Re: STP Blocking Issue After Adding a New Switch

MD Irshad Ansari · ‎09-27-2025

Hi All,

I came across an interesting situation while expanding our access layer.

The Problem:
We added a new Catalyst 9300 switch to an existing network (distribution + multiple access). As soon as it was connected, a bunch of access ports went into a blocking state due to Spanning Tree recalculations. End users complained about connectivity drops during this time.

What I Found:

The new switch was trying to participate in STP elections.
Since its STP priority was still the default (32768), in some VLANs it actually became the root bridge temporarily, which caused instability.

Solution:

Explicitly set the root bridge priority on the distribution switches (spanning-tree vlan X priority 4096).
Configured BPDU Guard and Root Guard on access interfaces to stop accidental influence by new devices.
Verified using show spanning-tree root that the right switch remained the permanent root.

Result:
After tuning STP, the network stabilized. Adding new switches is smooth now with no more random blocking on user ports.

Has anyone else faced STP instability when adding a new switch to production? Would love to hear if you have other best practice tips for mixed environments (Catalyst + third‑party).

Thanks,
Md. Irshad Ansari

julian.bendix · ‎09-27-2025

Hey!

You really got to care about Spanning Tree in L2 Networks

Always make it predictable for you, get clear on where you want the root to be at and set that manually.
In mixed vendor environments MST always worked best for me..

Otherwise the usual.. portfast and bdpu guard on edge ports, etc..

M02@rt37 · ‎09-27-2025

Hello @MD Irshad Ansari

A really good idea to master STP and your L2 topology ! All under control !!!

What you experienced is a classic STP takeover cause by leaving the new switch at the default priority of 32768... best practice is to explicitly set low priorities on your distribution/core to pin them as root/secondary (4096/8192), enable Portfasst and BPDU guard on all edge ports so end-user or rogue devices can not influence STP. Also, use Root guard on access uplinks to keep the root where you want it!! And consider Loop gard or UDLD on trunk links, especialy with third party gear...

And me too, in mixed environments MST is always a perfect choice.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Martin L · ‎09-27-2025

I agree, mixed environments MST is the King !

What is default STP version in 9300s ? STP or RSTP ?

julian.bendix · ‎09-27-2025

RSTP should be the default!

NetworkNewbie37 · ‎09-27-2025

Thank you for sharing this experience,

I'm in the process of studying for my CCNA. Seeing an in-the-field example of an STP problem/resolution is helping me better visualize and understand the features/necessity of taking STP into consideration to ensure L2 topology preservation.

julian.bendix · ‎09-27-2025

Great, good luck with your CCNA!

NetworkNewbie37 · ‎09-27-2025

Thank you Julian, I appreciate it!

GolegPowerC · ‎09-27-2025

PVST+ work with MST without problem

Joseph W. Doherty · ‎09-27-2025

@MD Irshad Ansari wrote:

Has anyone else faced STP instability when adding a new switch to production? Would love to hear if you have other best practice tips for mixed environments (Catalyst + third‑party).

I haven't, but not trying to sound smug, but such was avoided by studying the technology before using it. I.e. your "solutions" are all pretty much mentioned in most STP design guides.

Additionally, ever since the advent of low cost L3 and/or stackable switches, basically replace L2 topologies with L3 topologies and/or Etherchannel redundancy, where STP is only used to prevent someone from accidentally creating a L2 loop.

Laugh, that said, often learning the "hard way" often makes a lasting impression. I.e. the importance of STP design and its options are less likely to be overlooked, going forward.

MD Irshad Ansari · ‎09-30-2025

Thank you