Hello.
My ISP encapsulate STP and I need to add VLAN ID 10 into BPDU packet. How do it?
Hi @sanchesrg !
You can't just change the way protocol works, it is not possible. Tagging MSTP BPDUs is not allowed and these always are sent untagged using native VLAN (PVID) of a trunk port or VLAN ID of an access port. There is a protocol that uses VLAN tags for its BPDUs - PVST. It sends out unique BPDUs in each VLAN of a trunk port. Check if your switches support it.
The only way to achieve tagged STP BPDU is to use Rapid-PVST (in your case). Rapid-PVST creates one PVST BPDU per VLAN over a trunk port. More info about configuration can be find here - https://techhub.hpe.com/eginfolib/networking/docs/switches/RA/15-18/5998-8155_ra-2620_atmg/content/ch05s03.html
There is absolutely no way to tag MSTP BPDUs as it is against the standard. Even if you succeed (by some weird way) to tag such BPDU it won't be recognized by the adjacent switch. MSTP aggregates all information about all known instances in one UNTAGGED BPDU.
If I may be honest with you, the whole idea to span a spanning-tree domain over the Internet doesn't sound as a good idea. If you don't have more than one link connecting both LANs over your ISP maybe then it will be wise to just split the STP domain, e.g. disable spanning-tree on ISP-facing ports of your switches. I see no benefit of having STP between two network segments separated by one Internet link, even if it's a some kind of Layer 2 connection like VPLS or L2VPN. However, all networks are different and if it is really required to run an MSTP over the ISP, then ask your ISP to accept untagged frames on its edge port. Or use Rapid-PVST.