Cincinnerdi Tech Stuff

A mind-numbing read if ever there was one

Cisco switches: Classic STP -> RSTP -> MST

leave a comment »


To better use switch connections that are otherwise blocked by STP, I setup 5 switches (2 distribution and 2+1 access) to support 7 VLANs with redundant links for fault tolerance.
Traditional CSTP provided for convergence after a link failed, in 52 seconds. RSTP amazingly reduced that to sub-second convergence. MST maintained that, but the lab will continue next time to carry the 7 VLANs over two different virutual switch topologies. (I did NOT use VTP with this work.)

Setup switches and connect.
Use erase startup-config and reload to wipe out old configurations. Setup hostnames (e.g., 3550sw1) and config t ;line console 0; logging synchronous to get terminals set to go.

Config the switchports that have hosts (PCs that is) to connect as non-trunks quickly using portfast. This cuts the “light turns from amber to green” when you connect a switch cable from half a minute to 2 seconds. Note the stern warning Cisco gives you:

2950sw3(config)#int range fa 0/1 – 2
2950sw3(config-if-range)#switchport mode access
2950sw3(config-if-range)#spanning-tree portfast
2950sw3(config-if-range)#exit
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc… to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on FastEthernet0/1 but will only
have effect when the interface is in a non-trunking mode.

Rummaged through the vlans that are setup in the switches. I’ve heard I can delete these using delete flash:vlan.dat but I just used show vlan; no vlan xx to wipe out any that I didn’t want. Then used the global config: vlan 10,20,30,40,50 and entered vlan db mode only to issue an exit

Set on all switches the point-to-point interfaces to be trunks using IEEE 802.1Q. The ports didn’t default to trunk (though book/web say they should). They DID form trunk links when only one side was configured as follows, but of course best practice is to configure both ends. So all switches were configured as follows (note the encapsulation command is needed on 3550; not available on 2950s which don’t do Cisco’s ISL.)

3550sw1(config)#int range fa 0/1 – fa 0/2
3550sw3(config-if-range)#switchport encapsulation dot1q
3550sw1(config-if-range)#switchport mode trunk

Notice that I haven’t used the switchport trunk allowed vlan 1-50 command yet and by default it allows all vlans on trunk. See:

3550sw1#sho int trunk

Port Mode Encapsulation Status Native vlan
Fa0/12 on 802.1q trunking 1
Fa0/13 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/12 1-4094
Fa0/13 1-4094

Port Vlans allowed and active in management domain
Fa0/12 1,10,20,30,40,50
Fa0/13 1,10,20,30,40,50

Port Vlans in spanning tree forwarding state and not pruned
Fa0/12 1,10,20,30,40,50
Fa0/13 1,10,20,30,40,50
Now, on to Spanning Tree. When I first set up this net using classic STP (shown below as IEEE) port Fa 0/12 of 2950sw2 was chosen by STP to be blocked. This same topology was selected by RSTP. But first, when I only had 3550sw1 running RSTP, these were the Show Spanning-Tree results:

3550sw1#sho span

VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0011.5c43.d900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.5c43.d900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/1 Desg FWD 19 128.1 Edge P2p
Fa0/12 Desg FWD 19 128.12 P2p Peer(STP)
Fa0/13 Desg FWD 19 128.13 P2p

–More–

2950sw2#sho span

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0011.5c43.d900
Cost 38
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbd0.3280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Desg FWD 19 128.12 P2p
Fa0/13 Root FWD 19 128.13 P2p

–More–

2950sw3#sho span

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0011.5c43.d900
Cost 19
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbb9.57c0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/1 Desg FWD 19 128.1 Edge P2p
Fa0/11 Desg FWD 19 128.11 P2p
Fa0/13 Root FWD 19 128.13 P2p

–More–

2950sw4#sho span

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0011.5c43.d900
Cost 57
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbd0.4700
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/11 Desg BKN*19 128.11 P2p *TYPE_Inc
Fa0/13 Root FWD 19 128.13 P2p

So what is BKN? Can you see the mistake(s) I made? I mistakenly plugged in two cables into Fa0/11 instead of Fa0/12. Also, 3550sw1 Fa0/13 expects to be connected to a trunk port using Rapid STP. The Type Inconsistent seems to indicate that the 2950 isn’t in trunk mode, though I’m not sure since I didn’t check into it at the time. This BROKEN status caused the properly BLOCKED port on 2950sw2 to become FORWARD.

I believe it was during this time that I attempted to establish a primary and secondary switch using spanning-tree vlan 1-50 root primary diameter 4. I was amazed to see a huge additon to the running-config:
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1 priority 24576
spanning-tree vlan 1 forward-time 10
spanning-tree vlan 1 max-age 14
spanning-tree vlan 2 priority 24576
spanning-tree vlan 2 forward-time 10

…snip…

spanning-tree vlan 50 priority 24576
spanning-tree vlan 50 forward-time 10
spanning-tree vlan 50 max-age 14
!

Notice that I snipped out about 96 lines!!! I zapped these (with some handy copying / pasting ) and I plugged in the ports to the correct ports and continued.

Whew! I spend most of the time just dealing with silly mistakes like these that Eric Capal can catch glancing over your shoulder in about 3 seconds. Curses!!!

So I didn’t get a good Show Span for Rapid STP. But I did have it working on RSTP and the convergence was amazing, almost instantaneous. Even when I pulled both plugs (which of course stalled the ping) when I replugged in one, the pings resumed in about 2 seconds.

Now on to MST. I setup the host switchports to work only on their own VLAN. Here’s the config:

3550sw1(config)#int fa 0/1
3550sw1(config-if)#switchport access vlan 10
3550sw1(config)#int fa 0/2
3550sw1(config-if)#switchport access vlan 50

I did this for the 2950sw3, too. (I KNOW, I should have used both access layer switches, but I did that last time). I tested this, and I could ping to/from both PCs when on the same VLAN, but could not otherwise. Cool.

The config for MST was:
3550sw1(config)#spanning-tree mst configuration
3550sw1(config-mst)#instance 1 vlan 1,10,20,30,40,50
3550sw1(config-mst)#name region1
3550sw1(config-mst)#revision 1
3550sw1(config-mst)#show pending
Pending MST configuration
Name [region1]
Revision 1
Instance Vlans mapped
——– ———————————————————————
0 2-9,11-19,21-29,31-39,41-49,51-4094
1 1,10,20,30,40,50
——————————————————————————-
3550sw1(config-mst)#exit

3550sw1(config)#spanning-tree mode mst

3550sw1(config)#end

Next time I’ll need to run the global config command spanning-tree mst 1 root primary. The Show Spanning-tree shows all is okay, but what about the cost being 200,000!!!!:
3550sw1#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c43.d900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.5c43.d900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/2 Desg FWD 200000 128.2 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

MST01
Spanning tree enabled protocol mstp
Root ID Priority 32769
Address 0011.5c43.d900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.5c43.d900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/2 Desg FWD 200000 128.2 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

2950sw2#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c43.d900
Cost 0
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.bbd0.3280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Altn BLK 200000 128.12 P2p
Fa0/13 Root FWD 200000 128.13 P2p

MST01
Spanning tree enabled protocol mstp
Root ID Priority 32769
Address 0011.5c43.d900
Cost 400000
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbd0.3280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Altn BLK 200000 128.12 P2p
Fa0/13 Root FWD 200000 128.13 P2p

2950sw3#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c43.d900
Cost 0
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.bbb9.57c0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/2 Desg FWD 200000 128.2 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Root FWD 200000 128.13 P2p

–More–
MST01
Spanning tree enabled protocol mstp
Root ID Priority 32769
Address 0011.5c43.d900
Cost 200000
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbb9.57c0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/2 Desg FWD 200000 128.2 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Root FWD 200000 128.13 P2p

2950sw3#
2950sw4#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c43.d900
Cost 0
Port 12 (FastEthernet0/12)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.bbd0.4700
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Root FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

–More–
MST01
Spanning tree enabled protocol mstp
Root ID Priority 32769
Address 0011.5c43.d900
Cost 200000
Port 12 (FastEthernet0/12)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbd0.4700
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Root FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

`Now I’ll put in spanning-tee mst 1 root primary, then look at the MST layout:

2950sw4#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c43.d900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.5c43.d900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/2 Desg FWD 200000 128.2 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

MST01
Spanning tree enabled protocol mstp
Root ID Priority 24577
Address 0011.5c43.d900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0011.5c43.d900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/2 Desg FWD 200000 128.2 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

Next time, I’ll focus on:

  • Figuring out those wacky costs
  • Getting a separate MST path by VLAN.
  • VTP
Advertisements

Written by scottledyard

2007, March 18th at 1:37 pm

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: