HPE Community
Aruba & ProVision-based
1752614 Members
5062 Online
108788 Solutions
New Discussion

mstp - isolate 2 spanning tree regions

 
spice2003
Advisor

‎03-19-2014 09:24 AM

‎03-19-2014 09:24 AM

mstp - isolate 2 spanning tree regions

Hello

 

We have 2 separated network as you can see in the attached image.

My goal is to isolate network "A" spanning tree topology from network "B" spanning topology.

both networks are running on MSTP and with the default instance MTS-0.

Interface VLAN is doing the connection between the networks, we have dedicated VLAN between network A and network B.

We are getting a lot of topology changes from network B and it make a lot of problems in our network such as unicast flooding every second.

We thought to run on mst0 on both networks, then create additional instance and assign just one VLAN to this instance-> VLAN between the networks. this way, change in network B will not change the topology in network A.

The problem that is not working, even with the additional instance, i see a lot of topology changes and that coming from network B.

 

HP-3500yl-24G(config)# sh spanning-tree

Multiple Spanning Tree (MST) Information

STP Enabled : Yes
Force Version : MSTP-operation
IST Mapped VLANs : 1-9,11-19,21-4094
Switch MAC Address : 78e3b5-236080
Switch Priority : 4096
Max Age : 20
Max Hops : 20
Forward Delay : 15

Topology Change Count : 44
Time Since Last Change : 1 secs

CST Root MAC Address : 78e3b5-236080
CST Root Priority : 4096
CST Root Path Cost : 0
CST Root Port : This switch is root

IST Regional Root MAC Address : 78e3b5-236080
IST Regional Root Priority : 4096
IST Regional Root Path Cost : 0
IST Remaining Hops : 20

 

 

backbone switch configuration:

spanning-tree
spanning-tree config-name "prod"
spanning-tree config-revision 1
spanning-tree instance 1 vlan 20
spanning-tree instance 1 priority 1

 

second backbone switch:

spanning-tree
spanning-tree config-name "prod"
spanning-tree config-revision 1
spanning-tree instance 1 vlan 20

 


all other vlans are in mst0. when im doing some topology change in network B, i still see topology change in mst0, why?

the change should be just in mst1, am i right?

 

Thank you!

 

Regards,
MCITP, CCNA, CCNP
0 Kudos
4 REPLIES 4
Chrisd131313
Trusted Contributor

‎03-20-2014 05:23 AM

‎03-20-2014 05:23 AM

Re: mstp - isolate 2 spanning tree regions

You might want to try using tcn-guard on the port that is interconnecting your two networks, this will stop network2 from influencing network 1 and vice versa. 

 

As a side note, having a single region for teh VLAN between the two networks would not work as MSTP will only work if the ports have multiple VLANs traversing them so it knows it can block on one VLAN and allow on another. 

 

You could look at using rapid-pvst, but I am not so sure it will help you out if you are wanting to keep the two networks seperate. The best way is to keep the two regions logically seperate by using tcn-guard - you could also use bpdu-filter on the network conneciton port but this would not help you if a loop was to occur on the interconnect.

 

HTH.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
spice2003
Advisor

‎03-20-2014 06:44 AM

‎03-20-2014 06:44 AM

Re: mstp - isolate 2 spanning tree regions

thank you very much!

tcn-guard sounds great, but i have 4 uplinks between the networks, it will not cause a loop if i will enable tcn-guard on all ports?

by the way, i just tried it in my LAB environment and it doesn’t work, the switch doesn’t care from the tcn-gurad.  i still see topology change from that port.

 

HP-3500yl-24G(config)# sh running-config interface 2

Running configuration:

interface 2
tagged vlan 20
spanning-tree tcn-guard
exit

 

HP-3500yl-24G(config)# sh spanning-tree debug-counters instance 0 ports 2

Status and Counters - CIST Port(s) Debug Counters Information

MST Instance ID : 0
Port : 2

Counter Name Value Last Updated
--------------------------- ---------- -----------------
Invalid BPDUs 0
Errant BPDUs 0
MST Config Error BPDUs 1 03/20/14 15:22:48
Looped-back BPDUs 0
Starved BPDUs 0
Exceeded Max Age BPDUs 0
Exceeded Max Hops BPDUs 0
Topology Changes Detected 9 03/20/14 15:36:38
Topology Changes Tx 20 03/20/14 15:36:40
Topology Changes Rx 10 03/20/14 15:36:39
Topology Change ACKs Tx 0
Topology Change ACKs Rx 0

 

Multiple Spanning Tree (MST) Information

STP Enabled : Yes
Force Version : RSTP-operation
IST Mapped VLANs : 1-4094
Switch MAC Address : 78e3b5-236080
Switch Priority : 4096
Max Age : 20
Max Hops : 20
Forward Delay : 15

Topology Change Count : 16
Time Since Last Change : 5 mins

 

 

 

Regards,
MCITP, CCNA, CCNP
0 Kudos
Chrisd131313
Trusted Contributor

‎03-20-2014 07:57 AM

‎03-20-2014 07:57 AM

Re: mstp - isolate 2 spanning tree regions

Are the 4 uplink ports part of a trunk? if so then the tcn-guard would be applied to the trunk not the individual port.

 

tcn-guard will need to be applied to the uplinks on both regions.

 

 

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
spice2003
Advisor

‎03-20-2014 08:24 AM

‎03-20-2014 08:24 AM

Re: mstp - isolate 2 spanning tree regions

No, they are not part of the trunk, they are individual, 3 ports are in block and one ports is in forwarding state.

Regards,
MCITP, CCNA, CCNP
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.