11-14-2017 05:11 AM - edited 03-08-2019 12:44 PM
Hi all,
we have a pair of Nexus 3172T forming a vPC. These are connected to our core switches (6509) via trunks, that for the time being allow only one vlan (137).
The 6509 are the root bridges for all vlans, including x, but when I run "show spanning-tree vlan 137" on the 3172T, they say that they are root bridge.
Config from 6509
spanning-tree vlan 137 priority 8192
Config on 3272T
I explicitly configured the priority for all vlans on the nexus to be 32768, but it does not show up on the running config.
Show spanning-tree vlan 137 states:
VLAN0137
Spanning tree enabled protocol rstp
Root ID Priority 32905
Address 0023.04ee.be0f
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32905 (priority 32768 sys-id-ext 137)
Address 0023.04ee.be0f
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Root FWD 250 128.4096 (vPC peer-link) Network P2p
Po10 Desg FWD 200 128.4105 (vPC) P2p
Po20 Desg FWD 200 128.4115 (vPC) P2p
Is this correct? Shouldn't the 6509 show up as root on the Nexus 3K?
Thank you in advance,
Katerina
11-14-2017 09:13 AM
Please post on 6500
6500# show interface trunk
6500# show spanning-tree vlan 137
6500# show spanning-tree interface x detail (to N3K)
also, can you share your topology like how VPC is formed? specifically,
N3K# show vpc
N3K# show vpc consistency-parameters interface port-channel 1
N3K# show vpc consistency-parameters interface port-channel 10
N3K# show vpc consistency-parameters interface port-channel 20
And more spanning tree info from N3K
N3K# show spanning-tree vlan 137
N3K# show spanning-tree internal event-history tree 137 brief
N3K# show spanning-tree internal info tree 137 interface port-channel 1
N3K# show spanning-tree internal info tree 137 interface port-channel 10
N3K# show spanning-tree internal info tree 137 interface port-channel 20
-Austin
11-16-2017 12:09 AM
Attached you will find the topology.
Regarding the bellow commands:
6500# show interface trunk
6500# show spanning-tree vlan 137
6500# show spanning-tree interface x detail (to N3K)
Po10 & Po20 as well as their physical interfaces do not include vlan 137.
sh spanning-tree int Po10 detail
Port 1667 (Port-channel10) of VLAN0001 is designated forwarding
Port path cost 3, Port priority 128, Port Identifier 128.1667.
Designated root has priority 8193, address 10bd.18e5.be40
Designated bridge has priority 8193, address 10bd.18e5.be40
Designated port id is 128.1667, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
Root guard is enabled on the port
BPDU: sent 110, received 0
sh spanning-tree int gi3/27 detail
Port 1667 (Port-channel10) of VLAN0001 is designated forwarding
Port path cost 3, Port priority 128, Port Identifier 128.1667.
Designated root has priority 8193, address 10bd.18e5.be40
Designated bridge has priority 8193, address 10bd.18e5.be40
Designated port id is 128.1667, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
Root guard is enabled on the port
BPDU: sent 114, received 0
sh spanning-tree int gi3/28 detail
Port 1667 (Port-channel10) of VLAN0001 is designated forwarding
Port path cost 3, Port priority 128, Port Identifier 128.1667.
Designated root has priority 8193, address 10bd.18e5.be40
Designated bridge has priority 8193, address 10bd.18e5.be40
Designated port id is 128.1667, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
Root guard is enabled on the port
BPDU: sent 120, received 0
On the Nexus side:
sh vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 15
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled, timer is off.(timeout = 240s)
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po1 up 1,137,146-149,400-402
vPC status
----------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
-- ---- ------ ----------- ------ ------------
10 Po10 up success success 137
20 Po20 up success success 137
sh vpc consistency-parameters interface po1
Note: **** Global type-1 parameters will be displayed for peer-link *****
Legend:
Type 1 : vPC will be suspended in case of mismatch
Name Type Local Value Peer Value
------------- ---- ---------------------- -----------------------
Vlan to Vn-segment Map 1 No Relevant Maps No Relevant Maps
STP Mode 1 Rapid-PVST Rapid-PVST
STP Disabled 1 None None
STP MST Region Name 1 "" ""
STP MST Region Revision 1 0 0
STP MST Region Instance to 1
VLAN Mapping
STP Loopguard 1 Disabled Disabled
STP Bridge Assurance 1 Enabled Enabled
STP Port Type, Edge 1 Edge, Enabled, Enabled Edge, Enabled, Enabled
BPDUFilter, Edge BPDUGuard
STP MST Simulate PVST 1 Enabled Enabled
Nve Admin State, Src Admin 1 None None
State, Secondary IP, Host
Reach Mode
Nve Vni Configuration 1 None None
VTP domain 2 MK-Oracle MK-Oracle
VTP version 2 1 1
VTP mode 2 Transparent Transparent
VTP password 2
VTP pruning status 2 Disabled Disabled
Allowed VLANs - 1,137,146-149,400-402 1,137,146-149,400-402
Local suspended VLANs - - -
sh vpc consistency-parameters interface po10
Legend:
Type 1 : vPC will be suspended in case of mismatch
Name Type Local Value Peer Value
------------- ---- ---------------------- -----------------------
STP Port Type 1 Default Default
STP Port Guard 1 Default Default
STP MST Simulate PVST 1 Default Default
lag-id 1 [(2000, [(2000,
0-23-4-ee-be-f, 800a, 0-23-4-ee-be-f, 800a,
0, 0), (8000, 0, 0), (8000,
10-bd-18-e5-be-40, a, 10-bd-18-e5-be-40, a,
0, 0)] 0, 0)]
mode 1 active active
delayed-lacp 1 disabled disabled
Speed 1 1000 Mb/s 1000 Mb/s
Duplex 1 full full
Port Mode 1 trunk trunk
Native Vlan 1 1 1
MTU 1 1500 1500
Dot1q Tunnel 1 no no
Switchport Isolated 1 0 0
vPC card type 1 N3K N3K
Allowed VLANs - 137 137
Local suspended VLANs - - -
sh vpc consistency-parameters interface po20
Legend:
Type 1 : vPC will be suspended in case of mismatch
Name Type Local Value Peer Value
------------- ---- ---------------------- -----------------------
STP Port Type 1 Default Default
STP Port Guard 1 Default Default
STP MST Simulate PVST 1 Default Default
lag-id 1 [(2000, [(2000,
0-23-4-ee-be-f, 8014, 0-23-4-ee-be-f, 8014,
0, 0), (8000, 0, 0), (8000,
10-bd-18-e5-a9-80, 14, 10-bd-18-e5-a9-80, 14,
0, 0)] 0, 0)]
mode 1 active active
delayed-lacp 1 disabled disabled
Speed 1 1000 Mb/s 1000 Mb/s
Duplex 1 full full
Port Mode 1 trunk trunk
Native Vlan 1 1 1
MTU 1 1500 1500
Dot1q Tunnel 1 no no
Switchport Isolated 1 0 0
vPC card type 1 N3K N3K
Allowed VLANs - 137 137
Local suspended VLANs - - -
sh spanning-tree vlan 137
VLAN0137
Spanning tree enabled protocol rstp
Root ID Priority 32905
Address 0023.04ee.be0f
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32905 (priority 32768 sys-id-ext 137)
Address 0023.04ee.be0f
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Desg FWD 250 128.4096 (vPC peer-link) Network P2p
Po10 Desg FWD 200 128.4105 (vPC) P2p
Po20 Desg FWD 200 128.4115 (vPC) P2p
Eth1/1 Desg FWD 20000 128.1 Edge P2p
sh spanning-tree internal event-history tree 137 brief
2017:11:13 13h:47m:04s:353209us T_EV_UP VLAN0137 [0000.0000.0000.0000 C 0 A 0 R none P none]
2017:11:13 13h:47m:05s:246460us T_UT_SBPDU VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P Po1]
2017:11:13 14h:00m:44s:758342us T_EV_DOWN VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
2017:11:13 14h:00m:52s:752971us T_EV_UP VLAN0137 [0000.0000.0000.0000 C 0 A 0 R none P none]
2017:11:13 14h:01m:22s:548678us T_EV_M_FLUSH_L VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
2017:11:13 14h:04m:51s:303021us T_EV_M_FLUSH_L VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
2017:11:13 14h:05m:23s:471289us T_EV_DOWN VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
2017:11:13 14h:05m:23s:564555us T_EV_UP VLAN0137 [0000.0000.0000.0000 C 0 A 0 R none P none]
2017:11:13 14h:16m:56s:049018us T_EV_M_FLUSH_L VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
2017:11:13 14h:32m:04s:549508us T_EV_M_FLUSH_L VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
2017:11:13 14h:34m:09s:549302us T_EV_M_FLUSH_L VLAN0137 [8089.0023.04ee.be0f C 0 A 0 R none P none]
sh spanning-tree internal info tree 137 interface po 1
------- STP Port Info (vdc 1, tree 137, port Po1) ---------
dot1d info: port_num=4096, ifi=0x16000000 (port-channel1)
ISSU FALSE non-disr, prop 0, ag 0, flush 0 peer_not_disputed_count 0
stp 0x118e206c
if_index 0x16000000
namestring port-channel1
port_mac_addr a023.9f70.3cd8
bandwidth 0x4c4b400
vlan 1
native_vlan 1
duplex STP_PORT_DUPLEX_FULL
vlan_mode STP_VLAN_MODE_TRUNK
lc_number 0
is_portchannel 1
proposed 0
agree 0
new_info 0
tx_count 0
message_age 0
mdelay_active 1
dispute 0
dispute count 0
mdelay_while 0.000000
peer STP_PEER_RSTP
tc_needed 0
flush_needed 1
tc_acknowledge 0
self_looped 0
path_cost_explicit 0
hwstate FWD
state FWD
role Desg
hold_timer 0x118fd654
fd_while 0x118e429c
rr_while 0x118e2834
rcvd_info_while 0x1192d1dc
tc_while never
loopback_timer 0x118fd61c
loopback_bpdu 0
rb_while 0
cq_node_count 0
designated_root 8089.0023.04ee.be0f
designated_cost 0
designated_bridge 0000.a023.9f70.3cfc
designated_port 36864
port_id 36864
design_times
{msg_age 0 max_age 0 fwd_delay 0 hello_time 0 remaining_hops 0
priority 128
path_cost 250
ba_timer 00:01:23
portfast 4
bpduguard 0
bpdufilter 0
portguard 0
linktype 3
lc-issu type default
oper_portfast 0
oper_networkport 1
oper_p2p 1
oper_bpdufilter 0
oper_bpduguard 0
oper_loopguard 0
int_bpdufilter 0
inhibit_loopguard 0
port_idle 0
inconsistency 0x0
ha_force_create 0
ha_sync 0
ha_sync_pss 0
state_change_pending 0
MCS Flags 0x120
MCT ID 1
stats
fwd_transition_count 1 bpdus_in 309 bpdus_out 309
config_bpdu_in 0 rstp_bpdu_in 309 tcn_bpdu_in 0
config_bpdu_out 0 rstp_bpdu_out 309 tcn_bpdu_out 0
bpdufilter_drop_in 0
bpduguard_drop_in 0
err_dropped_in 0
sw_flood_in 0
vft 0x102ae4c0
un 0x1192ae5c
------- Port HA info ---------------
hwstate=forwarding(4) state=forwarding(4) Role=designated(3)
Inconsistencies=0
oper_portfast =FALSE oper_p2p =TRUE
oper_loopguard =FALSE oper_bpdufilter=FALSE
oper_bpduguard =FALSE oper_networkport=TRUE
Designated_port:36864 Designated_cost:0
DesignatedBridge:0:0000.0000.0000 DesignatedRoot=0:0000.0000.0000
Peer Info=0x2
sh spanning-tree internal info tree 137 interface po 10
------- STP Port Info (vdc 1, tree 137, port Po10) ---------
dot1d info: port_num=4105, ifi=0x16000009 (port-channel10)
ISSU FALSE non-disr, prop 0, ag 0, flush 0 peer_not_disputed_count 0
stp 0x118e206c
if_index 0x16000009
namestring port-channel10
port_mac_addr a023.9f70.3ce8
bandwidth 0x5f5e100
vlan 1
native_vlan 1
duplex STP_PORT_DUPLEX_FULL
vlan_mode STP_VLAN_MODE_TRUNK
lc_number 0
is_portchannel 1
proposed 0
agree 0
new_info 0
tx_count 1
message_age 0
mdelay_active 1
dispute 0
dispute count 0
mdelay_while 0.000000
peer STP_PEER_RSTP
tc_needed 0
flush_needed 1
tc_acknowledge 0
self_looped 0
path_cost_explicit 0
hwstate FWD
state FWD
role Desg
hold_timer 0x118e25cc
fd_while 0x118e55f4
rr_while 0x118e562c
rcvd_info_while 0x118e1dc4
tc_while never
loopback_timer 0x118e2594
loopback_bpdu 0
rb_while 0
cq_node_count 0
designated_root 8089.0023.04ee.be0f
designated_cost 0
designated_bridge 8089.a023.9f70.3cfc
designated_port 36873
port_id 36873
design_times
{msg_age 0 max_age 0 fwd_delay 0 hello_time 0 remaining_hops 0
priority 128
path_cost 200
ba_timer never
portfast 0
bpduguard 0
bpdufilter 0
portguard 0
linktype 3
lc-issu type default
oper_portfast 0
oper_networkport 0
oper_p2p 1
oper_bpdufilter 0
oper_bpduguard 0
oper_loopguard 0
int_bpdufilter 0
inhibit_loopguard 0
port_idle 0
inconsistency 0x0
ha_force_create 0
ha_sync 0
ha_sync_pss 0
state_change_pending 0
MCS Flags 0x0
MCEC ID 10
stats
fwd_transition_count 0 bpdus_in 0 bpdus_out 287
config_bpdu_in 0 rstp_bpdu_in 0 tcn_bpdu_in 0
config_bpdu_out 0 rstp_bpdu_out 287 tcn_bpdu_out 0
bpdufilter_drop_in 0
bpduguard_drop_in 0
err_dropped_in 0
sw_flood_in 0
vft 0x102ae4c0
un 0x118e1c0c
------- Port HA info ---------------
hwstate=forwarding(4) state=forwarding(4) Role=designated(3)
Inconsistencies=0
oper_portfast =FALSE oper_p2p =TRUE
oper_loopguard =FALSE oper_bpdufilter=FALSE
oper_bpduguard =FALSE oper_networkport=FALSE
Designated_port:36873 Designated_cost:0
DesignatedBridge:0:0000.0000.0000 DesignatedRoot=0:0000.0000.0000
Peer Info=0x2
sh spanning-tree internal info tree 137 interface po 20
------- STP Port Info (vdc 1, tree 137, port Po20) ---------
dot1d info: port_num=4115, ifi=0x16000013 (port-channel20)
ISSU FALSE non-disr, prop 0, ag 0, flush 0 peer_not_disputed_count 0
stp 0x118e206c
if_index 0x16000013
namestring port-channel20
port_mac_addr a023.9f70.3cec
bandwidth 0x5f5e100
vlan 1
native_vlan 1
duplex STP_PORT_DUPLEX_FULL
vlan_mode STP_VLAN_MODE_TRUNK
lc_number 0
is_portchannel 1
proposed 0
agree 0
new_info 0
tx_count 0
message_age 0
mdelay_active 1
dispute 0
dispute count 0
mdelay_while 0.000000
peer STP_PEER_RSTP
tc_needed 0
flush_needed 1
tc_acknowledge 0
self_looped 0
path_cost_explicit 0
hwstate FWD
state FWD
role Desg
hold_timer 0x118fd6f4
fd_while 0x1192bca4
rr_while 0x1192bcdc
rcvd_info_while 0x118e3634
tc_while never
loopback_timer 0x1192bd14
loopback_bpdu 0
rb_while 0
cq_node_count 0
designated_root 8089.0023.04ee.be0f
designated_cost 0
designated_bridge 8089.a023.9f70.3cfc
designated_port 36883
port_id 36883
design_times
{msg_age 0 max_age 0 fwd_delay 0 hello_time 0 remaining_hops 0
priority 128
path_cost 200
ba_timer never
portfast 0
bpduguard 0
bpdufilter 0
portguard 0
linktype 3
lc-issu type default
oper_portfast 0
oper_networkport 0
oper_p2p 1
oper_bpdufilter 0
oper_bpduguard 0
oper_loopguard 0
int_bpdufilter 0
inhibit_loopguard 0
port_idle 0
inconsistency 0x0
ha_force_create 0
ha_sync 0
ha_sync_pss 0
state_change_pending 0
MCS Flags 0x0
MCEC ID 20
stats
fwd_transition_count 0 bpdus_in 0 bpdus_out 296
config_bpdu_in 0 rstp_bpdu_in 0 tcn_bpdu_in 0
config_bpdu_out 0 rstp_bpdu_out 296 tcn_bpdu_out 0
bpdufilter_drop_in 0
bpduguard_drop_in 0
err_dropped_in 0
sw_flood_in 0
vft 0x102ae4c0
un 0x1192bc84
------- Port HA info ---------------
hwstate=forwarding(4) state=forwarding(4) Role=designated(3)
Inconsistencies=0
oper_portfast =FALSE oper_p2p =TRUE
oper_loopguard =FALSE oper_bpdufilter=FALSE
oper_bpduguard =FALSE oper_networkport=FALSE
Designated_port:36883 Designated_cost:0
DesignatedBridge:0:0000.0000.0000 DesignatedRoot=0:0000.0000.0000
Peer Info=0x2
This setup is not working! The mac-address of a server on the nexus assigned to vlan 137 does not show up on the 6509.
I will also include part of the configuration:
6509
interface Port-channel10
description ** LINK TO N3K **
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 137
no ip address
spanning-tree guard root
interface GigabitEthernet3/27
description ** MK-N3K-1 1/53/1 **
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 137
no ip address
udld port
spanning-tree guard root
channel-group 10 mode active
interface GigabitEthernet3/28
description ** MK-N3K-2 1/53/1 **
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 137
no ip address
udld port
spanning-tree guard root
channel-group 10 mode active
Nexus 1:
vpc domain 15
peer-switch
role priority 1
system-priority 8192
peer-keepalive destination 1.1.1.2 source 1.1.1.1 vrf Keepalive
auto-recovery
ip arp synchronize
interface port-channel1
description *** VPC PEER LINK ***
switchport mode trunk
spanning-tree port type network
speed 40000
vpc peer-link
interface port-channel2
description *** VPC PEER KEEPALIVE ***
no switchport
speed 10000
no negotiate auto
vrf member Keepalive
ip address 1.1.1.1/30
interface port-channel10
description *** LINK TO 6509-A1***
switchport mode trunk
switchport trunk allowed vlan 137
speed 1000
vpc 10
interface port-channel20
description *** LINK TO 6509-C1***
switchport mode trunk
switchport trunk allowed vlan 137
speed 1000
vpc 20
interface Ethernet1/53/1
description *** LINK TO 6509-A1 ***
switchport mode trunk
switchport trunk allowed vlan 137
spanning-tree guard loop
speed 1000
channel-group 10 mode active
no shutdown
interface Ethernet1/54/1
description *** LINK TO 6509-C1 ***
switchport mode trunk
switchport trunk allowed vlan 137
spanning-tree guard loop
speed 1000
channel-group 20 mode active
no shutdown
Nexus-2:
vpc domain 15
peer-switch
role priority 2
system-priority 8192
peer-keepalive destination 1.1.1.1 source 1.1.1.2 vrf Keepalive
auto-recovery
ip arp synchronize
interface port-channel1
description *** VPC PEER LINK ***
switchport mode trunk
spanning-tree port type network
speed 40000
vpc peer-link
interface port-channel2
description *** VPC PEER KEEPALIVE ***
no switchport
speed 10000
no negotiate auto
vrf member Keepalive
ip address 1.1.1.2/30
interface port-channel10
switchport mode trunk
switchport trunk allowed vlan 137
speed 1000
vpc 10
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 137
speed 1000
vpc 20
interface Ethernet1/53/1
switchport mode trunk
switchport trunk allowed vlan 137
spanning-tree guard loop
speed 1000
channel-group 10 mode active
no shutdown
interface Ethernet1/54/1
switchport mode trunk
switchport trunk allowed vlan 137
spanning-tree guard loop
speed 1000
channel-group 20 mode active
no shutdown
Please advise...
Thank you in advance,
Katerina
11-16-2017 05:52 AM
Problem solved!!!!
Wrong configuration on the port-channels on the 6509 side.
Thank you for your time!
11-17-2017 06:12 AM
Excellent. If interested, see below pdf for spanning tree design guidelines and VPC.
11-14-2017 12:08 PM
Hello
Its interesting to see that 3272T has a root port even when it stated it the root?
Is vlan 137 being allowed over the vPC ( dont forget you allow the vlan on the virtual interface NOT the physical interfaces of a Port-channel)
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide