Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2344
Views
0
Helpful
4
Replies

port going into blocking mode because sees its own BPDU

greycrx87
Level 1
Level 1

‎12-19-2013 09:04 AM - edited ‎03-07-2019 05:10 PM

Hi,


6509 trunks with Aruba 3600 controller that connects (VPN IPSec) to around 110 Aruba APs, these are usually home offices, some of which are having switches connected to the Aruba ports for switchport expension.

There is only one uplink to the controller and no alterneate path what so ever. The port is going into "Back BLK" because of seeings its own BPDU. So after working with Cisco TAC, we deterimed that there has to be a physical loop somewhere behind the 3600 controller ( hub device) or potential software bug that cauases the BPDU to turn around.

Now TAC has recommened to implement bpdu filter on the uplink trunk to help determine the source of the loop and look at MAC flaps/notification. The uplink trunk has 3 VLANs and only 956 is being affected. The senior mgmt is affraid that implementing the bpdu filter will cause more harm.

We dont't have access to all RAPs because of how big the network is, so the only place where we do configuration changes is Cisco. Aruba saying there is nothing with their software that could be casuing this.

Any advice here is highly appriciated

Attaching a hand written network diagram


VLAN0956

  Spanning tree enabled protocol rstp

  Root ID    Priority    8192

             Address     x.x.x.x x.x.x.x x.x.x.x

             This bridge is the root

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8192

             Address    x.x.x.x x.x.x.x x.x.x.x

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Gi2/27              Back BLK 4         128.155  P2p

interface GigabitEthernet2/27

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 955

switchport trunk allowed vlan 954-956

switchport mode trunk


Labels:
Preview file
1868 KB
0 Helpful
4 Replies 4

yusuf habibi
Level 1
Level 1

‎12-22-2013 08:40 PM

Hi, i think your problem with aruba, you can try with disable DTP on trunk port "switchport nonegotiate"

and make sure uplink interface from both side have 1 connection with vlan 956

Regards,

Habibi

Regards, Habibi
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-22-2013 08:43 PM 

you can try with disable bpdu on trunk port "switchport nonegotiate"

To disable BPDU Guard, the interface-level command is "spanning-tree bpduguard disable".

0 Helpful

yusuf habibi
Level 1
Level 1
In response to Leo Laohoo

‎12-22-2013 08:47 PM

Hi leo, sorry i means disable DTP service on trunk port...thx for correct

Regards,

Habibi

Regards, Habibi
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-22-2013 08:52 PM

Let me get this straight ... You have an uplink port configured as a trunk but you also enabled BPDU Guard?

It sure defies logiec.  My recommendation is to disable BPDU Guard on this trunk port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card