will spanning tree funcion with unmanaged switches

Lasandro Lopez · ‎03-20-2013

i want to know if for scenario below, will happen loop or not.

So there are two core switches, connected with each other with two trunk ports.
And below are the access switches, layer2, unmanaged (just plug and play)
I want redundancy path links between core switches and unmanaged switches (as in picture below, one link per switch).
My question is if loop will happen or not, since there are unmanaged switches in this diagram.
Regards!
See the picture for more details.

Giuseppe Larosa · ‎03-20-2013

Hello Lasandro,

the access layer switches are unmanaged, but this does not mean they don't run STP at all,

If the access layer unmanaged switches send out and process STP BPDUs a loop free topology is built by STP by blocking a few ports.

Remember to enforce STP root bridge (primary and secondary) on Cisco devices with appropriate commands.

The Cisco switches are able to interoperate with IEEE STP 802.1D or 802.1W in vlan 1, even if they are running PVST+ or Rapid PVST.

So the key point is to check the datasheet of the unmanaged switches to verify STP support.

Hope to help

Giuseppe

Lasandro Lopez · ‎03-20-2013

Dear Giuseppe!
Let's suppose teh unmanaged switch don't support STP, will loop happen or not?

Giuseppe Larosa · ‎03-20-2013

Hello Lasandro,

if the unmanaged switches do not support any form of STP the scenario becomes critical.

The Cisco switches transmit PVST+ / Rapid PVST using proprietary BPDUs for each Vlan permitted on the trunk ports and these frames are passed via the unmanaged switches and this should lead to blocking on the secondary root side for all Vlans except Vlan1.

For Vlan1 Cisco switches send standard based BPDUs, if the unmanaged switches allow them to pass also Vlan1 topology is loop free.

However, the scenario is critical because if the unmanaged switches do not support any form of STP it is enough to connect two of them with a LAN cable to create a bridging loop !!!

Unmanaged switches are not recommended, and if they do not support STP they SHOULD not be used in a network.

From experience most of consumer switches actually support STP and the protection of STP BPDU guard on legitimate infrastructure switches is enough to protect from their unauthorized addition to the network

Hope to help

Giuseppe

Richard Burts · ‎03-20-2013

I would agree with Giuseppe that if the unmanaged switch does not support Spanning Tree that the scenario becomes critical and that a loop could/would form. I also agree that (assuming that the Cisco switches are correctly configured) that the BPDUs from a Cisco switch would pass through the unmanaged switch and reach the other Cisco switch which would then detect and break the loop.

Part of Giuseppe's discussion seems to assume that the connection from the Cisco switches to the unmanaged switches would be trunk ports. I would suggest that it is inappropriate to connect an unmanaged switch to a trunk port. The unmanaged switch would have all of its ports as access ports in the same vlan (how could the switch have vlans if you can not access the switch to configure it) and as such should connect to an access port on the Cisco switch.

I would also comment that I believe that it would be quite unusual to find an unmanaged switch that did not support spanning tree.

HTH

Rick

HTH

Rick

Taheireem Shaikh · ‎04-13-2013

I tried above scenario on PT and i didnt find any Layer 2 loops.

And the o/p from both the Switches as shown below

====================

LHSL3Sw#show spanning-tree

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 00D0.9714.9107

Cost 19

Port 1(FastEthernet0/1)

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 00D0.D326.4E98

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/1 Root FWD 19 128.1 P2p

Fa0/2 Altn BLK 19 128.2 P2p

Fa0/3 Altn BLK 19 128.3 Shr

Fa0/4 Altn BLK 19 128.4 Shr

Fa0/5 Altn BLK 19 128.5 Shr

LHSL3Sw#

===============

RHSL3Sw#sh spanning-tree

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 00D0.9714.9107

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 00D0.9714.9107

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/1 Desg FWD 19 128.1 P2p

Fa0/2 Desg FWD 19 128.2 P2p

Fa0/3 Desg FWD 19 128.3 Shr

Fa0/4 Desg FWD 19 128.4 Shr

Fa0/5 Desg FWD 19 128.5 Shr

RHSL3Sw#

=====================

refer PT file as attachment