Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1382
Views
3
Helpful
12
Replies

what is the real trigger for spanning tree take effect?

seanxiao
Level 1
Level 1

‎10-03-2024 02:06 AM

greetings guys,


sorry for raising this kind of old-school question.
It seems it is usually said that whenever there is a physic loop, a spanning tree (whether 802.1d or 802.1w or whatever, as long as they are not disabled) will take effect and block some specific port.
what if there is only a layer 1 loop, but no loop for a VLAN (layer 2)? will any port be blocked, let's say, by PVRST or STP? let's see the diagram:

stp.jpg

in the above diagram, there is no layer 2 loop for any of the VLANs (1 or 10), and there should not be any risk of broadcasting storm or Mac address flapping. Will any version of the spanning tree protocol (802.1d or 802.1w, etc.) take effect in this topology and block some ports? I say no.

let's say another diagram as below:

stp2.jpg

in this diagram, will any version of the spanning tree take effect and block some ports?

I think so, because the ports in this loop are transparent for at least VLAN 1 VLAN10, and VLAN 20 since the ports on the same switch both access the same VLAN, and layer 2 traffic (ARP or BPDU) can flow through along the whole loop as there is only untagged frame along the inter-link across the switches. Spanning tree protocol should handle this risk to make a loop-free topology.

but, the problem is, for spanning tree protocol works per VLAN, like 802.1w, how does it consider the diagram? Yes, there is a loop as mentioned above, but VLAN 10 or VLAN 20 only resides in a single switch, then who is the root port for that VLAN on the non-root bridge? Who is the designated port on a segment if there is no same VLAN at both ends of that segment?

How do you think about it?

Thanks,
Sean

Labels:
0 Helpful
12 Replies 12

MHM Cisco World
VIP
VIP

‎10-03-2024 02:13 AM

Note to consider 

1-if you use stp (legacy) then one link must be stp BLK status whatever same or different vlan use in any SW

2-if you use pvst and same vlan use by two SW then there is no loop and stp for this vlan is not BLK in any link, notice in pvst the BLK is not link but vlan-Per-link

3- lastly Vlan1 can not delete from any SW so pvst will have loop with these three SW and BLK Vlan1 in one link.

MHM

seanxiao
Level 1
Level 1
In response to MHM Cisco World

‎10-05-2024 09:08 PM

thanks MHM as always.

I know vlan 1 cannot be removed from the vlan db, but in my diagram, it is not configured to the port of any interlink between any of 2 swithces. This should not form any vlan loop for vlan1, correct? so, stp wont effect for vlan 1 right?

0 Helpful

MHM Cisco World
VIP
VIP
In response to seanxiao

‎10-06-2024 10:32 AM

This should not form any vlan loop for vlan1, correct? so, stp wont effect for vlan 1 right? Yes Correct

the topology is physical three SW connect as triangle 
NOTE:- I use PVST, what decide the virtual topology number is VLAN allow, since there is one bpdu per vlan in pvst there is one virtual topology for each VLAN allow, sure this different for MST.


but the STP see this as 
Case1 two virtual topology 
one virtual topology for vlan10 and you see there is Loop and STP detect it and BLK one link 
other virtual topology for vlan20 and you see there is no loop since vlan20 not allow in trunk between SW1-SW2/3

Case2 three virtual topology 
one virtual topology for vlan10 and you see there is Loop and STP detect it and BLK one link 
one virtual topology for vlan1 and you see there is Loop and STP detect it and BLK one link 
other virtual topology for vlan20 and you see there is no loop since vlan20 not allow in trunk between SW1-SW2/3


 

Case1

VLAN1 not allow in any trunk 

Screenshot (808).pngScreenshot (809).pngScreenshot (810).png

Case2 
add VLAN1 to all trunk 

Screenshot (811).pngScreenshot (812).pngScreenshot (813).png

0 Helpful

MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎10-07-2024 01:10 AM - edited ‎10-07-2024 01:15 AM

NOW for MST 

the number of virtual topology is equal to instance (remember there always instance 0 as default)

Case2 

virtual topolgy for instance 0 (by defualt this instance have include all vlan unless you config VLAN to be in differnet instance)
virtual topology for instance 1 (which inclue vlan1,10) , here since vlan 1,10 allow in all trunk then one link must be BLK for all vlan include in that instance 
virtual topology for instance 2 (which include vlan20) here since vlan20 allow only between 2-3 then there is no loop and link is forward for all vlan in instance 2

stp issue.png

Screenshot (821).pngScreenshot (822).pngScreenshot (820).png

0 Helpful

MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎10-07-2024 01:11 AM

So you need to see physical topolgy differently depend on STP mode and VLAN allow then draw virtual topology after that it will so clear for you.

MHM

0 Helpful

M02@rt37
VIP
VIP

‎10-03-2024 02:31 AM

Hello @seanxiao 

In the first diagram, you described a L1 physical loop without any L2 loop for the VLANs in the network (VLAN 1 and VLAN 10). This is a scenario where, although there is a physical redundancy in place, the VLANs do not span the entire loop, and thus there is no possibility for broadcast storms or MAC address flapping. That's what you mean ?  Since STP operates on a per-VLAN basis (in protocols such as 802.1W or PVST+), the protocol wouldn’t detect a logical loop at the L2 level for any specific VLAN in this case. Therefore, no ports would be blocked by STP, as the protocol wouldn't need to intervene where there is no risk of L2 loops forming for any of the VLANs. The physical loop exists, but since each VLAN operates on its own independent segment without creating a VLAN-wide loop, STP remains inactive.

As concerned the second diagram, the difference here is that the VLANs (such as VLANs 1, 10, and 20) share the same physical ports on multiple switches, allowing L2 broadcast traffic (such as ARP requests and BPDUs) to travel across the loop. This introduces the possibility of a broadcast storm or MAC address instability, which STP is designed to mitigate. STP will detect the loop and will work to block one or more ports to prevent the L2 loop from forming, ensuring a loop-free topology. In this case, STP takes effect by determining the root bridge, root ports, and designated ports for each VLAN independently.

Regarding how STP works in per-VLAN environments like 802.1W Rapid-PVST or PVST+, the protocol operates a separate spanning tree instance for each VLAN. Even if VLANs 10 or 20 reside only within a single switch and do not extend across the loop, STP will still assess the topology per VLAN. In cases where a VLAN spans across multiple switches and forms a loop (as in VLAN 1 in the second diagram), STP will block a port in the loop for that specific VLAN. The root bridge for each VLAN is chosen based on the bridge ID, and root ports and designated ports are calculated for each VLAN independently. If a VLAN exists only within a single switch and doesn’t extend into the loop, STP will simply see no loop for that VLAN and won't block any ports...

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

seanxiao
Level 1
Level 1
In response to M02@rt37

‎10-05-2024 09:36 PM

thanks sir. generally we are at the same page I think?

"In cases where a VLAN spans across multiple switches and forms a loop (as in VLAN 1 in the second diagram)"

in the second diagram, vlan 1 is not spanning across multiple switches. The ports of each link are allocated with a vlan specifically if you see the notes on the diagram.

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to seanxiao

‎10-06-2024 04:25 AM

"In cases where a VLAN spans across multiple switches and forms a loop (as in VLAN 1 in the second diagram)"

 

in the second diagram, vlan 1 is not spanning across multiple switches. The ports of each link are allocated with a vlan specifically if you see the notes on the diagram.

Correct, assuming all ports are access ports.  Also assuming the Cisco STP variants include a VLAN ID in their BPDUs.

BTW, again, both diagrams are LAN, not VLAN, L2 loops.  So IEEE STP and rapid-STP would block one of the links.

0 Helpful

paul driver
VIP
VIP

‎10-03-2024 01:24 PM

Hello

@seanxiao wrote:

let's say another diagram as below:

stp2.jpg

in this diagram, will any version of the spanning tree take effect and block some ports?

If those ports are in a administrative mode of trunk or access based on your OP then no loop will be incurred, but its not a valid design
Sw1 - both ports vlan 10
Sw2 - both ports vlan 1
Sw3 - both ports vlan 20


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-05-2024 01:47 PM

"what if there is only a layer 1 loop, but no loop for a VLAN (layer 2)?"

Hmm, don't see how that's possible.  A L1 loop would also create a L2 loop.

BTW, since you're using switches, you have not created a L1 loop.  To create a L1 loop, something like replacing those 3 switches with 3 hubs would do the trick.

(ignoring 1st diagram port VLAN assignments) "will any port be blocked, let's say, by PVRST or STP?"

Insufficient information as it depends on whether switches are using multiple VLANs and how they are defined per port and particular STP variant you're using.

(1st diagram)  "Will any version of the spanning tree protocol (802.1d or 802.1w, etc.) take effect in this topology and block some ports? I say no."

For PVST, I believe (?) no is correct.  For IEEE STP/rapid-STP, the correct answer is yes, there will be a block.  (The latter, IEEE, ignores VLANs.)

(2nd diagram)  "in this diagram, will any version of the spanning tree take effect and block some ports?"

I believe (?), same answer as for the 1st diagram.

Keep in mind, on a Cisco switch, with CDP active, it will complain about access ports with mismatched VLANs.

"but, the problem is, for spanning tree protocol works per VLAN, like 802.1w, how does it consider the diagram?"

Firstly, both Cisco's STP and rapid-STP are per-vlan, again IEEE STP/rapid-STP don't consider VLANs.

Cisco's per-VLAN STP variants include VLAN ID, I recall, in their BPDU, so receiving the switches with mismatched VLANs might not see the VLANs, for STP purposes, crossing multiple switches.  However, Troubleshoot Spanning Tree PVID- and Type-Inconsistencies has further details, which may precisely answer this situation (I have not studied this TechNote).

"VLAN 10 or VLAN 20 only resides in a single switch, then who is the root port for that VLAN on the non-root bridge?"

As those two VLANs are only known (?) on one switch each, they only that switch would be a possible root.

VLAN 1, being a default on all 3 switches, if each switch doesn't consider it's obtaining a valid BPDU from the other switches for VLAN 1, would has a VLAN 1 root on each switch.

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-06-2024 09:44 AM

BTW, I build two PT labs, one for diagram 1, and the other for diagram 2 (see attachments).

Cannot guarantee the accuracy/fidelity of PT but diagram 1 doesn't block any links, as expected, but diagram 2 blocks a SW3 port, not expected.

diagrams.zip
0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Joseph W. Doherty

‎10-06-2024 04:47 PM

Interesting, I'm getting PT diagram 2 like results in CML too.  Again, not as expected.

0 Helpful
Customers Also Viewed These Support Documents