08-10-2015 12:59 AM - edited 03-08-2019 01:17 AM
Hi!
I've got Cisco 881 connected to the network in a branch office.
Sometimes (may occur once a week or three times a day) I see STP starts blocking port:
rtr#show spanning-tree VLAN1 is executing the ieee compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 649e.f33b.7dfa Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Number of topology changes 2 last change occurred 01:50:39 ago from FastEthernet3 Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0, aging 300 Port 4 (FastEthernet3) of VLAN1 is blocking Port path cost 19, Port priority 128, Port Identifier 128.4. Designated root has priority 32768, address 649e.f33b.7dfa Designated bridge has priority 32768, address 649e.f33b.7dfa Designated port id is 128.4, designated path cost 0 Timers: message age 0, forward delay 0, hold 0 Number of transitions to forwarding state: 1 BPDU: sent 502925, received 1807
It recovers only by shutdown/unshutdown port (or cable plug out/in).
If there were loop, this state should not recover after shutdown, but it does.
There are switches behind cisco, but they are not manageable.
Any ideas where is the problem and how to auto-recover from the blocking STP state?
08-10-2015 01:21 AM
Hi you need to trace where the change is occurring at layer 2 , use this command below and follow the path of the change , so if as below my example on my vss the change had just occurred rather than a week ago i would do a show cdp of po122 and jump onto that switch and then run the command again , this will help you trace the fault port source, somethings changing in the network thats automatically causing STP to put your port into blocking state to prevent a loop from occurring, you need to find the source of the problem , could be a faulty cable , incorrect config or a bad nic somewhere or bug.
If you cant use this command the whole way through you will need to check each switches stp settings and config , and look for any errors miss-configs
Your router lan port should never go into blocking for obvious reasons its blocking the network at layer 2 if it occurs , check first whats the settings on the directly connected device and what the logs are in relation to stp, if this problem only recently started you may just have a faulty device port
what are the switches you have connected off the 881,
08-10-2015 09:09 AM
Hello
Its does indeed suggest just that and FYI it can recover if that possbile loop is now not applicable to the current stp topology.
A suggestion would be , Before you reenable this port- investigae why it was shutdown in the first place.
STP is a loop prevention protocol and as such it seems in this case for some reason ( not posted) a once forwarding port has not become block to stop a loop.
What you haven’t posted is what type of error disablement it is -But i can see it activatin on the stp root bridge for that vlan
It is possible due to
- Designated port transitioning into a root port when root guard is active
But it can be other reasons also.
- Due to an topology change resulting due to an non direct or direct link failure -
- Access port receiving bpdus when bpduguard is enabled
- UDLD issue
Can you post the log buffer or the type of stp error thats occuring?
sh log
sh int x/x status err-disabled
Lastly - regards Marks good recommendation, Please be aware--
You will see access ports stp transitioning very frequently if you don’t have portfast enabled and as such this could lead you away from the actually root of the problem.
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide