Wired Intelligent Edge

Hello All
I am running the AOS-CX Virtual 10.07.0010 in Eve-NG 4.0.1-50-PRO. I built the below configuration.


Now, i know you would not normally have interfaces 1/1/3 and 1/1/4 on switches Core1 and Core2 like that, you would create a LAG. But for this experiment with MST I wanted to give this a try. I configured the switch ports like so...



And configured MST on all the switches so vlan 10-11 are in instance 1 and 20-21 in instance 2
Core1 has priority 0 on instance 1 and priority 1 on instance 2
Core2 has priority 1 on instance 1 and priority 0 on instance 2

For this test only vlan 10 was used, so only instance 1.

Here is what the MST looked like...


And when the first linux VM pings the second, I get a crazy loop. I went in and shutdown the blocking interfaces on the two access switches, still a loop. Then I "no shutdown" those interfaces, and shutdown the interface on Core2 that was blocking and my loop was gone.

So my question is. Is that just not a valid config. I get that is probably not to common, as 1/1/3 and 1/1/4 on the core switches would normally be made into a LAG. But shouldnt MST protect against aht anyway, What if someone accidentally connect them that way. I believe MST is suppose to protect us from ourselves also, LOL. Kidding, but really.   Or is this a bug in the OVA? or did I screw up my config?

When I do a "show spanning-tree summary root" it show that for instance 1, Core1 is root. And for Instance 2 core 2 is root. That is correct. And in the "show spanning-tree mst 1" on Core2, interface 1/1/3 is blocking, that looks right. But it doesn't appear as 1/1/3 really IS blocking as there is a loop and shutting down the port fixes it.

So, any thoughts. I am FULLY open to being the one who is wrong here, but it seems a bug in the OVA.

Ohh, and in WireShark, the traffic is a TON of ARP traffic, and a lot of ICMP, but looks to be more ARP. Also the Linux VM sending the ping show a lot of !DUP in the reply's.

So any feedback would be great. If you need more info from me, I am here.

Thanks

------------------------------
Daniel Worden
------------------------------

Hello All
I am running the AOS-CX Virtual 10.07.0010 in Eve-NG 4.0.1-50-PRO. I built the below configuration.


Now, i know you would not normally have interfaces 1/1/3 and 1/1/4 on switches Core1 and Core2 like that, you would create a LAG. But for this experiment with MST I wanted to give this a try. I configured the switch ports like so...



And configured MST on all the switches so vlan 10-11 are in instance 1 and 20-21 in instance 2
Core1 has priority 0 on instance 1 and priority 1 on instance 2
Core2 has priority 1 on instance 1 and priority 0 on instance 2

For this test only vlan 10 was used, so only instance 1.

Here is what the MST looked like...


And when the first linux VM pings the second, I get a crazy loop. I went in and shutdown the blocking interfaces on the two access switches, still a loop. Then I "no shutdown" those interfaces, and shutdown the interface on Core2 that was blocking and my loop was gone.

So my question is. Is that just not a valid config. I get that is probably not to common, as 1/1/3 and 1/1/4 on the core switches would normally be made into a LAG. But shouldnt MST protect against aht anyway, What if someone accidentally connect them that way. I believe MST is suppose to protect us from ourselves also, LOL. Kidding, but really.   Or is this a bug in the OVA? or did I screw up my config?

When I do a "show spanning-tree summary root" it show that for instance 1, Core1 is root. And for Instance 2 core 2 is root. That is correct. And in the "show spanning-tree mst 1" on Core2, interface 1/1/3 is blocking, that looks right. But it doesn't appear as 1/1/3 really IS blocking as there is a loop and shutting down the port fixes it.

So, any thoughts. I am FULLY open to being the one who is wrong here, but it seems a bug in the OVA.

Ohh, and in WireShark, the traffic is a TON of ARP traffic, and a lot of ICMP, but looks to be more ARP. Also the Linux VM sending the ping show a lot of !DUP in the reply's.

So any feedback would be great. If you need more info from me, I am here.

Thanks

------------------------------
Daniel Worden
------------------------------

Hello All
I am running the AOS-CX Virtual 10.07.0010 in Eve-NG 4.0.1-50-PRO. I built the below configuration.


Now, i know you would not normally have interfaces 1/1/3 and 1/1/4 on switches Core1 and Core2 like that, you would create a LAG. But for this experiment with MST I wanted to give this a try. I configured the switch ports like so...



And configured MST on all the switches so vlan 10-11 are in instance 1 and 20-21 in instance 2
Core1 has priority 0 on instance 1 and priority 1 on instance 2
Core2 has priority 1 on instance 1 and priority 0 on instance 2

For this test only vlan 10 was used, so only instance 1.

Here is what the MST looked like...


And when the first linux VM pings the second, I get a crazy loop. I went in and shutdown the blocking interfaces on the two access switches, still a loop. Then I "no shutdown" those interfaces, and shutdown the interface on Core2 that was blocking and my loop was gone.

So my question is. Is that just not a valid config. I get that is probably not to common, as 1/1/3 and 1/1/4 on the core switches would normally be made into a LAG. But shouldnt MST protect against aht anyway, What if someone accidentally connect them that way. I believe MST is suppose to protect us from ourselves also, LOL. Kidding, but really.   Or is this a bug in the OVA? or did I screw up my config?

When I do a "show spanning-tree summary root" it show that for instance 1, Core1 is root. And for Instance 2 core 2 is root. That is correct. And in the "show spanning-tree mst 1" on Core2, interface 1/1/3 is blocking, that looks right. But it doesn't appear as 1/1/3 really IS blocking as there is a loop and shutting down the port fixes it.

So, any thoughts. I am FULLY open to being the one who is wrong here, but it seems a bug in the OVA.

Ohh, and in WireShark, the traffic is a TON of ARP traffic, and a lot of ICMP, but looks to be more ARP. Also the Linux VM sending the ping show a lot of !DUP in the reply's.

So any feedback would be great. If you need more info from me, I am here.

Thanks

------------------------------
Daniel Worden
------------------------------

Hello All
I am running the AOS-CX Virtual 10.07.0010 in Eve-NG 4.0.1-50-PRO. I built the below configuration.


Now, i know you would not normally have interfaces 1/1/3 and 1/1/4 on switches Core1 and Core2 like that, you would create a LAG. But for this experiment with MST I wanted to give this a try. I configured the switch ports like so...



And configured MST on all the switches so vlan 10-11 are in instance 1 and 20-21 in instance 2
Core1 has priority 0 on instance 1 and priority 1 on instance 2
Core2 has priority 1 on instance 1 and priority 0 on instance 2

For this test only vlan 10 was used, so only instance 1.

Here is what the MST looked like...


And when the first linux VM pings the second, I get a crazy loop. I went in and shutdown the blocking interfaces on the two access switches, still a loop. Then I "no shutdown" those interfaces, and shutdown the interface on Core2 that was blocking and my loop was gone.

So my question is. Is that just not a valid config. I get that is probably not to common, as 1/1/3 and 1/1/4 on the core switches would normally be made into a LAG. But shouldnt MST protect against aht anyway, What if someone accidentally connect them that way. I believe MST is suppose to protect us from ourselves also, LOL. Kidding, but really.   Or is this a bug in the OVA? or did I screw up my config?

When I do a "show spanning-tree summary root" it show that for instance 1, Core1 is root. And for Instance 2 core 2 is root. That is correct. And in the "show spanning-tree mst 1" on Core2, interface 1/1/3 is blocking, that looks right. But it doesn't appear as 1/1/3 really IS blocking as there is a loop and shutting down the port fixes it.

So, any thoughts. I am FULLY open to being the one who is wrong here, but it seems a bug in the OVA.

Ohh, and in WireShark, the traffic is a TON of ARP traffic, and a lot of ICMP, but looks to be more ARP. Also the Linux VM sending the ping show a lot of !DUP in the reply's.

So any feedback would be great. If you need more info from me, I am here.

Thanks

------------------------------
Daniel Worden
------------------------------

Hello All
I am running the AOS-CX Virtual 10.07.0010 in Eve-NG 4.0.1-50-PRO. I built the below configuration.


Now, i know you would not normally have interfaces 1/1/3 and 1/1/4 on switches Core1 and Core2 like that, you would create a LAG. But for this experiment with MST I wanted to give this a try. I configured the switch ports like so...



And configured MST on all the switches so vlan 10-11 are in instance 1 and 20-21 in instance 2
Core1 has priority 0 on instance 1 and priority 1 on instance 2
Core2 has priority 1 on instance 1 and priority 0 on instance 2

For this test only vlan 10 was used, so only instance 1.

Here is what the MST looked like...


And when the first linux VM pings the second, I get a crazy loop. I went in and shutdown the blocking interfaces on the two access switches, still a loop. Then I "no shutdown" those interfaces, and shutdown the interface on Core2 that was blocking and my loop was gone.

So my question is. Is that just not a valid config. I get that is probably not to common, as 1/1/3 and 1/1/4 on the core switches would normally be made into a LAG. But shouldnt MST protect against aht anyway, What if someone accidentally connect them that way. I believe MST is suppose to protect us from ourselves also, LOL. Kidding, but really.   Or is this a bug in the OVA? or did I screw up my config?

When I do a "show spanning-tree summary root" it show that for instance 1, Core1 is root. And for Instance 2 core 2 is root. That is correct. And in the "show spanning-tree mst 1" on Core2, interface 1/1/3 is blocking, that looks right. But it doesn't appear as 1/1/3 really IS blocking as there is a loop and shutting down the port fixes it.

So, any thoughts. I am FULLY open to being the one who is wrong here, but it seems a bug in the OVA.

Ohh, and in WireShark, the traffic is a TON of ARP traffic, and a lot of ICMP, but looks to be more ARP. Also the Linux VM sending the ping show a lot of !DUP in the reply's.

So any feedback would be great. If you need more info from me, I am here.

Thanks

------------------------------
Daniel Worden
------------------------------