Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
153
Views
0
Helpful
6
Replies

spanning-tree not blocking

Ruhtra
Level 1
Level 1

‎11-25-2025 08:05 AM

I have unexpected behavior from connected field devices.  For redundancy, there are field devices that have two Ethernet ports and act as bridges.  One port will be to my 9300 switch, second port to another field device, and daisy chain maybe two-five devices, the last being connected back to the 9300 switch.  Done this before with no issue on different field hardware.  But for some reason STP doesn't like this particular field device (or vlan).  Here's the weird part; if I remove the vlan from the uplink to the core router, it will forward/block the two ports as expected.  But if I add the vlan back to the uplink, once it finishes learning, I start getting the  %SW_MATM-4-MACFLAP_NOTIF errors again.  Both ports are forwarding, and the core router starts seeing it MACFLAP between port channels on other switches that have that vlan.  when I do a show cdp neighbor, I see my switch as a neighbor between the two ports.  If it makes a difference, the field device in question is a Distech ECY-300.

Labels:
0 Helpful
6 Replies 6

Ruhtra
Level 1
Level 1

‎11-25-2025 08:22 AM

After thinking about this, it does make sense to see macflap on other port channels on the router since a port is not blocking like it should.  So, I guess the question becomes why isn't the port blocking.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Ruhtra

‎11-25-2025 09:19 AM

Are you using PVST or rapid PVST?

0 Helpful

Ruhtra
Level 1
Level 1

‎11-25-2025 09:39 AM

Field switches have:

spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
spanning-tree extend system-id

I do not have portfast enabled on these ports. 

The router (9606 vss pair) has this for spanning-tree
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree logging
spanning-tree extend system-id
spanning-tree vlan 1-4093 priority 24576

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Ruhtra

‎11-25-2025 10:28 AM

That leads me to believe the field device is not passing those packets.

@Ruhtra wrote:

Field switches have:

spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
spanning-tree extend system-id

I do not have portfast enabled on these ports. 

The router (9606 vss pair) has this for spanning-tree
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree logging
spanning-tree extend system-id
spanning-tree vlan 1-4093 priority 24576

The 9300 also using rapid-pvst?

Possibly one of the following, on the field devices, is blocking BPDUs:

spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default

0 Helpful

Ruhtra
Level 1
Level 1

‎11-25-2025 09:41 AM

I just spoke with the vendor installing the field devices.  Apparently, we are having issues with just one flavor that is brand new, and there is a firmware update coming our next week that addresses spanning-tree issues.  So, this may not be a 'me' issue.

0 Helpful

Ruhtra
Level 1
Level 1

‎11-25-2025 09:52 AM

New update.  I think I relied too much on the SHOW CDP NEIGHBOR command.  When I do a SHOW SPANNING-TREE INTERFACE Tw1/0/13 (one of the two ports in the "loop"), the number of BPDU packets received is 0 for both sides.  That leads me to believe the field device is not passing those packets.

0 Helpful
Customers Also Viewed These Support Documents