Solved

3 Switches connected an only two are participating in spanning tree and I can not figure out why.

Posted on 2011-03-11
16
1,135 Views
Last Modified: 2012-05-11
I have two cisco 2950 switches, each connected to a SF 300 series switch via a four port Ether-channel. The SF 300 switch is in Layer three mode. All three switches are set to RSTP, I set the SF300 priority to 0 to force it to be the root switch, but this has not happened. If I change the priority on either of the 2950 switches the root will change between one of them depending on who has the lower priority, but the SF300 never gets involved in the root designation.

I enabled port mirroring on one of the 2950 switches and on the SF300. When I am monitoring VLAN traffic on the SF300 switch I see no STP packets via wire shark. Even if I change the Priorities on the 2950's to generate traffic. If I monitor the interfaces and not the VLAN it is the same result. When I am monitoring the other end of the Ether-channel on the 2950 side I See the STP packets form the SF300, but never see any sent from the 2950, even when I change the priorities to generate traffic. When I change the Monitoring on the 2950 to monitor VlAN instead of the Ether-channel I see the STP traffic from the 2950 but now do not see any from the SF300. I assume there is a misconfiguration somewhere but I have hit a wall as where to look next.

SF300 Switch

Spanning tree state: enabled, mode: RSTP, BPDU handling Flooding, Path cost: Long. Priority: 0, Hello Time: 2, Max Age:10, Forward Delay:8,
RSTP Interface Setting:
LAG Point-to-Point enabled, port role Designated, fast-link enabled, port status forwarding


Switch 2950 1

spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
spanning-tree vlan 2-100 priority 4096
spanning-tree vlan 2-100 forward-time 8
spanning-tree vlan 2-100 max-age 10

interface Port-channel2
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 switchport nonegotiate
 flowcontrol send off
 spanning-tree bpdufilter disable
 spanning-tree bpduguard disable
 spanning-tree guard none

interface FastEthernet0/45
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 switchport nonegotiate
 channel-group 2 mode passive
 spanning-tree guard none
 lacp port-priority 1
!
interface FastEthernet0/46
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 switchport nonegotiate
 channel-group 2 mode passive
 spanning-tree guard none
 lacp port-priority 1
!
interface FastEthernet0/47
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 switchport nonegotiate
 channel-group 2 mode passive
 spanning-tree guard none
 lacp port-priority 1
!
interface FastEthernet0/48
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 switchport nonegotiate
 channel-group 2 mode passive
 spanning-tree guard none
 lacp port-priority 1

Switch 2950 2

spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
spanning-tree vlan 2-100 priority 20480
spanning-tree vlan 100 forward-time 8
spanning-tree vlan 100 max-age 10

interface Port-channel1
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 flowcontrol send off
 spanning-tree guard none

interface FastEthernet0/45
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 channel-group 1 mode passive
 spanning-tree guard none
 lacp port-priority 1
!
interface FastEthernet0/46
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 channel-group 1 mode passive
 spanning-tree guard none
 lacp port-priority 1
!
interface FastEthernet0/47
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 channel-group 1 mode passive
 spanning-tree guard none
 lacp port-priority 1
!
interface FastEthernet0/48
 switchport trunk native vlan 100
 switchport trunk allowed vlan 2-100
 switchport mode trunk
 channel-group 1 mode passive
 spanning-tree guard none
 lacp port-priority 1
0
Comment
Question by:MJcouture
  • 9
  • 6
16 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 35110906
>I have two cisco 2950 switches, each connected to a SF 300 series switch via a four port Ether-channel. The SF 300 switch is in Layer three mode.

Not sure I follow you by "... switch is in layer three mode". Do you mean the ports are layer 3 ports? If so, then you wouldn't be seeing BPDU's as layer 3 ports don't participate in spanning-tree.  
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 35110984
what shows the:

sh spanning-tree
sh cdp nei
?
0
 
LVL 1

Author Comment

by:MJcouture
ID: 35111030
The SF 300 Switches are stripped down switches and do not have the features that a catalyst switch has. There is no CLI so you can not enable Inter-VLAN routing using CLI. So for inter-VlAN routing you put the switch in layer 3 mode via a selection on the limited functionality the serial connection gives you. The rest of the configuration is done by GUI.  

As far as I understand from the documentation that I have read about the SF 300, layer 3 mode only enables Inter-VLAN routing and does not specifically put any interface in as a layer 3 interface. There are no ip addresses assigned to any interfaces, just VLANs.

 
0
 
LVL 1

Author Comment

by:MJcouture
ID: 35111117
The SF 300 does not have CDP (it is suppose to be on the next firmware update).  There is no CLI for the SF300 so I can not use the show spanning-tree command. Fen
or the 2950 it shows:

ClayAcSW1#sho span

VLAN0002
  Spanning tree enabled protocol rstp
  Root ID    Priority    4098
             Address     000b.460e.e040
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4098   (priority 4096 sys-id-ext 2)
             Address     000b.460e.e040
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Desg FWD 8         128.65   P2p


VLAN0003
  Spanning tree enabled protocol rstp
  Root ID    Priority    4099
             Address     000b.460e.e040
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4099   (priority 4096 sys-id-ext 3)
             Address     000b.460e.e040
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Desg FWD 8         128.65   P2p


VLAN0004
  Spanning tree enabled protocol rstp
  Root ID    Priority    4100
             Address     000b.460e.e040
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4100   (priority 4096 sys-id-ext 4)
             Address     000b.460e.e040
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Desg FWD 8         128.65   P2p


VLAN0005
  Spanning tree enabled protocol rstp
  Root ID    Priority    4101
             Address     000b.460e.e040
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4101   (priority 4096 sys-id-ext 5)
             Address     000b.460e.e040
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Desg FWD 8         128.65   P2p


VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    4196
             Address     000b.460e.e040
             This bridge is the root
             Hello Time   2 sec  Max Age 10 sec  Forward Delay  8 sec

  Bridge ID  Priority    4196   (priority 4096 sys-id-ext 100)
             Address     000b.460e.e040
             Hello Time   2 sec  Max Age 10 sec  Forward Delay  8 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Desg FWD 8         128.65   P2p

ClayAcSW2#sho span

VLAN0002
  Spanning tree enabled protocol rstp
  Root ID    Priority    4098
             Address     000b.460e.e040
             Cost        8
             Port        65 (Port-channel2)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8194   (priority 8192 sys-id-ext 2)
             Address     000a.8a89.d800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po2              Root FWD 8         128.65   P2p


VLAN0003
  Spanning tree enabled protocol rstp
  Root ID    Priority    8195
             Address     000a.8a89.d800
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8195   (priority 8192 sys-id-ext 3)
             Address     000a.8a89.d800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po2              Desg FWD 8         128.65   P2p


VLAN0004
  Spanning tree enabled protocol rstp
  Root ID    Priority    8196
             Address     000a.8a89.d800
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8196   (priority 8192 sys-id-ext 4)
             Address     000a.8a89.d800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po2              Desg FWD 8         128.65   P2p


VLAN0005
  Spanning tree enabled protocol rstp
  Root ID    Priority    8197
             Address     000a.8a89.d800
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8197   (priority 8192 sys-id-ext 5)
             Address     000a.8a89.d800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po2              Desg FWD 8         128.65   P2p


VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    4196
             Address     000b.460e.e040
             Cost        8
             Port        65 (Port-channel2)
             Hello Time   2 sec  Max Age 10 sec  Forward Delay  8 sec

  Bridge ID  Priority    8292   (priority 8192 sys-id-ext 100)
             Address     000a.8a89.d800
             Hello Time   2 sec  Max Age 10 sec  Forward Delay  8 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1            Desg FWD 19        128.1    P2p
Po2              Root FWD 8         128.65   P2p


VLAN 100 is the Management vlan and the only one I am working with right now. All though I did just notice that on Switch 2 for Vlan, 3, 4 and 5 it is the root, when swtich1 should be.



0
 
LVL 1

Author Comment

by:MJcouture
ID: 35111342
"All though I did just notice that on Switch 2 for Vlan, 3, 4 and 5 it is the root, when swtich1 should be"

This was nothing and is fixed now. It was just because I had not created them yet on the SF300 and therefor the VLANs (3,4,5)  were not allowed on the LAG (Etherchannel) yet. Therefor they were not allowed to go through SF300 to get to the other 2950 switch.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 35111609
I think you're misinterpreting the output.

Switch 1 is the root.

ClayAcSW1#sho span

VLAN0002
  Spanning tree enabled protocol rstp
  Root ID    Priority    4098
             Address     000b.460e.e040
             This bridge is the root   <-------------------
             Hello Time   2 sec  Max Age 20

ClayAcSW2#sho span

VLAN0002
  Spanning tree enabled protocol rstp
  Root ID    Priority    4098
             Address     000b.460e.e040
             Cost        8
             Port        65 (Port-channel2)

Open in new window

0
 
LVL 1

Author Comment

by:MJcouture
ID: 35111760
Yes but the Priority on the SF 300 is 0 and thus should be the root. It appears that the STP traffic is passing from one 2950 through the SF300 to the other 2950 without the SF300 getting involved.

***I changed the priorities around from what was posted before, that is reason for the different numbers***

Spanning tree For VLAN 100

Switch 1 Priority = 8292  
Switch 2 Priority = 4196 and is the root
SF 300 Priority = 100 and should be the root but is not.

Of Course with no CLI on the SF 300 it make it difficult to trouble shoot.

0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 35112128
>Of Course with no CLI on the SF 300 it make it difficult to trouble shoot.

It would appear that whatever you did to the SF 300 was either the wrong instruction or did not apply properly.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 1

Author Comment

by:MJcouture
ID: 35112280
Yes it is. I could not justify buying a Layer 3 Catalyst switch, with the size of my company so I figured I would try a Small business Layer 3 switch. It has been very frustrating as the configuration options are limited to the GUI.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 35112297
There must be some way to view the STP configuration.
0
 
LVL 1

Author Comment

by:MJcouture
ID: 35112833
It is just selections, I have:

Spanning tree enabled
Mode = RSTP
BPDU handling= Flooding
Path Cost Default Values= Long

Bridge Settings:

Priority = 0
Hello Time = 2
Max Age: 10
Forward Delay = 8

RSTP Interface settings

Point-to-Point= enabled
Port Role= Designated
Fast Link= Disabled
Port Status= Forwarding

I am starting wonder if the SF 300 does not support Per-VLAN Spanning Tree. Even though VLAN 100 is the management VLAN I decided to I go back and allow VLAN 1 over the trunk. The SF 300 was the root for VLAN 1 but was not for any of the other VLANs. I think I have to configure MST on the SF300 because RSTP on the 2950's is PerVLAN- RSTP. Where as on the SF 300 RSTP is not Per-VLAN.

any thoughts?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 35112857
I don't think so... It's a Cisco switch. It should support Per-VLAN RSTP.

Are you sure the parameters above are for VLAN's 2 - 5 and not just for VLAN 1?
0
 
LVL 1

Author Comment

by:MJcouture
ID: 35112976
all the parameters are the same for VLANs 1-100. I configured them as a group and not individually, plus I double checked to confirm it.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 35113065
Well, it certainly does seem like it's not participating in spanning-tree. The cost are not being incremented by the SF 300.

And since you can't do CST on the 2950's, your only option is to run 802.1s. That assumes, of course, that all three switches support 802.1s.
0
 
LVL 1

Author Comment

by:MJcouture
ID: 35113097
It appears that they do. I will work on it on Monday and let you know how it goes.
0
 
LVL 1

Author Closing Comment

by:MJcouture
ID: 35180299
Thanks for your help. I confirmed that the Small business switches do not support PVST. I must use MST for multiple instances of spanning tree.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Decrypting SSL traffic in wireshark 7 28
The purpose of Root Bridge 7 28
Eigrp Router 5 46
discontiguous network and EIGRP 12 37
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now