- Spanning Tree Protocol(STP) in AP is supported from AOS 6.3
- STP is supported only in AP with more than 2 Ethernet ports.
- It is supported in 93H and multiport RAPs (RAP-5,RAP-3 and RAP-155)
- STP is applied only on downlink ports not on uplink port.
- RSTP,PVSTP,MSTP is not supported and also features like port fast is not supported
For a CAP STP is supported in Tunnel, bridge, D-crypt tunnel mode and on RAP STP is supported on all modes (Tunnel, bridge and Split-tunnel)
• Main functionality of STP is to detect and block loop.
• AP detect loop and block ports based on IEEE 802.1D protocol.
• It can be enabled globally and also enabled/disabled on each individual ports.
• STP works with different types of forwarding modes of AP and wired ports
Environment : In a Typical Environment of using all the wired ports uplinks with AP`s(ap 93H or RAP mulitport like RAP 5, RAP, RAP 155) terminating back to core switch.
Network Topology :
Spanning tree configuration needs to be enabled on both AP system-profile and also on wired-port profile to detect loop and to STP to Kick-in.
• Global configuration:
(Aruba650) (config) #ap system-profile default
(Aruba650) (AP system profile "default") #spanning-tree
(Aruba650) (AP system profile "default") #
• Per Port Config:
(Aruba650) (config) #ap wired-port-profile default
(Aruba650) (AP wired port profile "default") #spanning-tree
Applying Enet profile to AP-group:
(Aruba650) (config) #ap-group default
(Aruba650) (AP group "default") #enet1-port-profile default
Below commands confirms STP kick-in successfully and blocked the ports. Find below
(Aruba650) (config) #show datapath bridge ap-name 1.9302
Datapath Bridge Devices
-----------------------
Flags: F - source-filter, T - trusted, Q - tagged, I - IP
S - split-tunnel, B - bridge, M - mesh, P - PPPoE
w - Wired, b - blocked by STP
Dev Name VLANs PVID ACLs FramesRx FramesTx Flags
--- ------------ ----- ---- ------ -------- -------- -----
5 eth1 4094 1 1/0 0 4 FQBbw
6 eth2 4094 1 1/0 2 165 FQBw
7 eth3 4094 1 1/0 0 166 FQBw
8 eth4 4094 1 1/0 0 162 FQBw
9 bond0 4094 20 0/0 1032949 1136937 FTQB
14 br0 0 20 2700/0 1135703 0 IB
Below command " show ap debug port status ap-name" confirm to verify STP on the wired port status as mentioned below.
(Aruba650) (Virtual AP profile "tunnel") #show ap debug port status ap-name 00:0b:86:80:ea:cb
AP "00:0b:86:80:ea:cb" Port Status
----------------------------------
Port MAC Type Forward Mode Admin Oper Speed Duplex 802.3az PoE STP TX-Packets TX-Bytes RX-Packets RX-Bytes
---- --- ---- ------------ ----- ---- ----- ------ ------- --- --- ---------- -------- ---------- --------
0 00:0b:86:80:ea:cb GE N/A enabled up 1 Gb/s full N/A N/A N/A 21350 3255386 23376 2789931
1 00:0b:86:80:ea:cc FE tunnel enabled up 100 Mb/s full N/A N/A Blocking 108 19592 1852 123771
2 00:0b:86:80:ea:cd FE tunnel enabled up 100 Mb/s full N/A N/A Forwarding 8718 877208 10067 804998
3 00:0b:86:80:ea:ce FE tunnel enabled up 100 Mb/s full N/A N/A Blocking 102 18746 1832 121591
4 00:0b:86:80:ea:cf FE tunnel enabled down N/A N/A N/A N/A Disabled 0 0 0 0
Commands like show ap debug spanning-tree and captures at the uplink wired port will provide BPDU information to look at the port status.
Aruba650) (config) #show ap debug spanning-tree ap-name 00:0b:86:80:ea:cb
stpdev
bridge id 8000.000b8680eacc
designated root 8000.000b866acc00
root port 2 path cost 19
max age 20.00 bridge max age 20.00
hello time 2.00 bridge hello time 2.00
forward delay 15.00 bridge forward delay 15.00
ageing time 13.29
hello timer 0.00 tcn timer 0.00
topology change timer 0.00 gc timer 0.10
flags
eth4 (4)
port id 8004 state disabled
designated root 8000.000b8680eacc path cost 100
designated bridge 8000.000b8680eacc message age timer 0.00
designated port 8004 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags
eth3 (3)
port id 8003 state forwarding
designated root 8000.000b866acc00 path cost 19
designated bridge 8000.000b8680eacc message age timer 0.00
designated port 8003 forward delay timer 0.00
designated cost 19 hold timer 0.60
flags
eth2 (2)
port id 8002 state forwarding
designated root 8000.000b866acc00 path cost 19
designated bridge 8000.000b866acc00 message age timer 19.60
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags
eth1 (1)
port id 8001 state disabled
designated root 8000.000b8680eacc path cost 19
designated bridge 8000.000b8680eacc message age timer 0.00
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags