02-29-2024 07:45 AM
Hi all
I have a spine and leaf (non ACI) new setup and I am doing performance tests before it goes into production. My problem surrounds spanning tree and the time taken to converge when a link is disabled.
The cores are not connected together but the leaves are connected in VPC pairs.
With all links enabled we have the following:
The spanning tree port states are indicated, ie R = root, D = designated and B = blocked (Alternate).
I am injecting data into LS1 using iperf on a test server and receiving it on LS2 on another test server.
When I disable port 108 on LS1 (its root port) I see that port Po405 on LS3 goes initially to the blocking state then to learning then eventually to designated. Pings between LS1 and LS2 are lost for up to 50s, the loss continuing for some time after port Po405 has changed to designated.
I don't see any of the ports on any of the other leaves going into the learning state so they are either in that state very briefly or they don't do it.
The spanning tree reconverges quite quickly to the following:
We have another spine and leaf setup exactly the same and the same test on there just shows slower response times for a couple of pings, ie no drops.
Can anyone suggest what I could check as I'm baffled.
Thanks in advance,
Phil.
02-29-2024 08:14 AM
I suggest to investigate
- spanning tree mode (the delay suggests traditional STP not Rapid STP)
- root priority (the second core is not backup root)
02-29-2024 08:46 AM
03-04-2024 05:27 AM
All switches are running rapid pvst+
What I also don't understand is this: Core 1 has been set as the root bridge by giving it a low priority. Why would any of the leaf switches choose the VPC link as its root port, with a cost of 2, when it has a direct link to the root bridge with a cost of 1? This seems contrary to all the theory of spanning tree which says that a switch chooses as its root port the link with the lowest cost to the root.
03-04-2024 06:23 AM - edited 03-04-2024 07:06 AM
suggest you start by running the command requested by @David Ruess (on all individual switches ) and upload the output here
btw priority is not the only criteria for determining the path to the root bridge
if the path cost via core2 to core1 is much lower then de direct path,
then the root bridge will still be core1, but the path will be passing core2
(thus the interface to core2 will be the interface selected to reach the root bridge)
03-06-2024 01:15 AM
There is no question here about priority determining the path to the root bridge. I mentioned priority above because I used that to influence the choice of root bridge, ie by setting it to a low value on one of the core switches. What I couldn't understand is why one of the leaves would choose a path to the root bridge across its VPC link, with a cost of 2, rather than its direct link with a cost of 1, eg LS3 in my first diagram above. The answer, I believe now, is that, referring to my diagram above, LS1 and LS3 are effectively one large switch, in a similar way to stacking two switches, so they will have one root port to the root bridge between them. So, in my first diagram above, LS1 has the direct link to the root bridge and LS3 is effectively part of LS1 so its path is via LS1. Does this seem reasonable?
03-04-2024 07:42 AM - edited 03-04-2024 07:47 AM
second about the remark " (non ACI) " -> do you have an APIC in your environment ?
It could well be the configurations are out-of-sync and you need to re-apply your policies
the examples in this document Virtual Port Channel (vPC) in ACI (cisco.com)
only describe vpc's from leaf switches to downlink devices, not as uplink to the core's, that is built by defining the fabric.
but maybe command like below can shed some light on your configuration?
apic1# show vpc map
and
apic1# fabric xxx,yyy show vpc [extended]
03-06-2024 01:16 AM
We don't have an APIC and this is a non ACI Environment.
03-06-2024 03:02 AM
in my opinion non-ACI environment does not mean you cannot have an APIC or other fabric controller ?
so my inquiry
second: i cannot find a post with any command output as requested by @David Ruess ?
03-06-2024 05:14 AM
Here's the output to "show spanning-tree summary" for the four leaves and two cores:
LS-1(config-if)# sh span summ
Switch is in rapid-pvst mode
Root bridge for: none
L2 Gateway STP is disabled
Port Type Default is edge
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance is enabled
Loopguard Default is disabled
Pathcost method used is short
vPC peer-switch is enabled (non-operational)
STP-Lite is disabled
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 2 0 0 1 3
VLAN0005 2 0 0 1 3
VLAN0006 2 0 0 1 3
VLAN0008 2 0 0 1 3
VLAN0010 2 0 0 1 3
VLAN0012 2 0 0 1 3
VLAN0016 2 0 0 1 3
VLAN0017 2 0 0 1 3
VLAN0026 2 0 0 1 3
VLAN0029 2 0 0 1 3
VLAN0030 2 0 0 1 3
VLAN0031 2 0 0 1 3
VLAN0068 2 0 0 1 3
VLAN0176 2 0 0 1 3
VLAN0204 2 0 0 1 3
VLAN0205 2 0 0 1 3
VLAN0301 2 0 0 1 3
VLAN0321 2 0 0 1 3
VLAN0331 2 0 0 1 3
VLAN0332 2 0 0 1 3
VLAN0333 2 0 0 1 3
VLAN0334 2 0 0 1 3
VLAN0398 2 0 0 1 3
VLAN0399 2 0 0 1 3
VLAN0401 2 0 0 1 3
VLAN0402 2 0 0 1 3
VLAN0403 2 0 0 1 3
VLAN0404 2 0 0 1 3
VLAN0405 2 0 0 1 3
VLAN0601 2 0 0 2 4
VLAN0602 0 0 0 2 2
VLAN0990 2 0 0 1 3
VLAN1001 2 0 0 3 5
---------------------- -------- --------- -------- ---------- ----------
33 vlans 64 0 0 37 101
LS-2(config-if)# sh span summ
Switch is in rapid-pvst mode
Root bridge for: none
L2 Gateway STP is disabled
Port Type Default is edge
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance is enabled
Loopguard Default is disabled
Pathcost method used is short
vPC peer-switch is enabled (non-operational)
STP-Lite is disabled
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 0 0 0 3 3
VLAN0005 0 0 0 3 3
VLAN0006 0 0 0 3 3
VLAN0008 0 0 0 3 3
VLAN0010 0 0 0 3 3
VLAN0012 0 0 0 3 3
VLAN0016 0 0 0 3 3
VLAN0017 0 0 0 3 3
VLAN0026 0 0 0 3 3
VLAN0029 0 0 0 3 3
VLAN0030 0 0 0 3 3
VLAN0031 0 0 0 3 3
VLAN0068 0 0 0 3 3
VLAN0176 0 0 0 3 3
VLAN0204 0 0 0 3 3
VLAN0205 0 0 0 3 3
VLAN0301 0 0 0 3 3
VLAN0321 0 0 0 3 3
VLAN0331 0 0 0 3 3
VLAN0332 0 0 0 3 3
VLAN0333 0 0 0 3 3
VLAN0334 0 0 0 3 3
VLAN0398 0 0 0 3 3
VLAN0399 0 0 0 3 3
VLAN0401 0 0 0 3 3
VLAN0402 0 0 0 3 3
VLAN0403 0 0 0 3 3
VLAN0404 0 0 0 3 3
VLAN0405 0 0 0 3 3
VLAN0602 0 0 0 4 4
VLAN0990 0 0 0 3 3
VLAN1001 0 0 0 5 5
---------------------- -------- --------- -------- ---------- ----------
32 vlans 0 0 0 99 99
LS-3(config-if)# sh span summ
Switch is in rapid-pvst mode
Root bridge for: none
L2 Gateway STP is disabled
Port Type Default is edge
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance is enabled
Loopguard Default is disabled
Pathcost method used is short
vPC peer-switch is enabled (non-operational)
STP-Lite is disabled
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 0 0 0 3 3
VLAN0005 0 0 0 3 3
VLAN0006 0 0 0 3 3
VLAN0008 0 0 0 3 3
VLAN0010 0 0 0 3 3
VLAN0012 0 0 0 3 3
VLAN0016 0 0 0 3 3
VLAN0017 0 0 0 3 3
VLAN0026 0 0 0 3 3
VLAN0029 0 0 0 3 3
VLAN0030 0 0 0 3 3
VLAN0031 0 0 0 3 3
VLAN0068 0 0 0 3 3
VLAN0176 0 0 0 3 3
VLAN0204 0 0 0 3 3
VLAN0205 0 0 0 3 3
VLAN0301 0 0 0 3 3
VLAN0321 0 0 0 3 3
VLAN0331 0 0 0 3 3
VLAN0332 0 0 0 3 3
VLAN0333 0 0 0 3 3
VLAN0334 0 0 0 3 3
VLAN0398 0 0 0 3 3
VLAN0399 0 0 0 3 3
VLAN0401 0 0 0 3 3
VLAN0402 0 0 0 3 3
VLAN0403 0 0 0 3 3
VLAN0404 0 0 0 3 3
VLAN0405 0 0 0 3 3
VLAN0601 0 0 0 3 3
VLAN0990 0 0 0 3 3
VLAN1001 0 0 0 5 5
---------------------- -------- --------- -------- ---------- ----------
32 vlans 0 0 0 98 98
LS-4(config-if)# sh span summ
Switch is in rapid-pvst mode
Root bridge for: none
L2 Gateway STP is disabled
Port Type Default is edge
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance is enabled
Loopguard Default is disabled
Pathcost method used is short
vPC peer-switch is enabled (non-operational)
STP-Lite is disabled
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 1 0 0 1 2
VLAN0005 1 0 0 1 2
VLAN0006 1 0 0 1 2
VLAN0008 1 0 0 1 2
VLAN0010 1 0 0 1 2
VLAN0012 1 0 0 1 2
VLAN0016 1 0 0 1 2
VLAN0017 1 0 0 1 2
VLAN0026 1 0 0 1 2
VLAN0029 1 0 0 1 2
VLAN0030 1 0 0 1 2
VLAN0031 1 0 0 1 2
VLAN0068 1 0 0 1 2
VLAN0176 1 0 0 1 2
VLAN0204 1 0 0 1 2
VLAN0205 1 0 0 1 2
VLAN0301 1 0 0 1 2
VLAN0321 1 0 0 1 2
VLAN0331 1 0 0 1 2
VLAN0332 1 0 0 1 2
VLAN0333 1 0 0 1 2
VLAN0334 1 0 0 1 2
VLAN0398 1 0 0 1 2
VLAN0399 1 0 0 1 2
VLAN0401 1 0 0 1 2
VLAN0402 1 0 0 1 2
VLAN0403 1 0 0 1 2
VLAN0404 1 0 0 1 2
VLAN0405 1 0 0 1 2
VLAN0602 1 0 0 1 2
VLAN0990 1 0 0 1 2
VLAN1001 1 0 0 3 4
---------------------- -------- --------- -------- ---------- ----------
32 vlans 32 0 0 34 66
CORE1# sh span summ
Switch is in rapid-pvst mode
Root bridge for: VLAN0001, VLAN0005-VLAN0006, VLAN0008, VLAN0010, VLAN0012
VLAN0016-VLAN0017, VLAN0026, VLAN0029-VLAN0031, VLAN0068, VLAN0176
VLAN0204-VLAN0205, VLAN0301, VLAN0321, VLAN0331-VLAN0334, VLAN0398-VLAN0399
VLAN0401-VLAN0405, VLAN0601-VLAN0602, VLAN0990, VLAN1001
L2 Gateway STP is disabled
Port Type Default is disable
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance is enabled
Loopguard Default is disabled
Pathcost method used is short
STP-Lite is disabled
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 0 0 0 3 3
VLAN0005 0 0 0 3 3
VLAN0006 0 0 0 3 3
VLAN0008 0 0 0 3 3
VLAN0010 0 0 0 3 3
VLAN0012 0 0 0 3 3
VLAN0016 0 0 0 3 3
VLAN0017 0 0 0 3 3
VLAN0026 0 0 0 3 3
VLAN0029 0 0 0 3 3
VLAN0030 0 0 0 3 3
VLAN0031 0 0 0 3 3
VLAN0068 0 0 0 3 3
VLAN0176 0 0 0 3 3
VLAN0204 0 0 0 3 3
VLAN0205 0 0 0 3 3
VLAN0301 0 0 0 3 3
VLAN0321 0 0 0 3 3
VLAN0331 0 0 0 3 3
VLAN0332 0 0 0 3 3
VLAN0333 0 0 0 3 3
VLAN0334 0 0 0 3 3
VLAN0398 0 0 0 3 3
VLAN0399 0 0 0 3 3
VLAN0401 0 0 0 3 3
VLAN0402 0 0 0 3 3
VLAN0403 0 0 0 3 3
VLAN0404 0 0 0 3 3
VLAN0405 0 0 0 3 3
VLAN0601 1 0 0 2 3
VLAN0602 1 0 0 2 3
VLAN0990 0 0 0 3 3
VLAN1001 0 0 0 3 3
---------------------- -------- --------- -------- ---------- ----------
33 vlans 2 0 0 97 99
CORE2# sh span summ
Switch is in rapid-pvst mode
Root bridge for: none
L2 Gateway STP is disabled
Port Type Default is disable
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance is enabled
Loopguard Default is disabled
Pathcost method used is short
STP-Lite is disabled
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 1 0 0 3 4
VLAN0005 1 0 0 3 4
VLAN0006 1 0 0 3 4
VLAN0008 1 0 0 3 4
VLAN0010 1 0 0 3 4
VLAN0012 1 0 0 3 4
VLAN0016 1 0 0 3 4
VLAN0017 1 0 0 3 4
VLAN0026 1 0 0 3 4
VLAN0029 1 0 0 3 4
VLAN0030 1 0 0 3 4
VLAN0031 1 0 0 3 4
VLAN0068 1 0 0 3 4
VLAN0176 1 0 0 3 4
VLAN0204 1 0 0 3 4
VLAN0205 1 0 0 3 4
VLAN0301 1 0 0 3 4
VLAN0321 1 0 0 3 4
VLAN0331 1 0 0 3 4
VLAN0332 1 0 0 3 4
VLAN0333 1 0 0 3 4
VLAN0334 1 0 0 3 4
VLAN0398 1 0 0 3 4
VLAN0399 1 0 0 3 4
VLAN0401 1 0 0 3 4
VLAN0402 1 0 0 3 4
VLAN0403 1 0 0 3 4
VLAN0404 1 0 0 3 4
VLAN0405 1 0 0 3 4
VLAN0601 2 0 0 2 4
VLAN0602 2 0 0 2 4
VLAN0990 1 0 0 3 4
VLAN1001 1 0 0 3 4
---------------------- -------- --------- -------- ---------- ----------
33 vlans 35 0 0 97 132
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide