Wired Intelligent Edge

 View Only

  • 1.  mstp - isolate 2 spanning tree regions

    Posted Mar 19, 2014 12:24 PM

    Hello

     

    We have 2 separated network as you can see in the attached image.

    My goal is to isolate network "A" spanning tree topology from network "B" spanning topology.

    both networks are running on MSTP and with the default instance MTS-0.

    Interface VLAN is doing the connection between the networks, we have dedicated VLAN between network A and network B.

    We are getting a lot of topology changes from network B and it make a lot of problems in our network such as unicast flooding every second.

    We thought to run on mst0 on both networks, then create additional instance and assign just one VLAN to this instance-> VLAN between the networks. this way, change in network B will not change the topology in network A.

    The problem that is not working, even with the additional instance, i see a lot of topology changes and that coming from network B.

     

    HP-3500yl-24G(config)# sh spanning-tree

    Multiple Spanning Tree (MST) Information

    STP Enabled : Yes
    Force Version : MSTP-operation
    IST Mapped VLANs : 1-9,11-19,21-4094
    Switch MAC Address : 78e3b5-236080
    Switch Priority : 4096
    Max Age : 20
    Max Hops : 20
    Forward Delay : 15

    Topology Change Count : 44
    Time Since Last Change : 1 secs

    CST Root MAC Address : 78e3b5-236080
    CST Root Priority : 4096
    CST Root Path Cost : 0
    CST Root Port : This switch is root

    IST Regional Root MAC Address : 78e3b5-236080
    IST Regional Root Priority : 4096
    IST Regional Root Path Cost : 0
    IST Remaining Hops : 20

     

     

    backbone switch configuration:

    spanning-tree
    spanning-tree config-name "prod"
    spanning-tree config-revision 1
    spanning-tree instance 1 vlan 20
    spanning-tree instance 1 priority 1

     

    second backbone switch:

    spanning-tree
    spanning-tree config-name "prod"
    spanning-tree config-revision 1
    spanning-tree instance 1 vlan 20

     


    all other vlans are in mst0. when im doing some topology change in network B, i still see topology change in mst0, why?

    the change should be just in mst1, am i right?

     

    Thank you!

     



  • 2.  RE: mstp - isolate 2 spanning tree regions

    Posted Mar 20, 2014 08:23 AM

    You might want to try using tcn-guard on the port that is interconnecting your two networks, this will stop network2 from influencing network 1 and vice versa. 

     

    As a side note, having a single region for teh VLAN between the two networks would not work as MSTP will only work if the ports have multiple VLANs traversing them so it knows it can block on one VLAN and allow on another. 

     

    You could look at using rapid-pvst, but I am not so sure it will help you out if you are wanting to keep the two networks seperate. The best way is to keep the two regions logically seperate by using tcn-guard - you could also use bpdu-filter on the network conneciton port but this would not help you if a loop was to occur on the interconnect.

     

    HTH.



  • 3.  RE: mstp - isolate 2 spanning tree regions

    Posted Mar 20, 2014 09:44 AM

    thank you very much!

    tcn-guard sounds great, but i have 4 uplinks between the networks, it will not cause a loop if i will enable tcn-guard on all ports?

    by the way, i just tried it in my LAB environment and it doesn’t work, the switch doesn’t care from the tcn-gurad.  i still see topology change from that port.

     

    HP-3500yl-24G(config)# sh running-config interface 2

    Running configuration:

    interface 2
    tagged vlan 20
    spanning-tree tcn-guard
    exit

     

    HP-3500yl-24G(config)# sh spanning-tree debug-counters instance 0 ports 2

    Status and Counters - CIST Port(s) Debug Counters Information

    MST Instance ID : 0
    Port : 2

    Counter Name Value Last Updated
    --------------------------- ---------- -----------------
    Invalid BPDUs 0
    Errant BPDUs 0
    MST Config Error BPDUs 1 03/20/14 15:22:48
    Looped-back BPDUs 0
    Starved BPDUs 0
    Exceeded Max Age BPDUs 0
    Exceeded Max Hops BPDUs 0
    Topology Changes Detected 9 03/20/14 15:36:38
    Topology Changes Tx 20 03/20/14 15:36:40
    Topology Changes Rx 10 03/20/14 15:36:39
    Topology Change ACKs Tx 0
    Topology Change ACKs Rx 0

     

    Multiple Spanning Tree (MST) Information

    STP Enabled : Yes
    Force Version : RSTP-operation
    IST Mapped VLANs : 1-4094
    Switch MAC Address : 78e3b5-236080
    Switch Priority : 4096
    Max Age : 20
    Max Hops : 20
    Forward Delay : 15

    Topology Change Count : 16
    Time Since Last Change : 5 mins

     

     

     



  • 4.  RE: mstp - isolate 2 spanning tree regions

    Posted Mar 20, 2014 10:58 AM

    Are the 4 uplink ports part of a trunk? if so then the tcn-guard would be applied to the trunk not the individual port.

     

    tcn-guard will need to be applied to the uplinks on both regions.

     

     



  • 5.  RE: mstp - isolate 2 spanning tree regions

    Posted Mar 20, 2014 11:25 AM

    No, they are not part of the trunk, they are individual, 3 ports are in block and one ports is in forwarding state.



Related Content