- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- 2910al: untagged VLAN & STP issues
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2014 08:04 AM
02-28-2014 08:04 AM
2910al: untagged VLAN & STP issues
Hello all,
I'm having a hard time configuring the following setup:
1x 2910al Switch
...having 2 VLANs: DEFAULT_VLAN (1) and DMZ_VLAN (2)
...VID1: Ports 1-12 (untagged)
...VID2: Ports 13-48 (untagged)
To connect both VLANs I want to use a box with bridged nics (nic1->port12, nic2->port13, bridge: nic1<->nic2)
Now for the trouble: As soon as I turn on spanning tree on the Switch nic2 gets blocked by stp. All boxes connected to VLAN2 are connected only to VLAN2 and there is no path out of it. nic2 is the only uplink. So why block it?
(When STP is turned off on the switch everything works as expected, at least by me)
After hours of googling and reading (I'm not very familiar with stp) the problem seems to be that the stp instance on the switch cannot distinguish between two seperate VLANs, even if the very same switch is configuring them.
Now my questions:
- Is it correct that I have to create separate instances for my VLANs, even if residing on the same switch?
- If so, how do I do it? I seem to find only configurations where 2 or more switches are involved, nothing for my needs...
Thanks for reading,
stefan...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2014 08:34 AM
02-28-2014 08:34 AM
Re: 2910al: untagged VLAN & STP issues
Hi Stefan,
You will need to use MSTP if it is available on the 1910al switches. This will allow you to have a STP instance per VLAN (in your scenario, but it also lets you group VLANs together in STP instances). If MSTP is available then you should be able to see it listed under "span force-version ?".
By using MSTP you can create 2 instances and add each VLAN to each instance. STP & RSTP historically are Layer2 based so they only cared about physical ports and loops, so when VLANs come in to play STP thinks there are loops when logically there are not - that is why MSTP and PVSTP(+), on Cisco kit, came about.
HTH
Don't forget to mark a post resolved if your question was answered.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2014 04:05 AM
03-01-2014 04:05 AM
Re: 2910al: untagged VLAN & STP issues
Normal spanning tree: STP or RSTP doesn't care about VLANs at all, it just prevents loops. MSTP doesn't care much about VLANs but you can play with the configuration until it mostly does what you want. A lot people assume that spanning tree will figure out how their VLANs are configured and do what they want but unfortuntely you only get that with Cisco's proprietary PVST(+). HP have that on some Procurves (under licence, I imagine), not sure about the 2910.
If not, you could play around with a fancy MSTP configuration to get what you want but I would probably just bpdu-filter on ports 12 and 13 and have done with it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-04-2014 04:12 AM
03-04-2014 04:12 AM
Re: 2910al: untagged VLAN & STP issues
Thanks for your answers.
I got the point concerning VLANs and STP, sometimes it's just too obvious.
But after reading up on MSTP I really thought I had it there... 2 instances, 2 VLANs, 0 problems, but it just doesn't work as I expected it would... the port still got blocked. What am I missing?
The workaround with the bpdu-filter was a good hint, I configured it and it works. But still... what's the point of having MSTP around if the different instances don't respect the vlans configured for them? Or is it just the setup on a single physical switch?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-04-2014 04:40 AM
03-04-2014 04:40 AM
Re: 2910al: untagged VLAN & STP issues
Hi upietz,
The MSTP implementation would work if the "uplinks" between your bridged PC and switch were tagged and both VLANs were forwarded on ther "Uplinks". As you are just seperating the VLANs on the single switch in to destinct port ranges I dont think it would work for you.
Extract from MSTP Operation....
Multiple-Instance spanning tree operation (802.1s) ensures that only one active path exists between any two nodes in a spanning tree instance. A spanning tree instance comprises a unique set ofVLANs, and belongs to a specific spanning tree region. A region can comprise multiple spanning tree instances (each with a different set of VLANs), and allows one active path among regions in a network. Applying VLAN tagging to the ports in a multiple-instance spanning tree network enables blocking of redundant links in one instance while allowing forwarding over the same links for
non-redundant use by another instance.
You could look at trying RPVST+ on the switch to see if this makes any difference "span mode rapid-pvst" otherwise your scenario would only work with bpdu-filters in place.
Don't forget to mark a post resolved if your question was answered.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-04-2014 07:13 AM
03-04-2014 07:13 AM
Re: 2910al: untagged VLAN & STP issues
Hi Chris,
thank you. I don't think I really understand the problems in my setup, but the filtering is fine for now.
Is there any documentation on "spanning-tree mode rapid-pvst"? I cannot find it in the manuals...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-04-2014 08:31 AM
03-04-2014 08:31 AM
Re: 2910al: untagged VLAN & STP issues
Hi upietz,
I could well be that rapid-pvst is not available on the 2910al range of switches. I use 5400zl switches and they have it as an option. If your range of switches have the option it will be listed inteh advanced Traffic Management Guide pdf.
Don't forget to mark a post resolved if your question was answered.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-04-2014 11:17 AM
03-04-2014 11:17 AM
Re: 2910al: untagged VLAN & STP issues
what's the point of having MSTP around if the different instances don't respect the vlans configured for them?
MSTP is fairly good for load balancing. So you can have one link active in VLAN 1, and standby in VLAN 2 and another active in VLAN 2 and standby in VLAN 1. When you start pruning VLANs, it gets a little more complicated.
But after reading up on MSTP I really thought I had it there... 2 instances, 2 VLANs, 0 problems, but it just doesn't work as I expected it would... the port still got blocked. What am I missing?
With the default spanning tree parameters, the two instances are going to have the same topology. The same links will be disabled in both instances. That would be the higher numbered port, I think. You would have to lower the priority of the blocked port in the instance where you want it unblocked. Unfortunately, you can't just throw a VLAN configuation at MSTP and let it sort it out.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-28-2014 03:51 PM
03-28-2014 03:51 PM
Re: 2910al: untagged VLAN & STP issues
Although not exactly the same problem im experiencing, but very similar.
Any comment wuld be appreciated.
Regards''snakkes