HPE Community
Aruba & ProVision-based
1752711 Members
5709 Online
108789 Solutions
New Discussion

Spanning Tree blocks a switch uplink

 
SOLVED
Go to solution
TheH0ff
Occasional Advisor

‎12-28-2012 03:53 AM

‎12-28-2012 03:53 AM

Spanning Tree blocks a switch uplink

Hi folks

I have a n HP2810-48G as "core switch", this switch has the following STP setup

 

Multiple Spanning Tree (MST) Information

STP Enabled : Yes
Force Version : RSTP-operation
IST Mapped VLANs : 1-4094
Switch MAC Address : 0021f7-9d6400
Switch Priority : 4096
Max Age : 20
Max Hops : 20
Forward Delay : 15

Topology Change Count : 2147
Time Since Last Change : 12 mins

CST Root MAC Address : 0021f7-9d6400
CST Root Priority : 4096
CST Root Path Cost : 0
CST Root Port : This switch is root

IST Regional Root MAC Address : 0021f7-9d6400
IST Regional Root Priority : 4096
IST Regional Root Path Cost : 0
IST Remaining Hops : 20

Root Guard Ports :
TCN Guard Ports :
Protected Ports :
Filtered Ports :

 

To this switch I have several other HP switches connected, all seems to be working fine. Now I'm trying to connect a new switch to the 2810 and the port on the 2810 is blocked by STP almost directly. I've also tried with a Cisco switch in the same port with same result.

 

How can this be? A out of the box new switch, all I've done on it is to set up the management VLAN and IP address.

 

Regards

/Fredrik

0 Kudos
9 REPLIES 9
Arimo
Respected Contributor

‎12-28-2012 04:28 AM

‎12-28-2012 04:28 AM

Re: Spanning Tree blocks a switch uplink

Hi

 

STP should not block a port unless you have a loop in the network. Are you certain it's STP that's blocking the traffic?

 

You say you set up management VLAN. Do you mean the HP Secure Management VLAN? Please note that if you configure a Secure Mgmt VLAN, only clients in that VLAN are able to manage the switch. No traffic will be routed in or out of Secure Mgmt VLAN.


HTH,

Arimo
HPE Networking Engineer
0 Kudos
TheH0ff
Occasional Advisor

‎12-28-2012 04:42 AM

‎12-28-2012 04:42 AM

Re: Spanning Tree blocks a switch uplink

I get this in the log a every minute when the switch is connected.

 

I 12/28/12 15:09:29 ports: port 16 is now off-line
I 12/28/12 15:10:38 ports: port 16 is Blocked by STP
I 12/28/12 15:10:41 ports: port 16 is now on-line

 

By management I mean I assign an IP address to a VLAN like below. The same is done on our other HP switches.

vlan xyz
name "switchnet"
ip address x.x.x.x 

 

Is there something I can do to trouble shoot this further. I'm more of a Cisco guy but HP leaves me at a loss

 

0 Kudos
Arimo
Respected Contributor

‎12-28-2012 05:33 AM - edited ‎12-28-2012 05:35 AM

‎12-28-2012 05:33 AM - edited ‎12-28-2012 05:35 AM

Re: Spanning Tree blocks a switch uplink

Hi

 

What happens here is:

 

- The port goes offline for unknown reason

- The port comes online

- STP blocks it for three second

- STP releases the port and it shows as online.

 

This is expected behavior. When a port comes online STP will always kick in. So STP is not the root cause of your problem. Neither is your management VLAN. The question is why is the link flapping in the first place. If you disable STP on the switches you will see exactly same behavior, minus the STP message.

 

What the root cause is can't be determined with this information. My suggestion:

 

- Ensure both switches are running current software

- Connect the switches

- If you have still problems, gather show tech all -command output (or similar) from both switches

- Call support


HTH,

Arimo
HPE Networking Engineer
0 Kudos
paulgear
Esteemed Contributor

‎12-28-2012 02:28 PM

‎12-28-2012 02:28 PM

Re: Spanning Tree blocks a switch uplink

Hi Fredrik,

 

As Arimo mentioned, you're seeing normal behaviour in those log messages.  The real test is whether the link remains blocked by spanning tree (which those log messages don't really indicate).  Post the complete output of 'show run', 'show spanning-tree', and 'show spanning-tree bpdu-protection' from both this switch and new the switch you plugged in and we'll be able to get a better picture.  Also grab all log messages from, say, 1-2 minutes before & after you plug it in.

Regards,
Paul
0 Kudos
TheH0ff
Occasional Advisor

‎01-03-2013 02:26 AM

‎01-03-2013 02:26 AM

Re: Spanning Tree blocks a switch uplink

Look, I understand you need as much as possible to help me out but I'm reluctant to post the show run from a production core switch. Below is however the log on the core switch a few minutes after I've connected the switch, doesn't matter if it's a Cisco switch or an HP. Also I've included show spanning-tree and bpdu-protection

 

I 12/28/12 15:56:00 ports: port 16 is now off-line

I 12/28/12 15:56:03 ports: port 16 is Blocked by STP
I 12/28/12 15:56:04 ports: port 16 is now off-line
I 12/28/12 15:56:07 ports: port 16 is Blocked by STP
I 12/28/12 15:56:08 ports: port 16 is now off-line
I 12/28/12 15:56:11 ports: port 16 is Blocked by STP
I 12/28/12 15:56:12 ports: port 16 is now off-line
I 12/28/12 15:56:18 ports: port 16 is Blocked by STP
I 12/28/12 15:56:19 ports: port 16 is now off-line
I 12/28/12 15:56:22 ports: port 16 is Blocked by STP
I 12/28/12 15:56:24 ports: port 16 is now off-line
I 12/28/12 15:56:27 ports: port 16 is Blocked by STP
I 12/28/12 15:56:27 ports: port 16 is now off-line
I 12/28/12 15:56:30 ports: port 16 is Blocked by STP
I 12/28/12 15:56:31 ports: port 16 is now off-line
I 12/28/12 15:56:34 ports: port 16 is Blocked by STP
I 12/28/12 15:56:35 ports: port 16 is now off-line
I 12/28/12 15:56:37 ports: port 16 is Blocked by STP
I 12/28/12 15:56:38 ports: port 16 is now off-line
I 12/28/12 15:56:45 ports: port 16 is Blocked by STP
I 12/28/12 15:56:45 ports: port 16 is now off-line
I 12/28/12 15:56:48 ports: port 16 is Blocked by STP
I 12/28/12 15:56:49 ports: port 16 is now off-line
I 12/28/12 15:57:00 ports: port 16 is Blocked by STP
I 12/28/12 15:57:01 ports: port 16 is now off-line
I 12/28/12 15:57:04 ports: port 16 is Blocked by STP
I 12/28/12 15:57:05 ports: port 16 is now off-line
I 12/28/12 15:57:11 ports: port 16 is Blocked by STP
I 12/28/12 15:57:12 ports: port 16 is now off-line
I 12/28/12 15:57:15 ports: port 16 is Blocked by STP
I 12/28/12 15:57:16 ports: port 16 is now off-line
I 12/28/12 15:57:19 ports: port 16 is Blocked by STP
I 12/28/12 15:57:20 ports: port 16 is now off-line


Multiple Spanning Tree (MST) Information

STP Enabled : Yes
Force Version : RSTP-operation
IST Mapped VLANs : 1-4094
Switch MAC Address : 0021f7-9d6400
Switch Priority : 4096
Max Age : 20
Max Hops : 20
Forward Delay : 15

Topology Change Count : 2209
Time Since Last Change : 5 days

CST Root MAC Address : 0021f7-9d6400
CST Root Priority : 4096
CST Root Path Cost : 0
CST Root Port : This switch is root

IST Regional Root MAC Address : 0021f7-9d6400
IST Regional Root Priority : 4096
IST Regional Root Path Cost : 0
IST Remaining Hops : 20

Root Guard Ports :
TCN Guard Ports :
Protected Ports :
Filtered Ports :

| Prio | Designated Hello
Port Type | Cost rity State | Bridge Time PtP Edge
----- --------- + --------- ----- ---------- + ------------- ----- --- ----
1 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
2 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
3 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
4 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
5 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
6 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
7 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes No
8 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
9 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
10 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
11 100/1000T | 2000000 128 Forwarding | 0021f7-9d6400 2 Yes No
12 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
13 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes No
14 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
15 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
16 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
17 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
18 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes No
19 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes No
20 100/1000T | Auto 128 Disabled |
21 100/1000T | Auto 128 Disabled |
22 100/1000T | Auto 128 Disabled |
23 100/1000T | Auto 128 Disabled |
24 100/1000T | Auto 128 Disabled |
25 100/1000T | Auto 128 Disabled |
26 100/1000T | Auto 128 Disabled |
27 100/1000T | Auto 128 Disabled |
28 100/1000T | Auto 128 Disabled |
29 100/1000T | Auto 128 Disabled |
30 100/1000T | Auto 128 Disabled |
31 100/1000T | Auto 128 Disabled |
32 100/1000T | Auto 128 Disabled |
33 100/1000T | Auto 128 Disabled |
34 100/1000T | Auto 128 Disabled |
35 100/1000T | Auto 128 Disabled |
36 100/1000T | Auto 128 Disabled |
37 100/1000T | Auto 128 Disabled |
38 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
39 100/1000T | 200000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
40 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
41 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
42 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
43 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes Yes
44 100/1000T | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
45 1000LX | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
46 100/1000T | Auto 128 Disabled |
47 1000LX | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No
48 1000LX | 20000 128 Forwarding | 0021f7-9d6400 2 Yes No


Status and Counters - STP Port(s) BPDU Protection Information

BPDU Protection Timeout (sec) : 0
Protected Ports :

0 Kudos
paulgear
Esteemed Contributor

‎01-03-2013 11:17 PM

‎01-03-2013 11:17 PM

Re: Spanning Tree blocks a switch uplink

Hi TheH0ff,

 

I understand your reluctance to post configs, but it really does make it a lot easier to help you.  If you want to anonymise the IP addresses and VLAN numbers that should make it reasonably safe to post.

 

The diagnostic information that you've provided shows that it is not spanning tree blocking the port.  It is in forwarding state as expected, and no BPDU protection is happening.  The reason for the log message saying that it is blocking it is because the port is going down.  It is quite strange that we're not seeing log messages stating that the port is online.  Normally, i would expect to see something like this:

 

Aug 27 21:07:33 192.168.1.4 ports:  port 13 is Blocked by LACP
Aug 27 21:07:34 192.168.1.4 ports:  port 13 is now off-line
Aug 27 21:07:38 192.168.1.4 ports:  port 13 is Blocked by LACP
Aug 27 21:07:38 192.168.1.4 ports:  port 13 is Blocked by STP
Aug 27 21:07:40 192.168.1.4 ports:  port 13 is now on-line
Aug 27 21:07:51 192.168.1.4 ports:  port 13 is now off-line
Aug 27 21:07:56 192.168.1.4 ports:  port 13 is Blocked by LACP
Aug 27 21:07:59 192.168.1.4 ports:  port 13 is Blocked by STP
Aug 27 21:08:01 192.168.1.4 ports:  port 13 is now on-line

The fact that you're not seeing an on-line message suggests to me that there are some issues with cabling.  What does 'show interfaces 16' report - any errors?

Regards,
Paul
0 Kudos
TheH0ff
Occasional Advisor

‎01-04-2013 03:48 AM

‎01-04-2013 03:48 AM

Re: Spanning Tree blocks a switch uplink

Here's a show interface for the port, looks good I'd say.

 

Link Status : Up
Totals (Since boot or last clear) :
Bytes Rx : 2,292,148,536 Bytes Tx : 3,825,949,595
Unicast Rx : 22,107,770 Unicast Tx : 33,834,939
Bcast/Mcast Rx : 261,365 Bcast/Mcast Tx : 102,984,687
Errors (Since boot or last clear) :
FCS Rx : 45 Drops Rx : 0
Alignment Rx : 0 Collisions Tx : 0
Runts Rx : 0 Late Colln Tx : 0
Giants Rx : 0 Excessive Colln : 0
Total Rx Errors : 62 Deferred Tx : 0
Rates (5 minute weighted average) :
Total Rx (bps) : 411600 Total Tx (bps) : 716056
Unicast Rx (Pkts/sec) : 1 Unicast Tx (Pkts/sec) : 4
B/Mcast Rx (Pkts/sec) : 0 B/Mcast Tx (Pkts/sec) : 54
Utilization Rx : 00.41 % Utilization Tx : 00.71 %

 

However you mentioning the cabling got me thinking. I'm connecting the switch over the house wiring, I disconnect my PC and plug the cable into the switch. Could it be that I need a cross over cable?

0 Kudos
Richard Brodie_1
Honored Contributor

‎01-04-2013 10:59 AM

‎01-04-2013 10:59 AM

Solution

Re: Spanning Tree blocks a switch uplink

I would be tempted to set the port down to auto-100, and see if it's stable if you suspect a cabling problem. Is ir running at Gigabit speeds on the PC connection?

0 Kudos
paulgear
Esteemed Contributor

‎01-04-2013 11:54 AM

‎01-04-2013 11:54 AM

Re: Spanning Tree blocks a switch uplink

2810s do not need crossover cables; they have auto-MDI on all ports. (Use 'show interfaces brief' to check the MDI status of each port.)

Try connecting another switch using the same cable as you used to connect your PC - i think it will yield different results. As Richard suggested, hard-coding the speed might help. I've used this before when i knew that wire 7 in the building cabling was broken but 1, 2, 3, and 6 were fine.
Regards,
Paul
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.