Cisco Switching/Routing :: 3750G Spanning Tree On New Switch Stack
Nov 3, 2011
I am about rip and replace my current 3750G stack with a 3750X stack. I have trunked over vlan and vtp info and implemented a config so it should be ready to go other then moving cables onto it. However one thing I want to correct with our current setup is that the root bridge on our vlans including vlan 1 is on a separate set of switches that we control, however I would like this new stack to be the root bridge for all of our vlans. It will be the central set of switches that all other switches trunk into. I have pre-set higher spanning-tree priorities for each vlan on the new stack so I expect as I move lines into it that the tree will be re-calculated with it as the root bridge. I've ensured that there are no root guards on any of the other switches trunks and priorities are all at default levels for each vlan. Should I enforce root guard on the trunk interfaces of the new master stack? Most of the trunks are port-channels to the other switches - do I need to set root guard on the Port channel interface or on the individual ports that make up the Port channel? On both? Any other recommendations in regards to implementing spanning-tree with the new stack? I know using port channels eliminates a lot of potential for loops but not every trunk is and I'd still like to have spanning-tree on.
View 1 Replies
ADVERTISEMENT
Feb 23, 2012
2960 switch stack (flex) Spanning tree re-calculate from stack port one?I need to identify with port in the stack is causing the re-calc I have four 48 port switches and show spanning detail only indicates stack port 1.
View 1 Replies
View Related
Jun 19, 2012
changing the Spanning-tree mode on a live 6500 running in a VSS mode?If so what are the things to watch out?
View 1 Replies
View Related
Aug 15, 2012
We will be connecting Cisco 4507 with Extreme Switches. We ran into spanning-tree issues last time. Extreme does not understand spanning-tree. So what i am thinking it to prevent bpdu advertisement from 4507 to extreme switches and also prevent incoming bddu from extreme switch to 4507. I am thinking of using
spanning-tree bpdu filter
spanning-tree bpdu guard
spanning-tree root guard
View 13 Replies
View Related
Jun 17, 2012
have one 3750G stack with 4 switches and this stack is presenting the follow log message:
%PLATFORM_UCAST-4-PREFIX: One or more, more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded.
In this stack we are using the layer 3 with OSPF routing, and the current sdm prefer is default:
switch-01-3750#sh sdm prefer
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.(code)
View 2 Replies
View Related
Apr 14, 2012
if we can stack the 3750G switch with a 3750X switch ?
View 7 Replies
View Related
Oct 3, 2011
I have a pair of 3750-x switches stacked together. Using spanning tree with our upstream provider I have an active line in port GigE 1/0/25 and a blocked redundant line in GigE 2/0/25. I have setup a port based acl as below on 1/0/25 which is a port on the current master switch. Do I need to manually set this on 2/025 as well? Just wondering what would happen if the line to the master switch was to disappear or if the master disappeared completely whether the acl would automatically be applied to 2/0/25.
View 2 Replies
View Related
Apr 22, 2012
Can we stack a 3750G-12S-S switch with a 3750-E-24TD-S switch?
View 4 Replies
View Related
Feb 29, 2012
I currently have Cisco 3750G which is currently live and active and fully populated and only have remote access.
I have an additional same switch which I would like to stack. My initial plans were to have 2 GIbit etherchannels, but I came across the option to Stacks both switch with each other.
When I do a show switch on the live switch its set as a Member: [code]
I would like to add the new switch to the stack without losing the config for the switch which is live. I understand that the highest priority of the switches becomes the Master but as the live switch is Priority 1, would chancing this affect the switches config, or would it lose connection at all?
Also when I plug in the new switch and it reboot how do I ensure it becomes the slave without rebooting the live switch?The cables on the switch do they have to go to port1 on the live switch and port 1 on the new switch or can they be port 1 and port 2?
View 19 Replies
View Related
Apr 24, 2013
I read that maximum spanning tree instance number is 128, is there any switches that can go more than128 instances ? or can we do this from IOS updates ?
View 3 Replies
View Related
Feb 29, 2012
I have a 3750 switch which has the command 'spanning-tree vlan **'. I am struggling to remove this command, as this particular VLAN is one I want to distribute across our network.I have so far, set the switch to VTP Transparent mode and removed the VLAN from the database, this removes the command. If I then put the switch back to VTP client mode (or manually add the VLAN, while in in VTP transparent mode) then the command comes back. Submitting the command 'spanning-tree vlan **' command has no affect.
View 1 Replies
View Related
May 8, 2012
I want to have an opinion that which switch shall I replace the Cisco 2960s with so as to elimintae the need for spanning tree in there but then what would be the design look like between Netscreen and those new switches. Also would it be vendor independant to work Between Cisco and Netscreens/Cuberguard.
View 1 Replies
View Related
Mar 21, 2012
..I am connecting a Nexus 5K to a 6509 without VSS. Is the recommended configuration just straight etherchannel? Since the 6509 cannot do vpc, is an etherchannel the best way to configure this uplink? How does spanning-tree operate.
View 3 Replies
View Related
Oct 20, 2011
i can't configure "logging event spanning-tree" on a specific port under IOS 12.2.(58) SE2 (all other "logging events" are possible), under 12.2 (55) it is possible. Is it now a known bug or a default value?
View 4 Replies
View Related
May 2, 2012
Recently we will add 2 new core Switch 3750X, these 2 equipments will manage the spanning tree ( root)my idea is to change the priority in order to make 1 or the 2 of them the root, my question is if i setup the same priority for both when one go down the other will assume the role of root in the spanning tree topology ?
View 15 Replies
View Related
Sep 19, 2012
Why is it when I set the port priority for example to 8192 and I then do a show spanning-tree vlan 1 it shows as 8193, does it add the vlan number? so if it was vlan 10 it would be 8202?
View 7 Replies
View Related
May 12, 2013
I have two switches claiming to be the root bridge for the same vlans. The 3750-X stack was configured to be the root for vlans present and the 2960S was brought online over the weekend to replace another one. This is the command I used to attempt and make the 3750-X stack the root
spanning-tree vlan 1-2,10,50,101,200,900,999 root primary diameter 4
The IOS converted that to this
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
[code]......
View 2 Replies
View Related
Feb 8, 2011
A question concerning the use of REP for IE-3000-4TC switches:
In figure 14 of REP pdf URL can you explain why this creates a loop in the system? From the document, I thought REP and RSTP could talk to each other so why does this create a loop if they are exchanging information between each other? Also, if, in figure 14, the two switches in the STP domain that connect to the REP ring, were also connected to each other, would there still be a loop in the system?
Also, what is the recommended max diameter a REP ring should be. I thought I read some place 130 nodes is ok, but I'm looking to confirm this.
View 3 Replies
View Related
Sep 25, 2012
I am looking for some troubleshooting for some Cisco blade switches that are running high CPU. I have two 3020 blade switches in an HP chassis that each have two 1G links port channeled a pair of Nexus 5548s. Spanning tree has been constantly running about 35% of CPU for the last couple of weeks causing management SVI latency and CLI lag. The Port channel is the root port and the switches have no other connections.
Here are the things I have tried in troubleshooting the issue.
-Remove links from port channel so that one is forwarding and one is blocking -Removed the blocking link so that the switch only has one uplink. -Converted from pvst to rstp -Entered no spanning tree vlan <all vlans> so when you do show spanning tree there are no instances of spanning tree-Connected the single uplink to a different switch
Nothing has changed the continuous high spanning tree utilization of about 35%.
The 3020 switches server interfaces are configured as trunks for ESX running on the blades. It seems the only possible loop that could be causing this issue is on the ESX virtual switches, but I am not sure how that is possible. I say this because I have another pair of 3120s that have the exact same problem! However they were working fine (CPU normal) until the enclosure was populated and began switching traffic. After they began carrying a medium/heavy network switching load, the 3120s are running at a constant 56% spanning tree CPU utilization!
View 2 Replies
View Related
Nov 9, 2012
I'm testing debug spanning-tree functions in a lab, hardware is Cisco 6509 with SUP-720-3B and WS-X6748-SFP, IOS is 12.2.33.SXJ. It's a root in some vlan's, stp mode is rapid-pvst.I wanted to see how spanning-tree is working (STP packets dump, etc.), and entered following commands on 6509: [code]
Then, I turned the "debug spanning-tree all" mode on. Now, I expect to see BPDU packets from Cisco, and other spanning tree events in logs on syslog server, or in log buffer, but I don't get anyting there. Except, there're some lines in log (they repeat very rare): [code]
View 3 Replies
View Related
Jan 10, 2013
I have problems too when I connect 3com and Cisco.
I have 2 5500g 3com switches connected with 2 links. If LACP is disable, this causes serious problems and STP not works.
Logically , the link, is a port trunk with all the vlans permitted. One switch has STP enable and the other RSTP. Why this not works fine? I need to configure MSTP maybe? PVSTP is not allowed on this switches.
View 2 Replies
View Related
Oct 7, 2012
I am migrating an existing LAN from 3550 to 3750X-12S. In the existing configuation, I´ve got some trunks with native VLAN <> 1. The native VLAN is also used for user data transport. With IOS 15.0(1)SE3 on 3750X I recognized, that per default behavior PVST is not active for a VLAN defined as native, even if the corresponding trunk is up and trunking. My current workaround is to add a "switchport access vlan" command on the trunk even this one never should become an access port. With this statement only the switch is activating the PVST for the native VLAN. For all other vlans PVST works as exspected. [code]
View 6 Replies
View Related
Sep 9, 2010
I'm having some weird issues with our 3560 that's connected to an MPLS line. The speed of the port plugged into the providers equipment is 100Mb, but we're only allocated 10Mb of bandwidth from them, I tried to police our traffic out of the port using srr-queue bandwidth limit 10, however when I do that I get some really weird bandwidth results.
Using iperf I've run bandwidth tests with srr-queue bandwidth limit enabled and with it disabled, when it's disabled I get the full 10Mb as expected, however once I enable it I'm lucky to get 5Mb, and while the test is running connectivity between sites is almost useless (which is not the case if I disabled bandwidth limit). Is there anything special I should be doing when I have this enabled? I also have priority-queue out enabled with only one dscp marking placed in queue 1, with very little traffic hitting that queue, but regardless of what I do I can't get the expected bandwidth with the bandwidth limit command, even if I place my iperf traffic in that priority queue.
View 3 Replies
View Related
Feb 23, 2013
I have been tasked with migrating 24 access switches from their current distribution switches, 2x stack 3750's to a their new 4500 distribution switches. Ideally with no downtime. My plan for this was to connect the 4500's to the 3750's and create replica vlans on the 4500's therefore spanning the L2 broadcast domain across both sets of switches.
Each one of the vlans that had been created on the 4500's would have the STP bridge priority set to 4096 and 8192. When one of the uplinks from the access switches to the old 3750 stack is connected to the 4500's, as I understand this should have a stp cost of 4 and move the old uplink into discarding therefor passing traffic across the new link. This would then allow me to disconnect the old link and connect it to the second 4500 as the L2 traffic is spanned between all switches. Not ideal but the only way I can see this working.
Once each of these switches have been moved, the SVI's and static routes will be moves from the 3750 stack to the 4500s.The problem I have is that I've ran out of the available STP instances I can use, these 3750's all seem to be at 128 already so as far as I know, is that if a loop was to be formed when the 128 allocation is hit this would indeed cause loop in the network.I have a total of in use vlans to be spanned of 700. I'm unaware how many instances of stp the 4500's can deal with however I can bet it's not 700. 3000 logical interfaces I believe is the maximum I can see online with regards to how many stp instances the 4500's can use.
View 3 Replies
View Related
May 8, 2012
May I know how to manually set the priority (root ID and bridge ID priority) and for spanning tree? Which one should I use based on the command below? and how does it affect the path cost of it?
set spantree root 1
spanning vlan1 priority 4096
View 5 Replies
View Related
Nov 16, 2011
My clients switch is running out of Spanning-Tree instances (c3560 only supports 128 instances). I know that running RSTP with VSTP can mitigate this that all instances over 128 will be handeled by RSTP, but before I implement this are there any other thoughts out there on how to mitigate this. Would MSTP be able to handle more STP instances or MISTP perhaps?
View 3 Replies
View Related
Jan 12, 2012
The network in my building consists of several 2950s connected back to 3550s using redundant fiber links and MST. Recently one tenant decided they wanted to run their own switch and use the existing building network for VoIP only which is on a dedicated VLAN. I was thinking about creating an access port on the 2950 and setting it to the VoIP VLAN as I do not want to give them a trunk port. The client can take this link and connect to their switch. So far does not seem to be an issue. Now what happens if the client configures spanning-tree on their switch? I have no control over their device and cannot manage it. Is there a way I can protect my edge switch and access port to allow them to run their own spanning tree without it interfearing with my existing MST instances? I was thinking BPDU guard but if they turn on stp and my switch sees a bpdu then the port is disabled and they lose VoIP access. At the same time I dont want them to be able to create a loop on their switch and have it affect mine. But since the is only a single cable from my device to theirs?
View 4 Replies
View Related
Dec 9, 2012
We have a pair of 6500 switches, each having a trunk going to each access switch. We set the spanning tree priority on Core1 so it is the root bridge for all VLANs. We have two different types of access switches:
-3550 setup as VTP client and ISL
-2960 setup as VTP transparent and dot1q.
Pruning is disabled but we use "switchport trunk allowed vlan" to restrict which VLANs go through each trunk. When we need to permit a VLAN through a trunk, we simply run "switchport trunk allowed vlan add <VLANID>" on the access switch and both core switches. If it is a 2960 in VTP transparent mode, we must set the VLAN to active. Once this is done, a "show int trunk" will reflect the new VLAN in "Vlans in spanning tree forwarding state and not pruned" for Core1.
I recently went through this process to add VLAN 250 on a 3550 access switch, but the VLAN is not listed in STP forwarding state and not pruned. I tried removing the VLAN from the trunks and redoing it, but there is was no change. I tried adding VLAN 257, but the same behavior happened. I then tried trunking the same VLANs to a few other access switches. Three other 3550s experienced the same behavior, but I was able to trunk the VLAN to a few 2960 switches. At this point, I figured it might be related to some kind of limitation of VTP or the 3550 switches. I provisioned a new 3550 with the same IOS and settings (VTP client, ISL). To my surprise, all VLANs configured were in STP forwarding state and not pruned.
Running show spanning-tree on the core and access switch shows VLAN 250 as designated FWD. I confirmed we are not hitting the limits in "show spanning tree summary totals" on the Core or Access switches. I also confirmed we are not hitting the virtual port limit by running "show vlan virtual-port slot x."My next action might be to shut/no shut the uplink to Core1 from the access switch, but I'm not sure if that will fix it and even if it does, I have no clue what caused the issue.
View 11 Replies
View Related
Dec 15, 2012
in my LAN the all access layer switchs/stacks are connected directly to core backbone switch (cisco 6509) via sfp fiber-optic, i want to protect my spanning tree setup with the "root guard" command.
1. where would i set this ? on uplink ports on access layer switches ? or on core backbone ports to which the access layer swithes connect to?.
2. can this be set on active (production) ports without downtime?
View 5 Replies
View Related
May 29, 2012
Our customer is willing to have a Cisco Nexus 5020 to provide server connectivity and this Nexus would go connected to their core switch 6509. They are concern about Spanning tree compatibility between the Nexus and the 6509. Are they fully compatible for Spanning tree?
View 3 Replies
View Related
Nov 22, 2011
I am getting ready to make changes to our spanning-tree configuration in the data center. In familiarizing myself with the network I noticed that our core switch (6509) wasnt the spanning-tree root for the datacenter.
When I enter the spanning-tree priority command on the central 6509, will it be a hitless change (i.e. will there be any disruption to the network) ? All switches are connected to the core/central 6509 by a direct connection.
I know that when I change from pvst to rapid-pvst that the network will bounce because of the change in configurations to all of the switches.
View 3 Replies
View Related
Oct 8, 2012
Has anything changed in the way of defaults for creating a trunk port and spanning-tree between a 3750x and the newer 2960s? I have one of each I just took out of the box and applied my standard switch configuration template but I cannot get my VLANs that are configured on my 3750X to appear on the 2960S. I find nothing that is blocking and everything seems to be forwarding and I am running out of things to check.
View 5 Replies
View Related
Apr 9, 2012
My colleague and I have been having a discussion about using rapid spanning tree in the access layer. Most of our infrastructure has been migrated to a routed access layer with 3750s.
The idea was brought up to configure the switches with rapid PVST. On the surface, it seems like a better idea, faster convergence, in the event that spanning tree ends up being used for some reason. My colleague prefers sticking with standard PVST. His argument is that, in the event of a layer 2 loop, some consumer-level switches filter out BPDUs and if the control plane is overwhelmed, the shorter timers of rapid PVST just puts that much more of a burden on the CPU trying to regain control, whereas with standard PVST it will have around 20 seconds before it starts to engage. (It may still be overwhelmed, but the longer timer delays the additional burden.) He says he's seen this problem with rapid PVST and that his opinion is backed up by our Cisco rep. (I haven't spoken to him yet.)
In our model, it should be very rare -- pretty much never -- that we would layer 2 span another switch off of our access stack.
One suggestion I saw is to use BPDU Guard, which is a good suggestion as well.
But we have had experiences with overloading the control plane on a 3750. I believe that concern is valid. If the CPU can't service spanning tree. But I'm interested in hearing about other experiences people have had in terms of rapid spanning tree in the access layer, end users plugging in unauthorized devices and creating loops, and the effects when using rapid spanning tree vs standard spanning tree.
View 6 Replies
View Related