I have a K-12 customer with the follwing setup.

Juniper 4550 in the MDF

10G links to IDF's with a S2500-48P in the IDF's

We have PVST turned on 

Each switch has a data vlan, voice vlan and a mgmt vlan(customer is using V1 for this..I know! bad practice.)

The problem we are seeing is the IDF switches become unavailable from a management stand point. Traffic still flows out of the switch but you cannot reach it to manage it. All of the bridge ID's were set at 32768. Lastnight I had a call with TAC and they changed one of the ones we couldnt communicate with to 36684 and that fixed it, but then another IDF became unavailable. I changed it and then another IDF became unreachable on the mgmt vlan...and so on. I really dont want to have to go back and change every single 2500. The other odd thing is, I am not seeing this at every campus. Only at 2 of the 5 we have deployed to this date. We are deploying 13 more campuses in the next week or so. Really would like to **bleep** this in the bud quickly before the problem spreads.

PVST is disabled on the Juniper switch for vlan 1 only


Thanks in advance for any solutions or suggestions!!


When you're saying that PVST is turned on, are you saying PVST+ on the S2500s but VSTP on the EX4550?  If so, any reason why you wouldn't just run MSTP which both platforms support and is standards based?


Can you give more detail on the bridge IDs? What is the 4550 set to? When an IDF became unavailable, what was the STP state either from the S2500 or from the 4550? The native vlans are matching in your environment right? PVST+ needs to be able to send out BPDUs untagged between switches in addition to tagged BPDUs. Junos's default vlan isn't actually 1, you have to specifically configure it that way "set vlan default vlan-id 1"


Also, any particular reason you're not using LAGs from the S2500s up to the 4550s so you can avoid STP all together or at least not worry about load balancing VLANs on the uplink?


Best regards,



