07-24-2019 06:28 AM
Hi, guys,
The ISP provides a internet line to my company. For the last mile WAN link, they provide two layer 2 lines connecting to our two separated C2960 switches; and these two C2960 switches are trunked together.
I found Layer 2 network loop if we trunk these two C2960 switches, any suggestion to configure the switches and switch ports connecting these two uplinks to avoid network loop and provides resilient uplink connections, thx a lot ?
07-24-2019 07:17 AM
07-24-2019 08:14 AM - edited 07-24-2019 08:19 AM
sw3#sh span summ
Switch is in pvst mode
Root bridge for: VLAN0001, VLAN0091-VLAN0094, VLAN0096-VLAN0099, VLAN0852
VLAN2888
EtherChannel misconfig guard is enabled
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 0 0 0 2 2
VLAN0091 0 0 0 3 3
VLAN0092 0 0 0 3 3
VLAN0093 0 0 0 3 3
VLAN0094 0 0 0 3 3
VLAN0096 0 0 0 3 3
VLAN0097 0 0 0 3 3
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0098 0 0 0 3 3
VLAN0099 0 0 0 3 3
VLAN0852 0 0 0 3 3
VLAN2888 0 0 0 2 2
---------------------- -------- --------- -------- ---------- ----------
11 vlans 0 0 0 31 31
sw3#
SPAN is enabled on both switches and all switch ports of both switches are "forwarding", any other suggestion, thx ?
07-24-2019 04:30 PM
07-24-2019 06:30 PM - edited 07-24-2019 06:35 PM
Hi, guys,
I think my case is the following:
ISP -----L2 Switch Line1 -------- C2960-1 ---- Our Layer 3 device
L2 Switch Line 2 -------- C2960-2 ---- Our Layer 3 device
Our side:
C2960-1 (vlan 10) --trunked---C2960-2 (vlan 10); 2 Layer-3 devices in Active-Active mode.
For our C2960 switches:
1. we enabled the cisco default pvst.
2. At this moment, all switch ports connected to ISP Layer 2 switches are in "forwarding" state, we have not yet configured the trunk, ( network loop occurred if we configured trunk for vlan 10, this is verified ).
ISP side:
We do not know what device their L2 switch is ?
We found the same MAC address captured from our switches ports.
How we configure our Layer 2 switches ( switch port and trunk ), so one switch port (connected to ISP ) is in "forwarding" state, another port is in "blocked" state for resilient links for ISP connection ?
so that the above
07-27-2019 09:40 AM
so that C2960-2 is a backup connection to ISP in case of broken link via C2960-1 to your L3.
Is Line 2 not connected to ISP ? was in the past but maybe no longer active?
if connect both C2960 switches using trunk link(s). STP is on - or should be on always- will block one link to prevent loops. Make switch 1 Root switch.
why u think "network loop occurred if we configured trunk for vlan 10, this is verified" Make sure STP runs on both switches.
07-28-2019 06:18 PM
Hi, Martin
Thx for your advice,
I shall further investigate the network, as this is simple SPT topology.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide