Comware

 View Only
last person joined: yesterday 

Back to discussions
Expand all | Collapse all

Spanning-Tree Problems

This thread has been viewed 49 times

  • 1.  Spanning-Tree Problems

    EMPLOYEE
    Posted Jan 25, 2023 06:32 AM
    Hi,

    I have  several switches that connect to the Core using LACP links, so spanning tree should not be a issue.

    The configuration is like this on the switch

    interface Bridge-Aggregation601
    description Ligacao ao Core - Bastidor 1
    port link-type trunk
    port trunk permit vlan all
    link-aggregation mode dynamic
    link-aggregation lacp traffic-redirect-notification enable
    stp loop-protection

    And on the Core is:

    interface Bridge-Aggregation601
    description Bastidor 1 (Datacenter)
    port link-type trunk
    port trunk permit vlan all
    link-aggregation mode dynamic
    stp root-protection

    Since a few days I get messages like:

    %Jan 24 22:42:09:914 2023 SW2_8 LPDT/4/LPDT_VLAN_LOOPED: A loop was detected on Bridge-Aggregation608 in VLAN 400.
    %Jan 24 22:34:08:181 2023 SW2_8 LPDT/5/LPDT_VLAN_RECOVERED: A loop was removed on Bridge-Aggregation608 in VLAN 250.
    %Jan 24 22:34:08:179 2023 SW2_8 LPDT/4/LPDT_VLAN_LOOPED: A loop was detected on Bridge-Aggregation608 in VLAN 250.
    %Jan 24 22:28:12:242 2023 SW2_8 LPDT/5/LPDT_VLAN_RECOVERED: A loop was removed on Bridge-Aggregation608 in VLAN 900.

    And the the loop-protection shuts down the port for 30 seconds.

    My question is how can I have a loop reported if I do not have stp redundant links, but lacp instead?

    Also sometimes I also get the message:

    %Jan 25 05:05:58:071 2023 HPE-5945-Core-HGO LAGG/6/LAGG_INACTIVE_OPERSTATE: Member port WGE2/2/1 of aggregation group BAGG601 changed to the inactive state, because the peer port did not have the Synchronization flag.


    This happens in several switches

    Thanks





  • 2.  RE: Spanning-Tree Problems

    MVP GURU
    Posted Jan 26, 2023 05:22 AM
    Hi!

    "spanning tree should not be a issue"

    Technically speaking STP is not an issue but a helping mechanism...so in a loop-free network a properly configured Spanning Tree topology is perfectly stable and help you to keep your network free of loops (physical member interfaces of a properly configured and working BAGG, from the STP standpoint, can't generate a loop in the interconnection between peer switches...at least if the involved BAGG are working correctly).

    "And the the loop-protection shuts down the port for 30 seconds."

    What port? a BAGG is a Logical Interface, are you referring to a physical member interface which is part of a BAGG or what?

    Can you show us the STP configurations running on the Core Switch and on a sample Distribution/Access Switch and the status of involved BAGGs?

    Are you sure there aren't loop at access level (on Edge interfaces)? is your network topology physically loop-free (considering the relationships between the Core and each Distribution/Access switch)?
    Original Message


  • 3.  RE: Spanning-Tree Problems

    EMPLOYEE
    Posted Jan 26, 2023 07:02 AM
    Hi,

    On my previous post I already sent the configuration on the remote switch and on the Core switch it connects to.

    What happens is that it shutsdown the BAGG and also the physical interfaces for 30 seconds.

    We found this was caused by another switch connected to the Core that was not running lacp but has redundancy by spanning tree. One of the links to core was flappping and for some reason it impacted on the lacp switch, wich is strange.

    Regards
    Original Message


  • 4.  RE: Spanning-Tree Problems

    MVP GURU
    Posted Jan 26, 2023 07:28 AM
    It's not strange that a BAGG is blocked by STP if the loop where it is involved includes an interface (or another BAGG) with higher priority (higher speed)...STP will keep the fastest forwarding at expense of the slowest.

    Let we say you have two switches and you are going to activate two BAGGs interfaces between them (BAGG1 and BAGG2) and BAGG1 is 2x1Gbps while BAGG2 is 2x10Gbps or 4x1Gbps...is highly probable that BAGG1 will be blocked in favour of BAGG2 since STP priority will be higher on fastest logical/physical interfaces (2G<4G and 2G<20G).



    Original Message


  • 5.  RE: Spanning-Tree Problems

    EMPLOYEE
    Posted Jan 26, 2023 07:57 AM
    Hi,

    I did not explain well.

    I have a stack that connects to core by a single LACP agreggation with two physical interfaces.

    Very often this lacp link blocked the two phisical interfaces ( I mean the ports going shutdown, not blocking by spanning-tree), but refering a possible loop.

    The I found this was happening because of another stack, also connecting to the core, that had on of the links flapping.

    For some reason the problem on thos stack cause impact on the other.

    Regards
    Original Message


  • 6.  RE: Spanning-Tree Problems

    MVP GURU
    Posted Jan 26, 2023 07:02 PM
    That's particularly strange: those events - considering your explanation - seem rather unrelated.
    Original Message


  • 7.  RE: Spanning-Tree Problems

    Posted Nov 14, 2023 06:35 PM

    Hi, I have the same problem: 2 switches directly connected to the "core switch", when a loop occur in in one of them, in the other the lacp goes down :-( 


    Original Message


  • 8.  RE: Spanning-Tree Problems

    Posted Jan 27, 2023 03:30 AM
    I may have missed this reading through the thread, but this isn't anything to do with spanning tree. The log output shows LPDT which is the loop detection mechanism. This is the layer2 loop detection that is intendant of STP.

    The 30 second dowtime also points to this. This is the default timer to bring down a port when a loop is detected.

    http://www.h3c.com/en/d_201905/1176174_294551_0.htm

    So I believe you have a loop and the switch is doing the correct thing. It is reported on the BAGG because it is a logical construct sent out the BAGG rather than on physicals. You may want to tweak parameters like the length of time and whether to block or just inform.
    Original Message


  • 9.  RE: Spanning-Tree Problems

    MVP GURU
    Posted Jan 27, 2023 08:09 AM
    Hi! yes (for Loop Detection reporting to the BAGG on the same switch/stack and no relation with STP) but - given I've not misunderstood what the OP explained in this thread - it was reported that what happened on the BAGG-to-Core on, say, stack "A" was related to what happened (Link flapping) on a port of, say, a completely different stack "B"...both stacks connected to a central Core, as far as I understood it...to me, this correlation sounds a little bit strange.

    Without further details and detailed topology it's hard to say what it is going on.
    Original Message


  • 10.  RE: Spanning-Tree Problems

    Posted Jan 27, 2023 08:17 AM
    Sure, always more info needed to work on this but as I operate a network where this happens very day it looks quite normal. Firstly with VLANs spanning multiple places (via aggregation/core layers) the same loop detection alarms can occur in multiple places. In fact I often see the alarm away from the source should said source be unable to transmit the SYSLOG for example.

    My main point is to ignore STP + check through LDP config on each stack. Consider LDP enabled on downlinks/edge ports but not uplinks.

    That should be a start and if the problem still exists further info or a TAC call is required.
    Original Message


  • 11.  RE: Spanning-Tree Problems

    EMPLOYEE
    Posted Nov 10, 2023 04:21 PM

    Hi,

    I have the same problem discribed on this post and I still do not understans the cause.

    I have a single LACP link with two phisical ports, connecting to the Core.

    Both the core and the remote switch are a IRF, so each physical port connects to a different switch on the other side.

    I have loop-detection configured on the LACP, but how can a loop exist, since there is only the LACP link between the switches?

    How can it report a loop?

    Please advise


    Original Message


  • 12.  RE: Spanning-Tree Problems

    Posted Nov 11, 2023 02:53 AM

    Hi, I think the most important fact is that when the message says it is detected on BAGG608, that does not mean the loop is on that interface. If you have a LACP between two IRF pairs, and beyond that you have other switches, the loop could be downstream. The loop detect frame is transmitted over the LACP link, continues somehow more hops before looping back to the source. The loop detection frame should be discarded by switches downstream but we see times when that doesn't happen. Perhaps a different switch OS or a really basic switch. 

    Put loop detect on all ports of all switches and follow the loop hop by hop until you get a message that it is on an edge port. Typically I only see it on one of the two looped edge ports, which ever detects the loop first. 

    The only other way I can see this happening legitimately is of one side of the LACP considers the physical ports to not be in a LACP. For example if you add the wrong physicals to the BAGG on one side. 

    If you have loop detection on all ports and vlans on the downstream switch, and LACP is correct, but nothing detected, that would be a support case. 


    Original Message


  • 13.  RE: Spanning-Tree Problems

    EMPLOYEE
    Posted Nov 11, 2023 08:02 AM
    Hi,

    You mean I should have loop detection on all ports on all switches even the core that is the centerbof the star?

    _______________________­­­­­
    Carlos Dias
    Technical Consultant




    Original Message


  • 14.  RE: Spanning-Tree Problems

    MVP GURU
    Posted Nov 11, 2023 08:54 AM
    You should have loop protection enabled on all "access" ports, in other terms on all ports where edge devices are connected (not on uplink/downlink interfaces, no matter if those ones are logical as with LAGs or physical as with standalone links)...and, also, you should ensure that your network topology is loop-free by design so you could focus in looking for any potential undesired/unwanted loop at access/edge level (and not at core-distribution level) making troubleshooting faster. Clearly bad things could happen at Core/Distribution level too but, most of the times, it's at the edge level that users are left free enough to be creative...



    Original Message


  • 15.  RE: Spanning-Tree Problems

    EMPLOYEE
    Posted Nov 12, 2023 03:55 PM

    Hi Davide,

     

    Thanks for you answer.

     

    We are using loop-protection on uplinks, because that was a suggestion o Support after some problems with loops some years ago.

     

    There should be no physical loops on the network, unless someone causes them, because the uplinks to the core use LACP of two ports.

     

    So once again clarify please:

     

    It makes no sense to configure loop protection on uplinks, correct?

     

    On the edge ports we configure:

     

    stp edged-port

    loopback-detection enable vlan 1 to 4094

    loopback-detection action shutdown

     

    And on uplinks we configure:

     

    stp loop-protection

     

    Any of this configurations is wrong?

     

    Best Regards

     

    ______________________­­­­­

    Carlos Dias
    Technical Consultant


     




    Original Message