Channel Downlink to Juniper ***
switchport trunk allowed vlan 141,642,643
switchport mode trunk
spanning-tree guard root
end

Cisco-switch# sh etherchannel 60 summary
------+-------------+-----------+-----------------------------------------------
60 Po60(SU) LACP Te1/0/37(P) Te1/0/38(P) Te2/0/37(P)
Te2/0/38(P)

cisco-switch#sh spanning-tree int po60

Vlan Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0141 Desg FWD 1 128.2340 P2p
VLAN0642 Desg FWD 1 128.2340 P2p
VLAN0643 Desg FWD 1 128.2340 P2p
cisco-switch#sh run | i spanning
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-4093 priority 24576

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;JUNIPER CONFIG;;;;;;;;;;;;;;;;;;;;;;

Juniper-Switch> show configuration | display set | match tor-uplinks
set groups tor-uplinks interfaces <*> native-vlan-id 1
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching interface-mode trunk
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members DEV
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members PROD
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members DATA_OS
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members default
set interfaces ae12 apply-groups tor-uplinks

Juniper-switch> show configuration | display set | match DEV
set groups dataos-mgmt interfaces <*> unit 0 family ethernet-switching vlan members DEV
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members DEV
set vlans DEV vlan-id 642

Juniper-switch> show configuration | display set | match PROD
set groups dataos-mgmt interfaces <*> unit 0 family ethernet-switching vlan members PROD
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members PROD
set vlans PROD vlan-id 643

Juniper-switch> show configuration | display set | match DATA_OS
set groups dataos-mgmt interfaces <*> unit 0 family ethernet-switching vlan members DATA_OS
set groups tor-uplinks interfaces <*> unit 0 family ethernet-switching vlan members DATA_OS
set vlans DATA_OS vlan-id 141

Juniper-switch> show configuration | display set | match ae12
set interfaces xe-0/0/46 ether-options 802.3ad ae12
set interfaces xe-0/0/47 ether-options 802.3ad ae12
set interfaces xe-1/0/46 ether-options 802.3ad ae12
set interfaces xe-1/0/47 ether-options 802.3ad ae12
set interfaces ae12 apply-groups tor-uplinks
set interfaces ae12 description "Uplinks to Cisco OT Core Switches"
set interfaces ae12 aggregated-ether-options lacp active

{master:0}
Juniper-switch> show lldp neighbors
Local Interface Parent Interface Chassis Id Port info System Name
xe-0/0/46 ae12 4c:71:0c:cb:ee:00 OrionNMS *** Downlink to Cisco
xe-1/0/46 ae12 4c:71:0c:cb:ee:00 OrionNMS *** Downlink to Cisco
xe-1/0/47 ae12 4c:71:0c:cb:ee:00 OrionNMS *** Downlink to Cisco
xe-0/0/47 ae12 4c:71:0c:cb:ee:00 OrionNMS *** Downlink to Cisco

Juniper-switch>show configuration | display set | match stp

set protocols rstp bridge-priority 60k
set protocols rstp interface all
set protocols rstp bpdu-block-on-edge
set protocols vstp vlan all bridge-priority 60k
set protocols vstp vlan all interface all