Spanning tree issue - Page 2

paolo96 · ‎01-31-2024

Hello,

I have some problems on two Cisco Catalyst WS-C3650 (not configured by me so i'm trying to understand what was done and how to fix this problems). Basically i have this two switches directly connected with a layer2 in a trunk port, and every switch is connected to a different router, with a trunk port too, where is running vrrp protocol. So it's like routerA->switchA->switchB->routerB.

I have 3 main vlan (2,3,7) on those router. Vlan 2 and 7 are running fine, but i can't communicate from one router to the other one on vlan3. While I was looking into the switches, I found out that both switches are elected as root port for vlan 3.

How can i solve this issue?

Here the switches configuration ( I ommited some description and other unrelated configuration for company policy)

Switch A

!
vtp mode transparent
!

spanning-tree mode pvst
spanning-tree extend system-id
hw-switch switch 1 logging onboard message level 3
!
redundancy
mode sso
!
!
vlan 2
name MPLS
!
vlan 3
name MPLS2
!
vlan 7
name MGMT
!
vlan 10
name INTERNET
!
vlan 20
name INTERNET2
!
vlan 21
name MNGT
!
vlan 22
name BACKUP
!
vlan 23
name LAN
!
vlan 24
name EXTRA
!
vlan 30
name HA_FIREWALL
!
interface GigabitEthernet1/0/1
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/19 <----- CONNECTION TO SWITCH B
switchport mode trunk
!
interface GigabitEthernet1/0/21
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/22
switchport trunk allowed vlan 2,3
switchport mode trunk
!
interface GigabitEthernet1/0/23
switchport access vlan 10
switchport mode access
speed 1000
!
interface GigabitEthernet1/0/24 <----- CONNECTION TO ROUTER A
switchport trunk allowed vlan 2,3,7
switchport mode trunk
speed 1000
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
no ip address
!
interface Vlan3
no ip address

--------------

Switch B:

!
vtp mode transparent
!

spanning-tree mode pvst
spanning-tree extend system-id
!
redundancy
mode sso
!
!
vlan 2
name MPLS
!
vlan 3
name MPLS2
!
vlan 7
name MGMT
!
vlan 10
name INTERNET
!
vlan 20
name INTERNET2
!
vlan 21
name MNGT
!
vlan 22
name BACKUP
!
vlan 23
name LAN
!
vlan 24
name EXTRA
!
vlan 30
name HA_FIREWALL
!
interface Port-channel1
switchport access vlan 22
switchport mode access
!
interface Port-channel2
switchport access vlan 22
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/10
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/11
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/12
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/13
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/14
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/15
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/16
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/18 <----- CONNECTION TO SWITCH A
switchport mode trunk
!
interface GigabitEthernet1/0/19
switchport access vlan 2
switchport trunk native vlan 21
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/22
switchport trunk allowed vlan 2,3
switchport mode trunk
!
interface GigabitEthernet1/0/23
switchport access vlan 20
switchport mode access
speed 1000
!
interface GigabitEthernet1/0/24 <----- CONNECTION TO ROUTER B
switchport trunk allowed vlan 2,3,7
switchport mode trunk
speed 1000

Here some show commands for SWITCH A

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1/1, Gi1/1/2, Gi1/1/3, Gi1/1/4
2 MPLS active Gi1/0/3, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8, Gi1/0/9, Gi1/0/10, Gi1/0/11, Gi1/0/12, Gi1/0/13, Gi1/0/14, Gi1/0/20
3 MPLS2 active
7 MGMT active
10 INTERNET active Gi1/0/21, Gi1/0/23
20 INTERNET2 active Gi1/0/2
21 MNGT active Gi1/0/15, Gi1/0/16, Gi1/0/17, Gi1/0/18
22 BACKUP active
23 LAN active
24 EXTRA active
30 HA_FIREWALL active Gi1/0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

------------------------------

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc

VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32770
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p

VLAN0003
Spanning tree enabled protocol ieee
Root ID Priority 32771
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32771 (priority 32768 sys-id-ext 3)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p

VLAN0007
Spanning tree enabled protocol ieee
Root ID Priority 32775
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32775 (priority 32768 sys-id-ext 7)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p

VLAN0021
Spanning tree enabled protocol ieee
Root ID Priority 32789
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32789 (priority 32768 sys-id-ext 21)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc

Show commands SWITCHB

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1/1, Gi1/1/2, Gi1/1/3, Gi1/1/4
2 MPLS active Gi1/0/3, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8, Gi1/0/17, Gi1/0/19, Gi1/0/20
3 MPLS2 active
7 MGMT active
10 INTERNET active Gi1/0/2
20 INTERNET2 active Gi1/0/21, Gi1/0/23
21 MNGT active
22 BACKUP active Po1, Po2
23 LAN active
24 EXTRA active
30 HA_FIREWALL active Gi1/0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 005d.732f.8280
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc

VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32770
Address 0035.1ae4.da80
Cost 21004
Port 18 (GigabitEthernet1/0/18)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/3 Desg FWD 4 128.3 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/18 Root FWD 4 128.18 P2p
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/20 Desg FWD 4 128.20 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p

VLAN0003
Spanning tree enabled protocol ieee
Root ID Priority 32771
Address 005d.732f.8280
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32771 (priority 32768 sys-id-ext 3)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Desg FWD 4 128.18 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p

VLAN0007
Spanning tree enabled protocol ieee
Root ID Priority 32775
Address 0035.1ae4.da80
Cost 21004
Port 18 (GigabitEthernet1/0/18)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32775 (priority 32768 sys-id-ext 7)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Root FWD 4 128.18 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p

VLAN0021
Spanning tree enabled protocol ieee
Root ID Priority 32789
Address 005d.732f.8280
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32789 (priority 32768 sys-id-ext 21)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc

So, as you can see there are 3 main problems, for vlan3 both switches are root and for vlan1 and 21 port are in broken state.

The vlan1 and vlan21 problem is caused becasue they both are declared as native vlan right?

so i should declare a native vlan under the trunk configuration?

and what about the vlan3 problem?

Thanks in advice!

balaji.bandi · ‎02-12-2024

Comparing other post vs new post - is the configuration changed ? now we see different Spanning root different.

as per the output the switches you look at PVST output : they are not consistency (that was not the case before ?)

Switch is in pvst mode
Root bridge for: VLAN0001, VLAN0003-VLAN0004, VLAN0021

Switch is in pvst mode
Root bridge for: VLAN0001-VLAN0004, VLAN0007, VLAN0010, VLAN0020-VLAN0024
VLAN0030

for consistence - can both switch have same VLAN allowed (on side you are allowing all VLAN just adding Trunk)

interface GigabitEthernet1/0/19 <---- CONNECTION TO SWITCH A

switchport trunk allowed vlan 1-4,7,10,20-24,30 <<< add this line
switchport mode trunk

interface GigabitEthernet1/0/18 <---- CONNECTION TO SWITCH B
switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk

Other question do you really need PVST ? - refer guide lines of PVST when you configuring :

https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/routers/ncs5xx/ncs520/configuration/guide/LAN-switch/17-1-1/b-lanswitch-17-1-1-ncs520/b-lanswitch-17-1-1-ncs520_chapter_0110.html.xml

If that is not your requirement i would change to faster quick convergence.

spanning-tree mode rapid-pvst

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎02-12-2024

Hello,

I agree with @balaji.bandi , the ports connecting the switches must allow the same Vlans.

Switch A

interface GigabitEthernet1/0/18 <---- CONNECTION TO SWITCH B
switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk

Switch B

interface GigabitEthernet1/0/19 <---- CONNECTION TO SWITCH A
--> switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk

paul driver · ‎02-12-2024

Hello
Your switch A/B configuration does not have parity, And it looks like you have switch A/B connected together incorrectly via the wrong physcal ports I would suggest you check that cabling so they are on the same ports and those trunks should be pruning the same or allowing all vlans.

Switch A
VLAN0001
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc

VLAN0021
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc

interface GigabitEthernet1/0/18 <---- CONNECTION TO SWITCH B
switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk

interface GigabitEthernet1/0/19 < port is in a adminstrative mode of access vlan 2,
switchport access vlan 2
switchport trunk native vlan 21
switchport mode access

Switch B
VLAN0001
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc

VLAN0021
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc

interface GigabitEthernet1/0/18
switchport access vlan 21
switchport mode access

interface GigabitEthernet1/0/19 <---- CONNECTION TO SWITCH A
switchport mode trunk

Suggest the following -- see attached file

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul