05-16-2011 12:08 PM - edited 03-06-2019 05:04 PM
We recently walked into a battling root scenario that was just plain ugly. So this brought up the question; which way of assigning spanning-tree is more efficient and protects the root the best when you have a primary and secondary device?
spanning-tree vlan xxx priority 8192 (On primary)
spanning-tree vlan xxx priority 16384 (On secondary)
or
spanning-tree vlan xxx root primary diameter 4 (on primary)
spanning-tree vlan xxx root secondary diameter 4 (on secondary)
I'm looking for an explanation on why people choose one over the other. Both look like perfectly fine options at my current company everything is set up the first way, I’m wondering what extra protections (or ‘gotchas’ the second way has to offer.
Solved! Go to Solution.
05-16-2011 12:41 PM
Hello,
Please refer to this document .....
http://blog.ipexpert.com/2011/01/24/old-ccie-myths-spanning-tree-diameter/
It doesn't tell you the difference between two but it explains your second option in detail. Setting the "diameter" tweaks the FWD_DELAY and MAX_AGE timers to make it appear like smaller network, in terms of STP timers only. It is not related to hop count though.
However, as of my understanding, it really doesn't protect the root in any particular way. If you remove the diameter part of the command, you are essentially achieving the same goal as your primary command.
HTH.
05-17-2011 04:16 AM
Lsimancek wrote:
We recently walked into a battling root scenario that was just plain ugly. So this brought up the question; which way of assigning spanning-tree is more efficient and protects the root the best when you have a primary and secondary device?
spanning-tree vlan xxx priority 8192 (On primary)
spanning-tree vlan xxx priority 16384 (On secondary)or
spanning-tree vlan xxx root primary diameter 4 (on primary)
spanning-tree vlan xxx root secondary diameter 4 (on secondary)I'm looking for an explanation on why people choose one over the other. Both look like perfectly fine options at my current company everything is set up the first way, I’m wondering what extra protections (or ‘gotchas’ the second way has to offer.
When you use the "root" and "root secondary" method this is a one-time calculation that is carried out by the switches. By this i mean if all switches were set to default ie. 32768 and you then set a switch to be STP root using the above method the STP cost won't necessarily be worked out as 8192. It will simply be a lower cost than 32768.
This is fine and works well but you need to be aware that if you then added a new switch to the network the calculation is not carried out again. So if you accidentally added a switch with a lower cost than the one worked out above then it would become root.
This is most likely a non-issue but personally i always used the specific values of 8192 and 16384 because you are not relying on a calculation to work it out for you and you know exactly what you have set.
As i say though, probably not a huge issue either way.
Jon
05-16-2011 12:26 PM
Both are perfectly fine. However, I would use additional protection mechanism like root guard to protect the root bridge.
http://www.cisco.com/en/US/docs/ios/lanswitch/command/reference/lsw_s2.html#wp1110686
HTH,
jerry
05-16-2011 12:41 PM
Hello,
Please refer to this document .....
http://blog.ipexpert.com/2011/01/24/old-ccie-myths-spanning-tree-diameter/
It doesn't tell you the difference between two but it explains your second option in detail. Setting the "diameter" tweaks the FWD_DELAY and MAX_AGE timers to make it appear like smaller network, in terms of STP timers only. It is not related to hop count though.
However, as of my understanding, it really doesn't protect the root in any particular way. If you remove the diameter part of the command, you are essentially achieving the same goal as your primary command.
HTH.
05-17-2011 06:34 AM
Thank you for the reference. That made the choice easy we will stick with the orginal layout. thanks!
05-16-2011 01:22 PM
Hi lsimancek,
Both Cisco commands accomplish the same final goal. Try using root guard to further enhanced root protection.-
HTH,
Elyinn.-
05-17-2011 04:16 AM
Lsimancek wrote:
We recently walked into a battling root scenario that was just plain ugly. So this brought up the question; which way of assigning spanning-tree is more efficient and protects the root the best when you have a primary and secondary device?
spanning-tree vlan xxx priority 8192 (On primary)
spanning-tree vlan xxx priority 16384 (On secondary)or
spanning-tree vlan xxx root primary diameter 4 (on primary)
spanning-tree vlan xxx root secondary diameter 4 (on secondary)I'm looking for an explanation on why people choose one over the other. Both look like perfectly fine options at my current company everything is set up the first way, I’m wondering what extra protections (or ‘gotchas’ the second way has to offer.
When you use the "root" and "root secondary" method this is a one-time calculation that is carried out by the switches. By this i mean if all switches were set to default ie. 32768 and you then set a switch to be STP root using the above method the STP cost won't necessarily be worked out as 8192. It will simply be a lower cost than 32768.
This is fine and works well but you need to be aware that if you then added a new switch to the network the calculation is not carried out again. So if you accidentally added a switch with a lower cost than the one worked out above then it would become root.
This is most likely a non-issue but personally i always used the specific values of 8192 and 16384 because you are not relying on a calculation to work it out for you and you know exactly what you have set.
As i say though, probably not a huge issue either way.
Jon
05-17-2011 06:38 AM
Jon,
In the docs I read I didn't pick up on the fact that it is a one time calculation. Thank you for the clarification. I've decided that our orginal plan was best and we will be sticking with it - esp after your message here.
Just one of those things that I wasnte to hear what other people were doing.
Thanks!
Lindsay
05-17-2011 09:22 AM
Hi John,
And if you are to use specific values of 8192 and 1638, do you also use diameter configuration or other tweaks?
Thanks,
laf.
05-17-2011 09:43 AM
florin.barhala wrote:
Hi John,
And if you are to use specific values of 8192 and 1638, do you also use diameter configuration or other tweaks?
Thanks,
laf.
laf
Yes you can in that the command using an actual priority number will still take a diameter argument. Personally i have never actually specifically configured a diameter but it is an option if you want.
Rootguard, BPDUGuard should still be used whichever method of setting priority you use.
Jon
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide