I have looked around on the internet for an answer to no avail.
I just need some clarification on the below - for the sake of this question I am managing the customer switches I am referring to below.
1. Lets say I have 2 switches, swA and swB - they are both configured with MST and in the same region (Region 1). I now connect a customer (SwitchX) switch to both swA & swB. I configure the customer switch to use MST and be part of my region also (Region 1). lets say he is only using vlans 10,20,30
- For this particular connection can I configure the trunk interfaces to the customer to only allow vlans 10,20,30 and map vlans 10,20,30 to MST instance 1 on all 3 switches? I believe this should work - The trunk between swA & swB is allowing all vlans.
2. Now lets say I have another customer who also connects his switch (SwitchY) to my switch (swA & swB) If I configure him in the same fashion as the first customer, part of MST Region 1. Lets say he is using vlans 100,110,120. Is it possible to only trunk vlans 100,110,120 across the uplinks to his switch and map the vlans to MST instance 2 on all 3 switches?
3. It is my understanding that for every instance within a MST region the vlans have to match on every interface, either by allowing all, or statically pruning each interface to the exact same vlan allow list for each MST instance? I can't find any hard evidence??
The connection between my switches (swA & swB) is a trunk allowing ALL vlans, however MST instance 1 has vlans 10,20,30 and instance 2 has 100,110,120 mapped. Is this accpetable?
AFAIK each instance within a MST region has to have the same vlans mapped across all ports, you should not prune vlans on specific ports or there will be inconsistencies in each MST instance.
Thanks in advance
Just to add to this -
MST-enabled switches only form an MST region if they have a matching VLAN-to-IST mapping, MST configuration name, and MST revision. If any of these three fails, the port will be flagged as a boundary port.
so to me it looks like the above is possible and should work as I presume. Although I would prefer someone to clarify this if they've had experience with this.
Edit - This leads me to one more question what if I have another switch connected to swA and swB where I add 1 vlan ONLY across the uplinks in MST instance 1. Is this an OK configuration and what is the consequences?
EDIT 2 - Actually to go one step further I believe from reading that as long as you the VLAN-to-Instance mapping matches within the region you can trunk what ever vlans you like across each link??
The VLANs allowed on a link does not have to map with the instance to VLAN mapping for the configuration to go through. However, as you noted if you prune VLANs manually you can end up blackholing traffic since MST acts by forwarding for each instance, it does not care which VLANs are created on the switch or are allowed on trunks. So it's dangerous to do manual pruning when running MST.
You need to allow the native VLAN on the trunk so that MST can send untagged BPDUs, by default this is VLAN1 and if you plan to connect to other STP domains such as regular RSTP it might be best to leave it at that.
Like you said you could put customers in different instances and create custom topologies that way but the customer must have the same instance to VLAN mapping or run multi region. Also be careful so that you don't blackhole traffic.
Did you ever try the configuration out?
Please rate helpful posts.
Yes it works as expected and as you have outlined. So long as the revision number, region name and instance to vlan mappings match across all devices MST works fine.
We have a topology like this
and we have 2 instances
instance 0 - vlan 1
Instance 1 - vlan 2 - 4094
Because switch C is a customer switch and we only use a single vlan for this customer we have only allowed that vlan across the 2 uplinks to A&B and it seems to working fine.
Glad to hear it. There should be no issues then.
One difficult thing with MST is when you need to add VLANs to an instance, for a brief moment you will have a multi region setup until all switches have the same mapping. For that reason it is better if possible to provision all VLANs in the instances you plan to use from the beginning but this might sometimes be difficult.
Please rate helpful posts.
I completely understand and agree, however in the company I am currently working for they are interconnecting with customers and using MSTP under the same region for each customer.
I don't think they understand by design MSTP and this is causing me issues.