Solved

Cisco 2950 switch - enabling spanning tree

Posted on 2004-04-05
12
2,505 Views
Last Modified: 2007-12-19
Hi,

I've got a Cisco 2950 switch that I want to enable spanning tree protocol on.

I've been reading the IOS cmd reference at:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087463.html
and used the relevant commands, but when I do a "show spanning" it gives me:

========
switch1#sho span

Spanning tree 1 is not currently active
No parameters have been configured
========
switch1#sho ver
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-C3H2S-M), Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE
========

To try and enable it on VLAN 100, I do:
crm_switch1(config)#spanning-tree vlan 100

which just takes me back to the prompt (ie. no error).

If I do a show vlan, I can see that it is NOT enabled on any of the VLANs:

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003
10   enet  100010     1500  -      -      -        -    -        0      0
100  enet  100100     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        1      1003
1003 tr    101003     1500  1005   0      -        -    srb      1      1002
1004 fdnet 101004     1500  -      -      1        ibm  -        0      0
1005 trnet 101005     1500  -      -      1        ibm  -        0      0


The reason for needing STP is that this network has an ethernet<->Token Ring bridge (2600 Cisco router actually) that is bridging the two. I am having a problem with a Linux machine on the TR network not being able to talk to the eth segment and one of the suggested resolutions is to enable STP, hence my requirement.



0
Comment
Question by:td_miles
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 100 total points
ID: 10765302
It does not make logical sense to need to enable spanning-tree on an interface that connects to a router.
Have you tried re-setting the MTU on the Linux machine? TR defaults to 4500, Ethernet is 1500.
Unless you have specifically configured it otherwise:

Defaults

Spanning tree is enabled on all VLANs.
The forward-delay time is 15 seconds.
The hello time is 2 seconds.
The max-age is 20 seconds.
The primary root switch priority is 24576.
The secondary root switch priority is 28672.

Try these commands:
show spanning-tree active
show spanning-tree detail


0
 
LVL 1

Expert Comment

by:roddie
ID: 10767791
This might be a stupid question, but do you have vlan 100 assigned to any ports?

You should also enter "vlan database" mode and confirm that the vlan is created properly.

"show vlan 100" output might help me with a bit more information.

Roddie
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 150 total points
ID: 10768659
Here are my comments:
1. If the Linux box is on the other side of the router, spanning tree (or the lack) on the 2950 switch will have no impact on Linux box connectivity. The purpose of spanning tree is to prevent Layer 2 loops. The router is a Layer 2 boundary.

2. The output you gave us for "show vlan" is normal, don't worry about it.

3. MTU size difference shouldn't be a major issue unless the "Do Not Fragment" bit is being set by the applications running on it. Normally it isn't and the router will take care of differing MTU sizes.

3. Are there other devices on the Token Ring that do work correctly? If so, the problem is with the Linux box, not your network. Check netstat -rn and see if it's routing is configured correctly. Perhaps it is running a dynamic routing protocol and something is giving it a false route to the ethernet. Is there more than one way out of the token ring? Maybe it needs to have a route configured to the ethernet because it's default is sending it the wrong way.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10769575
Further comment/question: If my above advice didn't help, please provide more information: Is the router actually bridging as you said, or are they on different IP subnets? What exactly is the problem that the Linux box is experiencing?

I would disagree with lrmoore that it doesn't make sense to enable spanning tree on a port connected to a router. It depends what you are doing.

Spanning tree is enabled by default on any VLAN you configure, unless you've specifically disabled it. You won't see it in the configuration for that reason.
0
 
LVL 13

Author Comment

by:td_miles
ID: 10770477
output requested:

switch1#sho spanning-tree active
                          ^
% Invalid input detected at '^' marker.

switch1#sho spanning-tree detail
                          ^
% Invalid input detected at '^' marker.

### I'm guessing that those commands are from a newer IOS, so here is the output from some one DOES exist :)

switch1#sho spanning-tree brief

VLAN10
  Spanning tree enabled protocol IEEE
  ROOT ID    Priority 32768
             Address 0007.5015.a582
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     0007.5015.a582
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec


Port                           Designated
Name    Port ID Prio Cost Sts  Cost  Bridge ID      Port ID
------- ------- ---- ---- ---  ----  -------------- -------
Fa0/1   128.7   128  19   FWD  0     0007.5015.a582 128.7
Fa0/2   128.8   128  19   FWD  0     0007.5015.a582 128.8
Fa0/3   128.9   128  19   FWD  0     0007.5015.a582 128.9
Fa0/4   128.10  128  19   FWD  0     0007.5015.a582 128.10
Fa0/5   128.11  128  19   BLK  0     0007.5015.a582 128.11
Fa0/6   128.12  128  100  BLK  0     0007.5015.a582 128.12

VLAN100
  Spanning tree enabled protocol IEEE
  ROOT ID    Priority 32768
             Address 0007.5015.a581
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     0007.5015.a581
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec


Port                           Designated
Name    Port ID Prio Cost Sts  Cost  Bridge ID      Port ID
------- ------- ---- ---- ---  ----  -------------- -------
Fa0/7   128.13  128  100  FWD  0     0007.5015.a581 128.13
Fa0/8   128.14  128  19   FWD  0     0007.5015.a581 128.14
Fa0/9   128.15  128  100  FWD  0     0007.5015.a581 128.15
Fa0/10  128.16  128  19   FWD  0     0007.5015.a581 128.16
Fa0/11  128.17  128  19   FWD  0     0007.5015.a581 128.17
Fa0/12  128.18  128  19   FWD  0     0007.5015.a581 128.18
Fa0/13  128.19  128  19   FWD  0     0007.5015.a581 128.19
Fa0/14  128.20  128  100  FWD  0     0007.5015.a581 128.20
Fa0/15  128.21  128  19   FWD  0     0007.5015.a581 128.21
Fa0/16  128.22  128  19   FWD  0     0007.5015.a581 128.22


Port                           Designated
Name    Port ID Prio Cost Sts  Cost  Bridge ID      Port ID
------- ------- ---- ---- ---  ----  -------------- -------
Fa0/17  128.23  128  19   FWD  0     0007.5015.a581 128.23
Fa0/18  128.24  128  19   FWD  0     0007.5015.a581 128.24
Fa0/19  128.25  128  19   FWD  0     0007.5015.a581 128.25
Fa0/20  128.26  128  19   FWD  0     0007.5015.a581 128.26
Fa0/21  128.27  128  19   FWD  0     0007.5015.a581 128.27
Fa0/22  128.28  128  19   FWD  0     0007.5015.a581 128.28
Fa0/23  128.29  128  19   BLK  0     0007.5015.a581 128.29
Fa0/24  128.30  128  19   BLK  0     0007.5015.a581 128.30

switch1#sho vlan 100
                 ^
% Invalid input detected at '^' marker.


---------------

Now to answer comments:

> Have you tried re-setting the MTU on the Linux machine?
No, I haven't. I will check this, but I can't do it right now, as due to this problem, I can't get to the Linux box remotely and have to physically go to the console to do anything. I have my doubts that this is the problem as someone else said the MTU differences should be taken care of by the bridge, which I tend to agree with.

> This might be a stupid question, but do you have vlan 100 assigned to any ports?
Yes. As you should be able tell from the above output ports 1-6 are assigned to VLAN 10 & ports 7-24 are in VLAN 100. The bridge is connected to one of the ports in VLAN 100.

> 3. Are there other devices on the Token Ring that do work correctly? If so, the problem is with the Linux box,
> not your network.
Yes, there are plenty of other devices that are working fine on the TR network. The only one that isn't is the Linux box, which now that I write this makes it seem quite obvious where the problem lies. The only reason I was questioning about STP protocol was in response to something I read when I did some googling for Linux TR problems, the post said that Linux could have problems if STP wasn't enabled for a TR card. I know it is enabled on the bridge, but couldn't be sure about the switch, hence this question.

> Check netstat -rn and see if it's routing is configured correctly. Perhaps it is running a
> dynamic routing protocol and something is giving it a false route to the ethernet.
I will check this, although no dynamic routing protocols are being used and unless the Linux install (RH9) decided to enable one by default there shouldn't be.

> Is there more than one  way out of the token ring?
No, there is a single eth/TR bridge (2600 router with one eth int & one TR int).

> Maybe it needs to have a route configured to the ethernet because it's default is sending it the wrong way.
Possibly, but the ethernet NIC in the Linux box is disabled and it only has the TR interface to use.

> Is the router actually bridging as you said, or are they on different IP subnets?
Yes the router IS bridging. It is the same IP subnet (192.168.3.0/24) throughout. Output from the bridge:

bridge1#sho bridge

Total of 300 station blocks, 236 free
Codes: P - permanent, S - self

Bridge Group 1:

    Address       Action   Interface       Age   RX count   TX count
0009.6bb4.5151   forward   Ethernet0/0      1          50          0
00c0.02d6.1716   forward   Ethernet0/0      0     1816672          0
0008.2131.1211   forward   Ethernet0/0      1         133        125
0002.550d.f0f8   forward   Ethernet0/0      4       22723      17010
0002.5522.b8b2   forward   TokenRing0/0     0       19924      21141
0009.6b71.aea2   forward   Ethernet0/0      0        4913       4518
0006.2961.6771   forward   TokenRing0/0     2           2          0
0008.2129.8891   forward   Ethernet0/0      0         390        314
0060.b096.eaf1   forward   Ethernet0/0      0        2326          0
0006.29ca.cdd2   forward   TokenRing0/0     0        9979      11193
0007.5015.a589   forward   Ethernet0/0      0         775          0
00a0.c963.caf9   forward   TokenRing0/0     0      491121     118936
0002.5552.86b3   forward   TokenRing0/0     0       14258      15034
0004.238d.6452   forward   Ethernet0/0      4           2          0
0006.29ca.cdfb   forward   TokenRing0/0     0        2907       1786
--- SNIP ---


> What exactly is the problem that the Linux box is experiencing?
The problem is that the Linux box cannot communicate with anything on the ethernet network. It can talk just fine to any TR device. I can also ping both the TR & eth interfaces of the bridge (from Linux box), but no further.

Now that I know STP is configured and working on the switch properly, maybe I need to take this question to the Linux group, but I suspect that the chances of finding anyone there with TR experience are not that great...
0
 
LVL 13

Author Comment

by:td_miles
ID: 10770509
output from bridge "sho span":

bridge1#sho span

 Bridge group 1 is executing the IEEE compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, address 0007.50f0.81c0
  Configured hello time 2, max age 20, forward delay 15
  Current root has priority 32768, address 0007.5015.a581
  Root port is 2 (Ethernet0/0), cost of root path is 100
  Port Number size is 9
  Topology change flag not set, detected flag not set
  Times:  hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15
  Timers: hello 0, topology change 0, notification 0
  bridge aging time 300

Port 2 (Ethernet0/0) of Bridge group 1 is forwarding
   Port path cost 100, Port priority 128
   Designated root has priority 32768, address 0007.5015.a581
   Designated bridge has priority 32768, address 0007.5015.a581
   Designated port is 15, path cost 0
   Timers: message age 2, forward delay 0, hold 0
   BPDU: sent 2, received 933620

Port 3 (TokenRing0/0) of Bridge group 1 is forwarding
   Port path cost 62, Port priority 128
   Designated root has priority 32768, address 0007.5015.a581
   Designated bridge has priority 32768, address 0007.50f0.81c0
   Designated port is 3, path cost 100
   Timers: message age 0, forward delay 0, hold 0
   BPDU: sent 0, received 0

===========
MAC addresses:

bridge1 eth0/0 - 0007.50f0.81c0
bridge1 tr0/0 - 00e7.0a0f.8183
switch1 VLAN1 - 0007.5015.a580
switch1 VLAN100 - 0007.5015.a580
switch1 Fa0/1 - 0007.5015.a581
switch1 Fa0/2 - 0007.5015.a582
switch1 Fa0/3 - 0007.5015.a583
   ...
switch1 Fa0/24 - 0007.5015.a598



0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10770968
You know, you might also consider upgrading your router software if you can. Also the 2950- what you have is pretty old for that switch. It is possible that there is a translational bridging anomaly that is causing a problem at the router, or some other issue on the switch. If everything is on the same subnet, obviously it's not a Layer 3 issue. And if you can't even ping the ethernet stuff from the Linux box, MTU is not the issue either.

The fact that it stops at the router (but you can ping the router's ethernet interface) makes me wonder if the problem is at the router or the 2950. In the bridging table, does it see the Linux MAC address on the token ring interface? You will have to do the MAC translation, then see if you see the translated MAC on the switch, pointing back toward the token ring.
0
 
LVL 13

Author Comment

by:td_miles
ID: 10771387
unfortunately neither device is under Cisco maintenance, so I can't legally update them.

I'm having a mental block in regard to the translation, from memory what I do is convert the HEX to a binary address, flip each byte round, then convert back to HEX ?

Eg. for a four digit hex number

12ab = 00010010 10101011
flip each byte (8 bits) to give -> 01001000 11010101 = 48d5

is that correct ?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10776124
Yep
0
 
LVL 13

Author Comment

by:td_miles
ID: 10810414
Guys,

I'm going to request that this question be removed. The "powers" have decided to not waste any more time on trying to work out why the Linux box on TR can't talk to the ethernet machines and simply replace it with a WinXP box.

Any objections to this course of action ?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 10812531
Regardless of whether or not your questions about Spanning Tree resolved the underlying issue, your original question "I want to enable Spanning Tree" was answered.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10815944
It was answered, plus a lot more help was given. A management decision not to pursue the problem further doesn't invalidate the value of the help we provided.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port forwarding in Cisco RV215w 2 54
VLAN question 7 70
Line cards, Supervisor, Control plane 7 35
Linksys e2500 wireless router - should I upgrade 6 23
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question