Solved: Some Spanning Tree Questions

Jacob Berger · ‎12-02-2012

Hi,

on our backbone (Cisco 6509) we have the following config.

spanning-tree mode rapid-pvst

spanning-tree extend system-id

spanning-tree vlan 1-200 priority 24576

questions:

1. is rapid-pvst the best spanning tree protocol to use? on some switches we have pvst (not rapid)

2. do all switches in the LAN need to use the same protocol?

3. does line 3 :priority 24576 mean that someone set tis switch as root manually? how can one further enforce the backbone as root (so noone adds a old switch with lower root id)

any other spanning tree advice, welcome.

thanks!

Abzal · ‎12-02-2012

If you set priority 0 and there is a switch with also priority 0 and lower MAC address than your selected root bridge it will become a root bridge.

Because of it I recommend on all uplink ports of root bridge protect with Root Guard, and on all access ports configure BPDU guard to protect root bridge from rogue or installed by mistake switch with priority 0 and lower MAC.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/swstp.html#wp1020007

Hope it will help.

Please rate helpful posts.

Best regards,
Abzal

View solution in original post

Abzal · ‎12-02-2012

Hi,

1. Rapid STP is rapid-pvst+ in Cisco world. It has faster convergence than PVST. It has features like UplinkFast and BackboneFast built in.
2. Of course it would be better to use Rapid Stp on all switches but they compatible. However if one switch is PVST and second is RSTP both of them will use PVST timers. As you see it's not so efficient.
3. You could set it's priority as 0 instead. I would protect root bridge with feature like Root Guard. In this way network would be stable. Yes, if there is any switch with less priority than your current root bridge it will become a root.
http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/sec_chap7.html

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

Jacob Berger · ‎12-02-2012

if i change priority to 0 will there be a connectivity outage or is there no effect?

Abzal · ‎12-02-2012

No, if you setting up priority 0 on root bridge there will not be outage.

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

Jacob Berger · ‎12-02-2012

if i set it to 0

what happens if another switch i connected which also has 0 ?

Abzal · ‎12-02-2012

If you set priority 0 and there is a switch with also priority 0 and lower MAC address than your selected root bridge it will become a root bridge.

Because of it I recommend on all uplink ports of root bridge protect with Root Guard, and on all access ports configure BPDU guard to protect root bridge from rogue or installed by mistake switch with priority 0 and lower MAC.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/swstp.html#wp1020007

Hope it will help.

Please rate helpful posts.

Best regards,
Abzal

fazleabbas khanbahadur · ‎12-02-2012

Hi Jacob,

Just to add, there is another option called Multiple instance Spanning Tree (MIST), but i wud suggest use MIST in large no of VLAN deployments. Also it more complicated than PVST and Rapid-PVST.

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml