Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2276
Views
0
Helpful
1
Replies

STP Loop Guard blocking vlans

perez.matt
Level 1
Level 1

‎03-25-2013 06:32 AM - edited ‎03-07-2019 12:28 PM

I have a strange issue where spanning-tree is blocking vlans through a mesh network.

Here is my set up.

2-Cisco  3560's that have two trunk ports set with do1q and a native vlan of 2.  I'm allowing a client vlan (2) and a voice vlan (103) to come over the  trunk. They have a native vlan of 2 so the mesh APs can get an address  through DHCP. Spanning-tree loop guard is also enabled.

When connected to the mesh network, the voice vlan is being blocked by spanning-tree. I get the following erros:

000129: *Feb 28 19:24:58.289 EST: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port FastEthernet0/1 on VLAN0103.
000130: *Feb 28 19:24:58.448 EST: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port FastEthernet0/1 on VLAN0103.

Eventually  the loop is cleared and the port is set back to a forwarding state from  a blocking state. I don't want to disabled spanning-tree loopguard since I don't want to create a loop.

The mesh network is supposed to act as a P2P connection between two switches. As  a test I disconnected the APs from their trunk ports. I then used a  cross over cable to connect the switches and no spanning tree loops  occured. The mesh doesn't have STP enabled on it and should just be acting as an over-the-air connection from one switch to another.

Any suggestions?

Labels:
0 Helpful
1 Reply 1

Rolf Fischer
Level 9
Level 9

‎03-25-2013 10:41 AM

Hi,

the reason that Loop Guard blocks a particular VLAN on a port ist that the port ist non-designated but has stopped receiving BPDUs in that VLAN.

I don't know exactly what's the problem with your setup, but if that happens only on the tagged VLAN(s), it's possibly  caused by the proprietary Multicast MAC Destination used by the Cisco per-VLAN ST implementations.

The IEEE address (01-80-C2-00-00-00) is send untagged and obviously reliably forwarded across your mesh network. The tagged BPDUs for the per-VLAN instances use this MAC address: 01-00-0C-CC-CC-CD. Non-Cisco devices normally don't recognize them as BPDUs.

I know, that's not really an answer in terms of how to solve it but maybe it helps finding the cause.

Best regards

Rolf

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card