Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8940
Views
5
Helpful
4
Replies

Spanning-tree Port Type Question

Go to solution
ncowger
Level 1
Level 1

‎10-18-2013 01:24 PM - edited ‎03-07-2019 04:06 PM

On a Nexus 5000 we have a connection (VPC) to a Catalyst 3750.  Which Spanning-tree port type is correct?  If we set it to "network" it fails when trying to issue the command "show spanning-tree issu-impact"  It succeeds if we tell the switch it's an "edge trunk" but I believe that will break spanning tree and leave us vulnerable.  What's the correct setting?  Or is the answer that we can't do ISSU with a connection to a Catalyst switch?

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Steve Fuller
Level 9
Level 9
In response to ncowger

‎10-19-2013 10:25 AM

Hi,

Cisco recommendation is to configure switch-to-switch ports as spanning tree normal when running vPC. There's a fairly extensive discussion on vPC and spanning tree in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches. I know your issue is on a Nexus 5K, but the same principles apply.

The only port that it is recommended to run as type network is the vPC peer link.

As far as why this affects ISSU, when you run a port as spanning tree type network it will operate Bridge Assurance. According to the Cisco Nexus 5000 Series NX-OS Software Upgrade and Downgrade Guide:

Summary of ISSU Unsupported Topologies

Two important spanning tree-related requirements for a Cisco Nexus 5000 Series switch undergoing an ISSU are as follows. Note that a switch undergoing an ISSU has its control plane inactive while the switch is reset and the new software version is loaded. Not having these restrictions could render the network unstable, if there are any unexpected topology changes:

  • STP enabled switches cannot be present downstream to the switch undergoing an ISSU.
  • The STP Bridge Assurance feature cannot be configured except on a vPC peer link. Bridge Assurance is enabled by configuring an interface as a spanning-tree port type network.

Regards

View solution in original post

4 Replies 4

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎10-18-2013 08:12 PM

According to table-6 in this link, ISSU is supported if the switch is layer-2 only

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/data_sheet_c78-618603.html

HTH

0 Helpful

Go to solution
ncowger
Level 1
Level 1
In response to Reza Sharifi

‎10-19-2013 06:04 AM

It is a layer 2 only device and it's only successful if we put the port into "edge trunk" mode. That doesn't seem correct to me. It seems it should be in "network" mode.

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
Steve Fuller
Level 9
Level 9
In response to ncowger

‎10-19-2013 10:25 AM

Hi,

Cisco recommendation is to configure switch-to-switch ports as spanning tree normal when running vPC. There's a fairly extensive discussion on vPC and spanning tree in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches. I know your issue is on a Nexus 5K, but the same principles apply.

The only port that it is recommended to run as type network is the vPC peer link.

As far as why this affects ISSU, when you run a port as spanning tree type network it will operate Bridge Assurance. According to the Cisco Nexus 5000 Series NX-OS Software Upgrade and Downgrade Guide:

Summary of ISSU Unsupported Topologies

Two important spanning tree-related requirements for a Cisco Nexus 5000 Series switch undergoing an ISSU are as follows. Note that a switch undergoing an ISSU has its control plane inactive while the switch is reset and the new software version is loaded. Not having these restrictions could render the network unstable, if there are any unexpected topology changes:

  • STP enabled switches cannot be present downstream to the switch undergoing an ISSU.
  • The STP Bridge Assurance feature cannot be configured except on a vPC peer link. Bridge Assurance is enabled by configuring an interface as a spanning-tree port type network.

Regards

Go to solution
ncowger
Level 1
Level 1
In response to Steve Fuller

‎10-19-2013 02:40 PM

Thank you. This is what I needed to know.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents