Wired Intelligent Edge (Campus Switching and Routing)

Understanding Spanning tree (MSTP) behavior in a Distributed trunking environment

MVP
MVP
Q:

How does Multiple Spanning Tree Protocol work in a Distributed Trunking environment?

 



A:

Let’s take an example of three switches. DT_CORE1, DT_CORE2 and ACCESS SWITCH.

Switches, DT_CORE1 and DT_CORE2 are running DT-LACP with the Access switch on their trunk links.

Toplology:

 

DT config from DT_CORE1:

 

DT_CORE1(config)# show distributed-trunking config

 

 Distributed Trunking Information

 

  Switch Interconnect (ISC) : Trk1

  Admin Role Priority       : 32768

  System ID                 : 1458d0-f4ef00

  DT trunk                  :

  DT lacp                   : Trk2

 

 

DT config from DT_CORE2:

 

DT_CORE2(config)# show distributed-trunking config

 

 Distributed Trunking Information

 

  Switch Interconnect (ISC) : Trk1

  Admin Role Priority       : 32768

  System ID                 : 1458d0-f4ef00

  DT trunk                  :

  DT lacp                   : Trk2

 

 

 

DT status from DT_CORE1:

 

DT_CORE1(config)# show distributed-trunking status

 

 Distributed Trunking Status

 

  Switch Interconnect (ISC)          : Up

  ISC Protocol State                 : In Sync

  DT System ID                       : 1458d0-f4ef00

  Oper Role Priority                 : 32768

  Peer Oper Role Priority            : 32768

  Switch Role                        : Secondary

 

DT status from DT_CORE2:

 

DT_CORE2(config)# sh distributed-trunking status

 

 Distributed Trunking Status

 

  Switch Interconnect (ISC)          : Up

  ISC Protocol State                 : In Sync

  DT System ID                       : 1458d0-f4ef00

  Oper Role Priority                 : 32768

  Peer Oper Role Priority            : 32768

  Switch Role                        : Primary

Note: Please make sure spanning tree is enabled on all the switches to avoid any sort of loops and broadcast storms prior to connecting the cables.

HPE Aruba switches run MSTP by default.

 

Spanning Tree Behavior:

 

  • When enabling spanning tree on the switches in the DT environment, i.e two DT switches and one access layer switch, by default spanning tree gets disabled on the DT- ports, i.e the DT trunks get "BPDU filtered"  

 

Results from DT_CORE1:

 

We can see that Trk2 gets BPDU filtered.

 

Although you can see that trk2 is in forwarding status:

 

Results from DT_CORE2:

We can see that Trk2 gets BPDU filtered.

 

Although you can see that trk2 is in forwarding status:

 

 

 

  • As a result the access layer switch act as a root bridge of its own

 

Output from the Access switch:

 

 

  • The DT-switches also participate in an election of their own and choose another root bridge:

 

Output from DT_CORE1:

 

Output from DT_CORE2:

 

 

We can also note the following from the running config of one of the DT switches:

 

DT_CORE1(config)# sh running-config | i spanning

spanning-tree

spanning-tree Trk1 priority 4

spanning-tree Trk2 priority 4 bpdu-filter

 

We can notice that the command “spanning-tree Trk2 priority 4 bpdu-filter gets included by default after configuring DT-LACP in the config.

 

  • Note: If more switches are connected to the DT-switches, they will also participate in the Root bridge election  
  • If the DT trunks do not get BPDU filtered, the access layer switch will get two different BPDU's coming in from two DT switches on its trunk link, and would create an unexpected behaviour as the switch does not expect to see two different incoming BPDU's on one single trunk link which

Moreover if the DT trunks do not get BPDU filtered, that would result in blocking of either downlink ports from the DT-switches to the access switch, the uplink ports to the DT-switches or either the ISC/peer keep-alive  link,  defeating the purpose of configuring DT-LACP 

  • Further to this, Creating a loop on the access layer switch we found that spanning tree does block the looped port  
  • Traffic flow by sending some data from a host connected to the south side access layer switch to a destination connected on one of the DT-switches, was as we expect in a DT- environment 
Version history
Revision #:
1 of 1
Last update:
‎06-22-2018 11:33 AM
Updated by:
 
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: