Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
979
Views
20
Helpful
7
Replies

STP between two sites

Goura
Level 1
Level 1

‎05-18-2020 06:40 AM

HELLO Everyone

 Two sites with their own core sw running with their own vlans connected via layer2(access port in core sw) to carry transport vlan for each router to run routing between sites.

STP on transport vlan between core switches is running.

All are working fine and I just would like to know this is common or do i need to enable bpdufilter on each access port of core switches or any potential problem?

thank you.

Labels:
0 Helpful
7 Replies 7

JELA
Level 1
Level 1

‎05-18-2020 06:58 AM

Hello,

You can use BPDU Filter to separate Layer 2 domains when loop is not an issue.

This way, a layer 2 STP impact (let say a topology change for example) will not SPAN between both your sites.

If you choose to do so, both of your site will be considered, from a STP point of view as unique.

Removing BPDU (by using this feature) does also remove protection provided by STP against mis-cabling so I would recommand using such feature with care.

 

If your layer 2 is only here to propagate a vlan used for routing purpose, you can perhaps rely on layer 3 sub-interfaces between your core devices?

This will remove layer 2 dependency but is only possible if you are using inter site connection just for layer 3 purpose.

Goura
Level 1
Level 1
In response to JELA

‎05-18-2020 10:05 AM

hi
loop will not b an issue because i have only one layer2 link.
and the two sites are unique and seperated.
this layer2 link is just for routing purpose by routers.
thank you.
0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-18-2020 07:00 AM

Hello @Goura ,

instead of enabling bpdu filter that is not recommended I would look on using an etherchannel in order to use all the available links.

If you have a dedicated Vlan for routing/transport between sites and you are using PVST+ or better Rapid PVST this Vlan will have its own instance of STP and it is separated from all the site-specific STP instances for the site specific Vlans.

So there should not be an impact on other STP instances.

If you are using MST you can still pick the transport Vlan from one MST instance. In this case do not make changes to add a new MST instance because MST is not so plug and play.

 

As an alternative you can use routed point to point links to avoid to use any form of STP at all. This is probably the best solution in the long term and you can rely on ECMP equal cost multi path for load balancing.

 

Hope to help

Giuseppe

 

paul driver
VIP
VIP

‎05-18-2020 07:12 AM - edited ‎05-18-2020 07:12 AM

Hello
Caution is required when the two sites extend their layer 2 between each having differenting stp modes/domains stp domains
However If these two sites dont extended their L2 between each other and the only connection between them is a L3 subnet via two physical access-ports then you will be okay, I wouldn’t say use bpdu-filer either you could aggregate the physical ports into a port-channel or just apply a flexlink on them.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Goura
Level 1
Level 1
In response to paul driver

‎05-18-2020 07:48 AM

Hi All

thank you so much for your replies and it helps alot to know not having a problem.

I have only a single layer2 link between this sites, not extended layer2 andnand aggregate etherchannel.

I shall keep using like this without enabling bpdufilter as you guys suggest.

 

0 Helpful

paul driver
VIP
VIP
In response to Goura

‎05-18-2020 08:42 AM - edited ‎05-18-2020 08:44 AM

Hello

@Goura wrote:

I have only a single layer2 link between this sites, not extended layer2 and aggregate etherchannel.

I shall keep using like this without enabling bpdufilter as you guys suggest.

Not sure if your confirming you have an aggregate or not?
If you do then i would say that is applicable and you’re okay, This will apply also if you just have a single connection, However if you do have dual physical links i would suggest etherchannel or flexlink and not bpdu-filtering

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Goura
Level 1
Level 1
In response to paul driver

‎05-18-2020 10:13 AM

hi
sorry for my english and also not fully understand some technical term and knowledge.

"these two sites dont extended their L2 between each other and the only connection between them is a L3 subnet via two physical access-ports."
as you said, it has the only layer2 physical connection and ' not etherchannel'.
thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card