Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1484
Views
5
Helpful
8
Replies

SPT Root priorities - which way is best?

Go to solution
Lsimancek_2
Level 1
Level 1

‎05-16-2011 12:08 PM - edited ‎03-06-2019 05:04 PM

We recently walked into a battling root scenario that was just plain ugly. So this brought up the question; which way of assigning spanning-tree is more efficient and protects the root the best when you have a primary and secondary device?

spanning-tree vlan xxx priority 8192 (On primary)
spanning-tree vlan xxx priority 16384 (On secondary)

or

spanning-tree vlan xxx root primary diameter 4 (on primary)
spanning-tree vlan xxx root secondary diameter 4 (on secondary)

I'm looking for an explanation on why people choose one over the other. Both look like perfectly fine options at my current company everything is set up the first way, I’m wondering what extra protections (or ‘gotchas’ the second way has to offer.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
courageux
Level 1
Level 1

‎05-16-2011 12:41 PM

Hello,

Please refer to this document .....

http://blog.ipexpert.com/2011/01/24/old-ccie-myths-spanning-tree-diameter/

It doesn't tell you the difference between two but it explains your second option in detail. Setting the "diameter" tweaks the FWD_DELAY and MAX_AGE timers to make it appear like smaller network, in terms of STP timers only. It is not related to hop count though.

However, as of my understanding, it really doesn't protect the root in any particular way. If you remove the diameter part of the command, you are essentially achieving the same goal as your primary command.

HTH.

View solution in original post

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-17-2011 04:16 AM 

Lsimancek wrote:
We recently walked into a battling root scenario that was just plain ugly. So this brought up the question; which way of assigning spanning-tree is more efficient and protects the root the best when you have a primary and secondary device?
spanning-tree vlan xxx priority 8192 (On primary)
spanning-tree vlan xxx priority 16384 (On secondary)
or
spanning-tree vlan xxx root primary diameter 4 (on primary)
spanning-tree vlan xxx root secondary diameter 4 (on secondary)
I'm looking for an explanation on why people choose one over the other. Both look like perfectly fine options at my current company everything is set up the first way, I’m wondering what extra protections (or ‘gotchas’ the second way has to offer.

When you use the "root" and "root secondary" method this is a one-time calculation that is carried out by the switches. By this i mean if all switches were set to default ie. 32768 and you then set a switch to be STP root using the above method the STP cost won't necessarily be worked out as 8192. It will simply be a lower cost than 32768.

This is fine and works well but you need to be aware that if you then added a new switch to the network the calculation is not carried out again. So if you accidentally added a switch with a lower cost than the one worked out above then it would become root.

This is most likely a non-issue but personally i always used the specific values of 8192 and 16384 because you are not relying on a calculation to work it out for you and you know exactly what you have set.

As i say though, probably not a huge issue either way.

Jon

View solution in original post

8 Replies 8

Go to solution
Jerry Ye
Cisco Employee
Cisco Employee

‎05-16-2011 12:26 PM

Both are perfectly fine. However, I would use additional protection mechanism like root guard to protect the root bridge.

http://www.cisco.com/en/US/docs/ios/lanswitch/command/reference/lsw_s2.html#wp1110686

HTH,

jerry

0 Helpful

Go to solution
courageux
Level 1
Level 1

‎05-16-2011 12:41 PM

Hello,

Please refer to this document .....

http://blog.ipexpert.com/2011/01/24/old-ccie-myths-spanning-tree-diameter/

It doesn't tell you the difference between two but it explains your second option in detail. Setting the "diameter" tweaks the FWD_DELAY and MAX_AGE timers to make it appear like smaller network, in terms of STP timers only. It is not related to hop count though.

However, as of my understanding, it really doesn't protect the root in any particular way. If you remove the diameter part of the command, you are essentially achieving the same goal as your primary command.

HTH.

0 Helpful

Go to solution
Lsimancek_2
Level 1
Level 1
In response to courageux

‎05-17-2011 06:34 AM

Thank you for the reference. That made the choice easy we will stick with the orginal layout. thanks!

0 Helpful

Go to solution
esomarriba
Level 5
Level 5

‎05-16-2011 01:22 PM

Hi lsimancek,

Both Cisco commands accomplish the same final goal. Try using root guard to further enhanced root protection.-

HTH,

Elyinn.-

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-17-2011 04:16 AM 

Lsimancek wrote:
We recently walked into a battling root scenario that was just plain ugly. So this brought up the question; which way of assigning spanning-tree is more efficient and protects the root the best when you have a primary and secondary device?
spanning-tree vlan xxx priority 8192 (On primary)
spanning-tree vlan xxx priority 16384 (On secondary)
or
spanning-tree vlan xxx root primary diameter 4 (on primary)
spanning-tree vlan xxx root secondary diameter 4 (on secondary)
I'm looking for an explanation on why people choose one over the other. Both look like perfectly fine options at my current company everything is set up the first way, I’m wondering what extra protections (or ‘gotchas’ the second way has to offer.

When you use the "root" and "root secondary" method this is a one-time calculation that is carried out by the switches. By this i mean if all switches were set to default ie. 32768 and you then set a switch to be STP root using the above method the STP cost won't necessarily be worked out as 8192. It will simply be a lower cost than 32768.

This is fine and works well but you need to be aware that if you then added a new switch to the network the calculation is not carried out again. So if you accidentally added a switch with a lower cost than the one worked out above then it would become root.

This is most likely a non-issue but personally i always used the specific values of 8192 and 16384 because you are not relying on a calculation to work it out for you and you know exactly what you have set.

As i say though, probably not a huge issue either way.

Jon

Go to solution
Lsimancek_2
Level 1
Level 1
In response to Jon Marshall

‎05-17-2011 06:38 AM

Jon,

In the docs I read I didn't pick up on the fact that it is a one time calculation. Thank you for the clarification. I've decided that our orginal plan was best and we will be sticking with it - esp after your message here.

Just one of those things that I wasnte to hear what other people were doing.

Thanks!

Lindsay

0 Helpful

Go to solution
Florin Barhala
Level 6
Level 6
In response to Jon Marshall

‎05-17-2011 09:22 AM

Hi John,

And if you are to use specific values of 8192 and 1638, do you also use diameter configuration or other tweaks?

Thanks,

laf.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Florin Barhala

‎05-17-2011 09:43 AM 

florin.barhala wrote:
Hi John,
And if you are to use specific values of 8192 and 1638, do you also use diameter configuration or other tweaks?
Thanks,
laf.

laf

Yes you can in that the command using an actual priority number will still take a diameter argument. Personally i have never actually specifically configured a diameter but it is an option if you want.

Rootguard, BPDUGuard should still be used whichever method of setting priority you use.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card