cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4170
Views
5
Helpful
4
Replies
Highlighted
Beginner

Spanning-tree Port Type Question

On a Nexus 5000 we have a connection (VPC) to a Catalyst 3750.  Which Spanning-tree port type is correct?  If we set it to "network" it fails when trying to issue the command "show spanning-tree issu-impact"  It succeeds if we tell the switch it's an "edge trunk" but I believe that will break spanning tree and leave us vulnerable.  What's the correct setting?  Or is the answer that we can't do ISSU with a connection to a Catalyst switch?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hi,

Cisco recommendation is to configure switch-to-switch ports as spanning tree normal when running vPC. There's a fairly extensive discussion on vPC and spanning tree in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches. I know your issue is on a Nexus 5K, but the same principles apply.

The only port that it is recommended to run as type network is the vPC peer link.

As far as why this affects ISSU, when you run a port as spanning tree type network it will operate Bridge Assurance. According to the Cisco Nexus 5000 Series NX-OS Software Upgrade and Downgrade Guide:

Summary of ISSU Unsupported Topologies

Two important spanning tree-related requirements for a Cisco Nexus 5000 Series switch undergoing an ISSU are as follows. Note that a switch undergoing an ISSU has its control plane inactive while the switch is reset and the new software version is loaded. Not having these restrictions could render the network unstable, if there are any unexpected topology changes:

  • STP enabled switches cannot be present downstream to the switch undergoing an ISSU.
  • The STP Bridge Assurance feature cannot be configured except on a vPC peer link. Bridge Assurance is enabled by configuring an interface as a spanning-tree port type network.

Regards

View solution in original post

4 REPLIES 4
Highlighted
Hall of Fame Expert

According to table-6 in this link, ISSU is supported if the switch is layer-2 only

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/data_sheet_c78-618603.html

HTH

Highlighted

It is a layer 2 only device and it's only successful if we put the port into "edge trunk" mode. That doesn't seem correct to me. It seems it should be in "network" mode.

Sent from Cisco Technical Support iPad App

Highlighted

Hi,

Cisco recommendation is to configure switch-to-switch ports as spanning tree normal when running vPC. There's a fairly extensive discussion on vPC and spanning tree in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches. I know your issue is on a Nexus 5K, but the same principles apply.

The only port that it is recommended to run as type network is the vPC peer link.

As far as why this affects ISSU, when you run a port as spanning tree type network it will operate Bridge Assurance. According to the Cisco Nexus 5000 Series NX-OS Software Upgrade and Downgrade Guide:

Summary of ISSU Unsupported Topologies

Two important spanning tree-related requirements for a Cisco Nexus 5000 Series switch undergoing an ISSU are as follows. Note that a switch undergoing an ISSU has its control plane inactive while the switch is reset and the new software version is loaded. Not having these restrictions could render the network unstable, if there are any unexpected topology changes:

  • STP enabled switches cannot be present downstream to the switch undergoing an ISSU.
  • The STP Bridge Assurance feature cannot be configured except on a vPC peer link. Bridge Assurance is enabled by configuring an interface as a spanning-tree port type network.

Regards

View solution in original post

Highlighted

Thank you. This is what I needed to know.

Sent from Cisco Technical Support iPad App

Content for Community-Ad