HPE Community
HPE Aruba Networking & ProVision-based
1825007 Members
2878 Online
109678 Solutions
New Discussion

Spanning Tree issues on network

 
Gavin Williams ACT
Occasional Advisor

‎06-07-2012 06:38 AM - last edited on ‎03-03-2014 05:56 PM by

‎06-07-2012 06:38 AM - last edited on ‎03-03-2014 05:56 PM by

Spanning Tree issues on network

Hi there,


We're having some intermittent issues with our DC network, which consists of a pair of 2910al-24G with a 2x1Gbe Trunk as a 'Core' layer, and then pairs of 2810-48G switches hanging off of these to form an access layer.

 

Ideally I'd like to replace the 2910's with a stackable pair to form a core, but it's not on the cards atm...

 

An network overview diagram looks like:

 

As marked on the diagram, we've had to increase the Priority values on our Core and Access switches so as not to conflict with our hosting providers upstream Cisco network.

But other than enabling Spanning tree and increasing the priorities, we've done nothing to the default Spanning Tree configuration...

 

From looking at the Spanning tree stats on the switches, it appears that all the Spanning tree CST Root's are being managed by upstream Cisco switches, which doesnt feel great to me...

 

As regards network config, we've got 2 VLANs in play, ID's 118 and 119. Any switch-to-switch links are Tagged with the relevant VLAN ID's, as is the Trunk between the 2 core switches.

 

The core switch spanning-tree config looks like:

SWITCH01# show config 
... 
spanning-tree 
spanning-tree Trk1 priority 4 
spanning-tree priority 9 

SWITCH02# show config 
... 
spanning-tree 
spanning-tree Trk1 priority 4 
spanning-tree priority 10

 A show spanning-tree on the Core switches gives:

SWITCH01# show spanning-tree

 Multiple Spanning Tree (MST) Information

  STP Enabled   : Yes
  Force Version : MSTP-operation
  IST Mapped VLANs : 1-4094
  Switch MAC Address : 002347-c7b4c0
  Switch Priority    : 36864
  Max Age  : 20
  Max Hops : 20
  Forward Delay : 15

  Topology Change Count  : 105,253
  Time Since Last Change : 6 hours

  CST Root MAC Address : 002334-e10c00
  CST Root Priority    : 0
  CST Root Path Cost   : 200000
  CST Root Port        : 23

  IST Regional Root MAC Address : 002347-c7b4c0
  IST Regional Root Priority    : 36864
  IST Regional Root Path Cost   : 0
  IST Remaining Hops            : 20

  Root Guard Ports     :
  TCN Guard Ports      :
  BPDU Protected Ports :
  BPDU Filtered Ports  :
  PVST Protected Ports :
  PVST Filtered Ports  :

                  |           Prio             | Designated    Hello
  Port  Type      | Cost      rity  State      | Bridge        Time  PtP Edge
  ----- --------- + --------- ----- ---------- + ------------- ----- --- ----
  3     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  4     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  5     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  6     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  7     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  8     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  9     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  10    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  11    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  12    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  13    100/1000T | 2000000   128   Forwarding | 002347-c7b4c0 2     Yes No
  14    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  15    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes Yes
  16    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes Yes
  17    100/1000T | Auto      128   Disabled   |
  18    100/1000T | Auto      128   Disabled   |
  19    100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes Yes
  20    100/1000T | Auto      128   Disabled   |
  21    100/1000T | Auto      128   Disabled   |
  22    100/1000T | Auto      128   Disabled   |
  23    100/1000T | 200000    128   Forwarding | 0023ab-dc0880 2     Yes No
  24    100/1000T | 200000    128   Blocking   | 0023ab-dc0880 2     Yes No
  Trk1            | 20000     64    Forwarding | 002347-c7b4c0 2     Yes No

SWITCH02# show spanning-tree

 Multiple Spanning Tree (MST) Information

  STP Enabled   : Yes
  Force Version : MSTP-operation
  IST Mapped VLANs : 1-4094
  Switch MAC Address : 002347-cb1380
  Switch Priority    : 40960
  Max Age  : 20
  Max Hops : 20
  Forward Delay : 15

  Topology Change Count  : 131,738
  Time Since Last Change : 6 hours

  CST Root MAC Address : 002334-e10c00
  CST Root Priority    : 0
  CST Root Path Cost   : 200000
  CST Root Port        : 23

  IST Regional Root MAC Address : 002347-cb1380
  IST Regional Root Priority    : 40960
  IST Regional Root Path Cost   : 0
  IST Remaining Hops            : 20

  Root Guard Ports     :
  TCN Guard Ports      :
  BPDU Protected Ports :
  BPDU Filtered Ports  :
  PVST Protected Ports :
  PVST Filtered Ports  :

                  |           Prio             | Designated    Hello
  Port  Type      | Cost      rity  State      | Bridge        Time  PtP Edge
  ----- --------- + --------- ----- ---------- + ------------- ----- --- ----
  3     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  4     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  5     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  6     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  7     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  8     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  9     100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  10    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  11    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  12    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  13    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  14    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes No
  15    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes Yes
  16    100/1000T | 20000     128   Forwarding | 002347-cb1380 2     Yes Yes
  17    100/1000T | Auto      128   Disabled   |
  18    100/1000T | Auto      128   Disabled   |
  19    100/1000T | Auto      128   Disabled   |
  20    100/1000T | Auto      128   Disabled   |
  21    100/1000T | Auto      128   Disabled   |
  22    100/1000T | Auto      128   Disabled   |
  23    100/1000T | 200000    128   Forwarding | 0023ab-dc3680 2     Yes No
  24    100/1000T | 200000    128   Blocking   | 0023ab-dc3680 2     Yes No
  Trk1            | 20000     64    Blocking   | 002347-c7b4c0 2     Yes No

 

On one of the access layer switches, it gives:

SWITCH04# show spanning-tree

 Multiple Spanning Tree (MST) Information

  STP Enabled   : Yes
  Force Version : MSTP-operation
  IST Mapped VLANs : 1,118,119

  Switch MAC Address : 002347-101a80
  Switch Priority    : 61440
  Max Age  : 20
  Max Hops : 20
  Forward Delay : 15

  Topology Change Count  : 333
  Time Since Last Change : 19 days

  CST Root MAC Address : 002334-e10c00
  CST Root Priority    : 0
  CST Root Path Cost   : 220000
  CST Root Port        : 1

  IST Regional Root MAC Address : 002347-101a80
  IST Regional Root Priority    : 61440
  IST Regional Root Path Cost   : 0
  IST Remaining Hops            : 20

  Root Guard Ports :
  TCN Guard Ports  :
  Protected Ports :
  Filtered Ports :

                  |           Prio             | Designated    Hello
  Port  Type      | Cost      rity  State      | Bridge        Time  PtP Edge
  ----- --------- + --------- ----- ---------- + ------------- ----- --- ----
  1     100/1000T | 20000     128   Forwarding | 002347-c7b4c0 2     Yes No
  2     100/1000T | 20000     128   Blocking   | 002347-cb1380 2     Yes No
  3     100/1000T | 20000     128   Forwarding | 002347-101a80 2     Yes Yes
  4     100/1000T | 20000     128   Forwarding | 002347-101a80 2     Yes Yes

 

Any ideas on where I should start with trying to get this all setup correctly?

 

Cheers

Gavin

 

 

P.S. This thread has been moved from Switches, Hubs, Modems (Legacy ITRC forum) to ProCurve / ProVision-Based. - Hp Forum Moderator

0 Kudos
4 REPLIES 4
Richard Litchfield
Respected Contributor

‎06-08-2012 09:12 PM

‎06-08-2012 09:12 PM

Re: Spanning Tree issues on network

A pair of 3800 for the core would be nice, maybe you can work on that for the next budget cycle!

 

The high topology change count on all the switches seems to indicate something is not right, with some sort of STP flapping going on.

 

What are you going to do about the Cisco switches? Are they in or out of scope? You will need to work out where your root STP switch need to be, and work from there. If you put aside the Cisco switches for the moment, switch01 may as well be the STP root.

 

Make sure switch01 is priority 0, switch02 is priority 1 (alt root), and the remaining 2810s leave at priority 15. there are other STP protection mechanisms that may be relevant with the Ciscos (they are probably using RSTP/RSTP+).

 

You need to work out how to include the hosting provider Cisco switches though; you may need to call them and discuss the issue.

 

FYI, you can download and use the 60-day eval version of HP IMC to show a GUI of exactly what is going on with STP.

 

IMC STP block.jpg

0 Kudos
Gavin Williams ACT
Occasional Advisor

‎06-12-2012 12:31 AM

‎06-12-2012 12:31 AM

Re: Spanning Tree issues on network

Rich

 

I would think that as we have no direct control over the Cisco switches, then it's safer for them to be out of scope?

 

How can I safely set a lower priority on Switch01/Switch02 without adversly affecting the upstream switches?

From what I have ascertained from the hosting provider, they are using MSTP on their Cisco switches.

 

Do I need to create a seperate MST Region for our switches, and then link into their MST Region as appropriate?

 

Thanks for the pointers on IMC, I'll give it a go...


Cheers

Gavin

0 Kudos
Richard Litchfield
Respected Contributor

‎06-12-2012 05:30 AM

‎06-12-2012 05:30 AM

Re: Spanning Tree issues on network

MSTP is often used for VLAN traffic balancing in combination with VRRP. Since you aren't doing that, keep it simple with the single common (default) instance (CIST). You can filter BPDU packets up and down from the cisco switches, but that may not be a good idea until you can work out what where the spanning tree porblems are coming from - it might be the ciscos.

 

If you make switch01 the root (priority=0), and the upstream switches have no protection mechanisms in place, they may be impacted. But the service provider should be able to tell yo if they are also seeing high numbers of topology changes occurring.

0 Kudos
Gavin Williams ACT
Occasional Advisor

‎06-12-2012 07:12 AM

‎06-12-2012 07:12 AM

Re: Spanning Tree issues on network

Ok, cheers for the pointers...

 

Will give the Hosting providers a call and see what they say :)

Cheers

Gavin

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.