HPE Community
Switches, Hubs, and Modems
1752587 Members
4558 Online
108788 Solutions
New Discussion юеВ

Blocked by STP - And the network is down

 
Karl-Heinz Blenk
Occasional Contributor

тАО03-02-2008 09:25 AM

тАО03-02-2008 09:25 AM

Blocked by STP - And the network is down

Hi @all,

I've got a strange problem with my three 2900 ProCurve switches.

Some times ports with high traffic rate are blocked by the switch. In the log I can see:
--snip--
00077 ports: port 1 is now off-line
00435 ports: port 1 is Blocked by STP
00076 ports: port 1 is now on-line
--snip--
The 3 switches uses port trunking, vlans and MSTP.

Here is a sample configuration:
--snip--
; J9049A Configuration Editor; Created on release #T.11.12

hostname "switch03"
module 3 type J90XXA
trunk 23-24 Trk1 Trunk
trunk 21-22 Trk3 Trunk
trunk 19-20 Trk6 Trunk
vlan 1
name "DEFAULT_VLAN"
no untagged 1-18,A1-A4,Trk1,Trk3,Trk6
no ip address
exit
vlan 2
name "VINTERNET"
untagged 1,3,5,7,9,11,13,15,17,A1,A3
tagged Trk1,Trk3,Trk6
no ip address
exit
vlan 3
name "VLAN"
untagged 2,4,6,8,10,12,14,16,18,A2,A4
ip address 172.18.2.3 255.255.0.0
tagged Trk1,Trk3,Trk6
exit
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree Trk3 priority 4
spanning-tree Trk6 priority 4
spanning-tree config-name "mystp"
spanning-tree config-revision 1
spanning-tree instance 1 vlan 1
spanning-tree instance 2 vlan 2
spanning-tree instance 3 vlan 3
--snip--

I've got a high value at "Topology Change count", but I think this value will always change when a server is rebooted.

Different ports with high traffic volume (eg database server or firewall uplink) are blocked so times for a few minutes.

Can anybody help me? Have anybode an idea whats wrong with my config or with me network?

Kind regards
Karl-Heinz
0 Kudos
2 REPLIES 2
Case Van Horsen
Frequent Advisor

тАО03-02-2008 01:39 PM

тАО03-02-2008 01:39 PM

Re: Blocked by STP - And the network is down

Some ideas....

1) Upgrade to a later version of firmware. I would probably go with T.12.52.

2) Enable "admin-edge-port" on all the ports going to servers. I normally enable "bpdu-filter" on the links to servers and use loop-protect to guard against loops.

3) You've defined 3 spanning-tree instances but they appear to have the same topology. You could probably simplify your configuration by letting all vlans exist in the default instance 0.

The sequence of log messages:

port offline
blocked by STP
port online

will occur anytime a port changes state; i.e. whenever a cable is unplugged/plugged or a server is rebooted.

casevh
0 Kudos
Geir Olav Skei .
Advisor

тАО03-03-2008 01:07 AM

тАО03-03-2008 01:07 AM

Re: Blocked by STP - And the network is down



CVH said:
3) You've defined 3 spanning-tree instances but they appear to have the same topology. You could probably simplify your configuration by letting all vlans exist in the default instance 0.

He could simplify the topology, but that would mean not utilizing all available links.
What you should do in order to make sure the instances do not have the same topology, is to define a priority for each instance.
This is an example of how to make sure this particular switch will serve as STP-root for instance 1.
(config)# spanning-tree instance 1 priority 0
(config)# spanning-tree instance 2 priority 1
(config)# spanning-tree instance 3 priority 2

Make similar configuration amendments on all switches, with each of the three switches being root for one particular instance.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.