Vlan 10 is the management VLAN, and it uplinks to our border router.Vlan 20 is the workstation VLAN, and all workstations point to the switch as their default GW? Vlan 30 is the ip phone VLAN, and all phones use this as their gateway.
I would like to put a LAG between said switches, we have some servers on the ip phone switch that need to be accessed by the workstation clients, and the single 100mb link through the router is probably not going to be enough.As I understand it, because the switches have different networks on them, a simple lag will not work. I did create a lag, and assign ip addresses to each side, however in that mode, it doesn't appear I can block vlan 10 from transiting the LAG, and with out that block I will end up with a logical loop, and spanning-tree will block one of the uplinks, or the LAG itself.
I've got a bit of a query regarding how spanning tree works on L3 switches?So say we have a few 3550's connected together and spanning tree has converged and everything is looking ok. We then introduce routing into the network, does STP still operate in the same way or is this layer 2 feature now redundant because routing has taken over?I just couldn't figure out if STP still operates at layer 2 to prevent loops and routing sits on top to route the traffic?
I have a question in regards to configuration I'm planning to implement. I currently have 2 x 3750 running in a stack. I would like to add 1 x 870 router connected to both switches.It's important for me that 870 is always available (it will only be used as a backdoor for our management network through WAN) but I don't want it to participate in any switching (including switching for management network unless it's going through this backdoor WAN). Do I need to configure spanning tree on all switches or stack is automaticly working as a 1 logical unit?As router is only using 100MB/s connection, how I can prevent this router from switching packets with other switches?
I have problems too when I connect 3com and Cisco.
I have 2 5500g 3com switches connected with 2 links. If LACP is disable, this causes serious problems and STP not works.
Logically , the link, is a port trunk with all the vlans permitted. One switch has STP enable and the other RSTP. Why this not works fine? I need to configure MSTP maybe? PVSTP is not allowed on this switches.
I've been taught/under the impression that vlans and stp stay in the access layer to prevent bridging loops and broadcast storms from taking down the whole network. Well I was reading about backbonefast and how it "Enables fast convergence in the networkbackbone or core layer switches after a spanning-tree topology change occurs." Now I thought that from the distribution layer up we use a routing protocol.
We are upgrading out internal office network. I have setup 4 switches and 1 router using the following config.
-2 SGE2010p's are stacked together forming vlan 30 (to be used for phones)
-2 SGE2010's stacked for workstation's under vlan 20
Both switches are apart of vlan 1 (the default)Ports 1 on each stack are connected to a Cisco 890 (port fe2 and fe3) in trunk mode. Ports 2 and 3 are in an LAG group and connected to the neighboring stack (I have attached a diagram), and are also in trunk mode).At this point one port (port 1 on either stack) goes into blocking mode, and I get why ,it's a physical loop.I need more than a 100mb link between switches (which is what pulling the LAG between switches gets me), but I don't want to route phone traffic through my workstation switches to get out of the LAN.Is it possible using these switches and router to have a LAG between stacks and a link to the router for traffic to 0.0.0.0 ?
Is there really any reason why you wouldn't use spanning-tree portfast on a trunk port other than a trunk between two switches? We have it enabled on all ports except for the fiber trunk between two non-stacked switches and the trunk ports connected to our Astaro firewall.I'd like to enable it on the ports to the firewall unless that would cause issues.
I have setup a WiFi bridge using two Cisco 1262n AP. I was able to get the bridge up and running for a little while. But soon after I plugged in a switch on the non root side of the bridge, the LAN on the root side started slowing and user were getting disconnected from the network. I suspect the Spanning Tree issue with the Bridge.
I am using both the 2.4 and the 5Ghz bands for the Bridge. I assume that this was OK and was needed to get the highest throughput, right?
I was making an assumption that the AP would take into account the possible spanning tree issues automatically when both bands are used in the same bridge. Is assumption correct? If not what is the correct configuration for spanning tree on a wireless bridge that uses 2.4 and 5 bands?
For last few days I've been reading about Spanning Tree Protocol ,L2 protocol and understood how it prevents loop in network ,various steps in STP but one thing i wanted to know how STP actually detects the loops in network so that it can prevent it.Somewhere I read STP uses BPDU as probe and detects loops I mean how it happen is when switch send a BPDU with Destination Address as multicast and receive same BPDU again mean there is loop in network .But is it how STP detects loops in network?
I am trying to confirm which of my cisco switch is the spanning-tree root. I know which I prefer to hold the spanning-tree and I ran the command spanning-tree vlan 1 root on this switch,I would now like to check that this command has worked and so I ran the command 'show spanning-tree root active' and received the detail below.To make sense of this and determine which port the mac address references (From this I take it that 00b0.d0f5.cf31 is the root, how can I determine which port this is).
I need to implement a "Spanning Tree Status" view on my NMS and I would like to use SNMP. I'm running Rapid Per-VLAN Spanning Tree Protocol on 3560-E (WS-C3560E-24TD) with IOS 12.2(55)SE.Using the ciscoStpExtensionsMIB MIB (CISCO-STP-EXTENSIONS-MIB) I see the stpxRSTPPortRoleTable table, which contains the stpxRSTPPortRoleValue value, and I think it could be fine for my job.The problem is that this table uses an index based on the standard dot1dBridge.1.4 table (dot1dBasePortTable) that does not report some interfaces: [code]I think the dot1dBasePortTable does not include those interfaces (5, 7, 8) where I do not run standard STP, but I need the dot1dBasePortEntry entries because I have to use them in order to get the interface ID (values like 10109, 10110, 10111).
Ages ago I was shadowing someone making a change on the network. I cannot remember which spanning tree version was running and cannot remember the config of any port either. What I do remember is that every switch port on the 2960 switch went orange and an outage occured, where the ports went into listening / learning mode. I assume that the STP was just the default ieee 802.1D.
I have a pair of 3750-x switches stacked together. Using spanning tree with our upstream provider I have an active line in port GigE 1/0/25 and a blocked redundant line in GigE 2/0/25. I have setup a port based acl as below on 1/0/25 which is a port on the current master switch. Do I need to manually set this on 2/025 as well? Just wondering what would happen if the line to the master switch was to disappear or if the master disappeared completely whether the acl would automatically be applied to 2/0/25.
I have a 3750 switch which has the command 'spanning-tree vlan **'. I am struggling to remove this command, as this particular VLAN is one I want to distribute across our network.I have so far, set the switch to VTP Transparent mode and removed the VLAN from the database, this removes the command. If I then put the switch back to VTP client mode (or manually add the VLAN, while in in VTP transparent mode) then the command comes back. Submitting the command 'spanning-tree vlan **' command has no affect.
I want to have an opinion that which switch shall I replace the Cisco 2960s with so as to elimintae the need for spanning tree in there but then what would be the design look like between Netscreen and those new switches. Also would it be vendor independant to work Between Cisco and Netscreens/Cuberguard.
..I am connecting a Nexus 5K to a 6509 without VSS. Is the recommended configuration just straight etherchannel? Since the 6509 cannot do vpc, is an etherchannel the best way to configure this uplink? How does spanning-tree operate.
i can't configure "logging event spanning-tree" on a specific port under IOS 12.2.(58) SE2 (all other "logging events" are possible), under 12.2 (55) it is possible. Is it now a known bug or a default value?
Recently we will add 2 new core Switch 3750X, these 2 equipments will manage the spanning tree ( root)my idea is to change the priority in order to make 1 or the 2 of them the root, my question is if i setup the same priority for both when one go down the other will assume the role of root in the spanning tree topology ?
I have two switches claiming to be the root bridge for the same vlans. The 3750-X stack was configured to be the root for vlans present and the 2960S was brought online over the weekend to replace another one. This is the command I used to attempt and make the 3750-X stack the root
spanning-tree vlan 1-2,10,50,101,200,900,999 root primary diameter 4 The IOS converted that to this spanning-tree mode rapid-pvst spanning-tree loopguard default spanning-tree portfast bpduguard default
I am about rip and replace my current 3750G stack with a 3750X stack. I have trunked over vlan and vtp info and implemented a config so it should be ready to go other then moving cables onto it. However one thing I want to correct with our current setup is that the root bridge on our vlans including vlan 1 is on a separate set of switches that we control, however I would like this new stack to be the root bridge for all of our vlans. It will be the central set of switches that all other switches trunk into. I have pre-set higher spanning-tree priorities for each vlan on the new stack so I expect as I move lines into it that the tree will be re-calculated with it as the root bridge. I've ensured that there are no root guards on any of the other switches trunks and priorities are all at default levels for each vlan. Should I enforce root guard on the trunk interfaces of the new master stack? Most of the trunks are port-channels to the other switches - do I need to set root guard on the Port channel interface or on the individual ports that make up the Port channel? On both? Any other recommendations in regards to implementing spanning-tree with the new stack? I know using port channels eliminates a lot of potential for loops but not every trunk is and I'd still like to have spanning-tree on.
A question concerning the use of REP for IE-3000-4TC switches:
In figure 14 of REP pdf URL can you explain why this creates a loop in the system? From the document, I thought REP and RSTP could talk to each other so why does this create a loop if they are exchanging information between each other? Also, if, in figure 14, the two switches in the STP domain that connect to the REP ring, were also connected to each other, would there still be a loop in the system?
Also, what is the recommended max diameter a REP ring should be. I thought I read some place 130 nodes is ok, but I'm looking to confirm this.
I am looking for some troubleshooting for some Cisco blade switches that are running high CPU. I have two 3020 blade switches in an HP chassis that each have two 1G links port channeled a pair of Nexus 5548s. Spanning tree has been constantly running about 35% of CPU for the last couple of weeks causing management SVI latency and CLI lag. The Port channel is the root port and the switches have no other connections.
Here are the things I have tried in troubleshooting the issue.
-Remove links from port channel so that one is forwarding and one is blocking -Removed the blocking link so that the switch only has one uplink. -Converted from pvst to rstp -Entered no spanning tree vlan <all vlans> so when you do show spanning tree there are no instances of spanning tree-Connected the single uplink to a different switch
Nothing has changed the continuous high spanning tree utilization of about 35%.
The 3020 switches server interfaces are configured as trunks for ESX running on the blades. It seems the only possible loop that could be causing this issue is on the ESX virtual switches, but I am not sure how that is possible. I say this because I have another pair of 3120s that have the exact same problem! However they were working fine (CPU normal) until the enclosure was populated and began switching traffic. After they began carrying a medium/heavy network switching load, the 3120s are running at a constant 56% spanning tree CPU utilization!
We will be connecting Cisco 4507 with Extreme Switches. We ran into spanning-tree issues last time. Extreme does not understand spanning-tree. So what i am thinking it to prevent bpdu advertisement from 4507 to extreme switches and also prevent incoming bddu from extreme switch to 4507. I am thinking of using
I'm testing debug spanning-tree functions in a lab, hardware is Cisco 6509 with SUP-720-3B and WS-X6748-SFP, IOS is 12.2.33.SXJ. It's a root in some vlan's, stp mode is rapid-pvst.I wanted to see how spanning-tree is working (STP packets dump, etc.), and entered following commands on 6509: [code]
Then, I turned the "debug spanning-tree all" mode on. Now, I expect to see BPDU packets from Cisco, and other spanning tree events in logs on syslog server, or in log buffer, but I don't get anyting there. Except, there're some lines in log (they repeat very rare): [code]
I am migrating an existing LAN from 3550 to 3750X-12S. In the existing configuation, I´ve got some trunks with native VLAN <> 1. The native VLAN is also used for user data transport. With IOS 15.0(1)SE3 on 3750X I recognized, that per default behavior PVST is not active for a VLAN defined as native, even if the corresponding trunk is up and trunking. My current workaround is to add a "switchport access vlan" command on the trunk even this one never should become an access port. With this statement only the switch is activating the PVST for the native VLAN. For all other vlans PVST works as exspected. [code]
I'm having some weird issues with our 3560 that's connected to an MPLS line. The speed of the port plugged into the providers equipment is 100Mb, but we're only allocated 10Mb of bandwidth from them, I tried to police our traffic out of the port using srr-queue bandwidth limit 10, however when I do that I get some really weird bandwidth results.
Using iperf I've run bandwidth tests with srr-queue bandwidth limit enabled and with it disabled, when it's disabled I get the full 10Mb as expected, however once I enable it I'm lucky to get 5Mb, and while the test is running connectivity between sites is almost useless (which is not the case if I disabled bandwidth limit). Is there anything special I should be doing when I have this enabled? I also have priority-queue out enabled with only one dscp marking placed in queue 1, with very little traffic hitting that queue, but regardless of what I do I can't get the expected bandwidth with the bandwidth limit command, even if I place my iperf traffic in that priority queue.
I have been tasked with migrating 24 access switches from their current distribution switches, 2x stack 3750's to a their new 4500 distribution switches. Ideally with no downtime. My plan for this was to connect the 4500's to the 3750's and create replica vlans on the 4500's therefore spanning the L2 broadcast domain across both sets of switches.
Each one of the vlans that had been created on the 4500's would have the STP bridge priority set to 4096 and 8192. When one of the uplinks from the access switches to the old 3750 stack is connected to the 4500's, as I understand this should have a stp cost of 4 and move the old uplink into discarding therefor passing traffic across the new link. This would then allow me to disconnect the old link and connect it to the second 4500 as the L2 traffic is spanned between all switches. Not ideal but the only way I can see this working.
Once each of these switches have been moved, the SVI's and static routes will be moves from the 3750 stack to the 4500s.The problem I have is that I've ran out of the available STP instances I can use, these 3750's all seem to be at 128 already so as far as I know, is that if a loop was to be formed when the 128 allocation is hit this would indeed cause loop in the network.I have a total of in use vlans to be spanned of 700. I'm unaware how many instances of stp the 4500's can deal with however I can bet it's not 700. 3000 logical interfaces I believe is the maximum I can see online with regards to how many stp instances the 4500's can use.