Wired Intelligent Edge

 View Only
  • 1.  Spanning Tree

    Posted Dec 12, 2018 01:57 AM

    Hello,

    we use hp procurve and aruba switches.

    My predecessor configured the switch as follows:

    spanning-tree
    no spanning-tree 4 auto-edge-port
    no spanning-tree 6 auto-edge-port
    spanning-tree 7 admin-edge-port
    no spanning-tree 7 auto-edge-port
    spanning-tree 7 root-guard bpdu-filter bpdu-protection
    spanning-tree 8 admin-edge-port
    no spanning-tree 8 auto-edge-port
    spanning-tree 8 root-guard bpdu-filter bpdu-protection
    spanning-tree 9 admin-edge-port
    no spanning-tree 9 auto-edge-port
    spanning-tree 9 root-guard bpdu-filter bpdu-protection
    spanning-tree 10 admin-edge-port
    no spanning-tree 10 auto-edge-port
    spanning-tree 10 root-guard bpdu-filter bpdu-protection
    spanning-tree 11 admin-edge-port
    no spanning-tree 11 auto-edge-port
    spanning-tree 11 root-guard bpdu-filter bpdu-protection
    spanning-tree 12 admin-edge-port
    no spanning-tree 12 auto-edge-port
    spanning-tree 12 root-guard bpdu-filter bpdu-protection
    spanning-tree 13 admin-edge-port
    no spanning-tree 13 auto-edge-port
    spanning-tree 13 root-guard bpdu-filter bpdu-protection
    spanning-tree 14 admin-edge-port
    no spanning-tree 14 auto-edge-port
    spanning-tree 14 root-guard bpdu-filter bpdu-protection
    spanning-tree 15 admin-edge-port
    no spanning-tree 15 auto-edge-port
    spanning-tree 15 root-guard bpdu-filter bpdu-protection
    spanning-tree 16 admin-edge-port
    no spanning-tree 16 auto-edge-port
    spanning-tree 16 root-guard bpdu-filter bpdu-protection
    spanning-tree 17 admin-edge-port
    no spanning-tree 17 auto-edge-port
    spanning-tree 17 root-guard bpdu-filter bpdu-protection
    spanning-tree 18 admin-edge-port
    no spanning-tree 18 auto-edge-port
    spanning-tree 18 root-guard bpdu-filter bpdu-protection
    spanning-tree 19 admin-edge-port
    no spanning-tree 19 auto-edge-port
    spanning-tree 19 root-guard bpdu-filter bpdu-protection
    spanning-tree 20 admin-edge-port
    no spanning-tree 20 auto-edge-port
    spanning-tree 20 root-guard bpdu-filter bpdu-protection
    spanning-tree 21 admin-edge-port
    no spanning-tree 21 auto-edge-port
    spanning-tree 21 root-guard bpdu-filter bpdu-protection
    spanning-tree 22 admin-edge-port
    no spanning-tree 22 auto-edge-port
    spanning-tree 22 root-guard bpdu-filter bpdu-protection
    spanning-tree 23 admin-edge-port
    no spanning-tree 23 auto-edge-port
    spanning-tree 23 root-guard bpdu-filter bpdu-protection
    spanning-tree 24 admin-edge-port
    no spanning-tree 24 auto-edge-port
    spanning-tree 24 root-guard bpdu-filter bpdu-protection
    no spanning-tree Trk1 auto-edge-port
    spanning-tree Trk1 priority 4
    spanning-tree bpdu-protection-timeout 300 force-version RSTP-operation

    We have a trunk on ports 1-4 and we have ports 5 and 6 ready in case a trunk ports is defect.

    On the other ports are server (also VMware) and clients connected.

    How should I configure spanning tree?

    I have read this document: https://www.ingentive.net/sites/default/files/anwenderdokumente/procurve_best_practice_spanning_tree.pdf

    Is that what my predecessor did okay?

    I would do it this way:

    spanning-tree

    spanning-tree 7-24 root-guard bpdu-filter bpdu-protection

    spanning-tree 7-24 admin-edge port (because the clients and servers)

    spanning tree Trk1 priority 4

    spanning tree bpdu-protection-timeout 300 force-version RSTP-operation

    I am thankful for any help

    Kind regards

    Tobias

     

     

     

     

     



  • 2.  RE: Spanning Tree

    Posted Jan 02, 2019 07:30 AM

    Hi there,

    what you wrote at the bottom is the same like in the config. Once entered the switch will stretch it to the bigger size for whatever reason.

    The command "spanning tree Trk1 priority 4" is created automatically whenever you create a new trunk port.

    Just be sure to implement loop-protection on the client ports. When you filter the bpdus with the "bpdu-filter" command, the port will always be in a forwarding state and not send or receive bpdus on this port. Because of that the switch will not detect loops via STP on these ports.
    More info: http://h22208.www2.hpe.com/eginfolib/networking/docs/switches/WB/15-18/5998-8156_wb_2926_atmg/content/ch03s05.html

    I only activate the bpdu filter at the network edge (if the switch is also a router to another company), but I can see why you would deactivate it.