Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2557
Views
15
Helpful
9
Replies

STP topology changed and Root Bridge

Go to solution
utawakevou
Level 4
Level 4

‎03-06-2017 02:00 PM - edited ‎03-08-2019 09:38 AM

I've got two things here. First is STP topology change we see in our logs. Logs shows that it happens after 1 hour or 3 hours and sometimes after 5 hours. My show spanning tree detail result on my root bridge bridge often shows that it is from a port-channel that hooks up to our distribution switch where our access to other buildings and sites is connected to. Quite difficult to trace it as I have a hybrid of Cisco and HP equipment's with my core as  2 Cisco 3750 (stacked) and two Cisco Nexus N9K-C9372TX configured as vPC and L3 as well. Can someone enlighten me whether I should be alarmed or is this normal.

The second is I'm after recommendation on my root bridge selection. When we deployed our Cisco Nexus as our core switch/router I never remove the role of root bridge from the Cisco 3750. Got this configured on my 3750 and its the root bridge at the moment for all my switches (Cisco and HP)

spanning-tree mode mst
spanning-tree extend system-id
spanning-tree mst 0 priority 16384

Would it be recommended to change the root bridge to the Cisco Nexus N9K-C9372TX. If so do i have to change the priority of both Nexus to be the same and lower than the Cisco 3750 (16384) or do I have to configure different priority numbers for both ?

Any help or recommendation will be really appreciated. Attach herewith is a drawing of how things are setup at my core 

1 person had this problem
Labels:
Preview file
81 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎03-06-2017 05:15 PM

Hi 

I'm answering first on your seconds question. Best practices would be to align your spanning-tree root with your layer 3 "gateway". If your Nexus 1 is primary for your hsrp it should be your root bridge then your second Nexus should be considered as your second root. All your switches in the downstream (including 3750) should have a higher priority. 

Now regarding your TCN, you need to track where there tcn had been triggered. I'm not a hp expert but it supports mstp and you should beer able to talk there topology change as well. 

How your HP is configured?

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Go to solution
willwetherman
Spotlight
Spotlight
In response to Francesco Molino

‎03-07-2017 01:19 AM

Hi,

Just to add to this, you can enable the vPC Peer-switch feature on the Cisco Nexus 9K switches which allows the vPC peer devices to appear as a single STP root in the topology. This improves convergence time in the event of a vPC primary device failure or recovery.

This can be configured by enabling peer-switch under the vPC domain and setting the SPT priority to the same on both Nexus 9Ks.

Please see the following on page 67

http://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf 

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎03-06-2017 05:15 PM

Hi 

I'm answering first on your seconds question. Best practices would be to align your spanning-tree root with your layer 3 "gateway". If your Nexus 1 is primary for your hsrp it should be your root bridge then your second Nexus should be considered as your second root. All your switches in the downstream (including 3750) should have a higher priority. 

Now regarding your TCN, you need to track where there tcn had been triggered. I'm not a hp expert but it supports mstp and you should beer able to talk there topology change as well. 

How your HP is configured?

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
utawakevou
Level 4
Level 4
In response to Francesco Molino

‎03-06-2017 07:22 PM

Hi Francesco,

Thanks for the recommendation. So does that mean I can just put in a lower priority number on the nexus and leave the 3750 as it is ? The Cisco 3750 priority is set to 16384. So can I just set the nexus01 to priority 16380 and nexus02 as 16382 ? With those priority my 1st root will be the nexus01 then the 2nd root will be the nexus02 and the 3rd root will be the 3750

Regarding the TCN, yes thanks, Im doing all I can on the logs to ID the source of where its been triggered from. Am in the process of segmenting a site also that is linked to us but using the 3750 as its root bridge which I beleive is the source of the TCN.

Thanks once again for your prompt response

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to utawakevou

‎03-06-2017 07:36 PM

Yes your Nexus switches must have lower priority. However priority should be an increment of 4096. Then if you want to keep the priority as is on 3750, you can assign the following priorities: 0, 4096, 8192. 

Nexus 1 should have the lowest and Nexus 2 higher than Nexus 1 but lower than 3750

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
willwetherman
Spotlight
Spotlight
In response to Francesco Molino

‎03-07-2017 01:19 AM

Hi,

Just to add to this, you can enable the vPC Peer-switch feature on the Cisco Nexus 9K switches which allows the vPC peer devices to appear as a single STP root in the topology. This improves convergence time in the event of a vPC primary device failure or recovery.

This can be configured by enabling peer-switch under the vPC domain and setting the SPT priority to the same on both Nexus 9Ks.

Please see the following on page 67

http://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf 

0 Helpful

Go to solution
utawakevou
Level 4
Level 4
In response to willwetherman

‎03-07-2017 07:37 PM

Thanks Francesco and Will.This looks promising. Since I've already setup vPC should I go for the vPC peer-switch feature or is it also possible I give the two Nexus different priorities ? Do note after I got this up well with my STP topology then Ill move to my OSPF where I want my Nexus to be the DR's for OSPF in my backbone area

Thanks once again

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to utawakevou

‎03-07-2017 08:05 PM

Hi 

If you can enable the vpc peer link go ahead with that design. It's better than having 2 separate devices. 

Thanks


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
utawakevou
Level 4
Level 4
In response to Francesco Molino

‎05-09-2017 09:45 PM

I have manage to configure my Nexus vPC pair as the root bridge now for my STP

Thanks for all your help and advice

:)

0 Helpful

Go to solution
utawakevou
Level 4
Level 4
In response to Francesco Molino

‎05-03-2017 01:38 PM

In regards to the TCN, we have manage to find it out. I will make a change soon for the root bridge

Thanks

0 Helpful

Go to solution
Carlomd
Level 1
Level 1
In response to Francesco Molino

‎01-29-2021 11:32 AM

All,

sorry for the hijack, I had the same question as the OP on another thread, but I don't have an HP sw in my rack, I have a vpc pair of 9372's and a n3k3064, and 2 catalysts, a 4948 and an old 2960, also wanted to switch over the root br duties to the vpc pair, so I see the command peer-switch is also required, I have peer-gateway and peer-router already enabled on my vpc domain 1, thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card