STP Topology Change and Loop

One of the more common ways that it occurs hinted at by Pre above.  This generally consists of a helpful "Computer Guy" in a remote site getting the bright idea to add a hub or commodity switch to expand port density in an office space and then go the extra mile and uplink the switch across multiple ports for redundancy or a "high speed" uplink.  Interestingly, this potentiality makes the case for configuring port-security on switchports regardless of a perceived access control need.

The long and the short of it is that a loop can occur anytime that two or more separate paths exist into a switch within a switching fabric and those paths are not proactively identified and managed up front.

Unmanaged switch or hub still in most of the cases would not case loop (unless hub or unmanaged switch would not be connected to itself). BPDUs would still could be sent and received be unmanaged switches, so that situation itself would not cause network loop (STP and RSTP can deal with that situation). RSTP for network segment connected via hub has special port role (backup port), although there is no special role in STP for this case, STP can still "deal with it" without any issues.
Hub and unmanaged switch will just forward BPDUs and BPDUs will be received on other managed switch (as there is no switch in between, as there is just network cable) and configure port according to general STP rules into proper port state/role.

If ports are running bpdu filtering, then bpdu's are not going to be generated down the link so loop is not seen by STP.  I've had three instances in my current environment alone with the end result being panicked calls to our staff due to a remote site dropping out when broadcast storm ensues.  I readily admit that open loops are not as regularly encountered as in the past but they are still a very real possibility, especially in environments where control is distributed or change managment processes are not a common philosophy.

I am referring to hubs and unmanaged switches, since those do not prevent or filter BPDUs in any way. In what is described above would mean that managed switch is filtering BPDUs and the same would happen even if there is no hub or unmanaged switch in topology.

gotcha Pre - now that we've completely confused jskfan.......

since I do not have Fiber links to Simulate STP Loop. Is there another way to simulate a Loop ?

Sorry for taking time to get back..I was busy..


Atlas,

I followed your code here below, on 2 switches connected to each other:
mode access
spanning tree portfast
spanning tree bpdufilter enable


I  set debug spanning-tree all on one Switch. I got the Output below. SO it is hard to tell if there is a LOOP , by just looking at the Debug Output.

*Apr 20 10:06:49.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0111 type/len 0026
*Apr 20 10:06:49.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/1
*Apr 20 10:06:49.971:     42 42 03 SPAN
*Apr 20 10:06:49.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:49.971:     B:8001 aabb.cc00.0100 80.22 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:49.971: STP: VLAN0001 Et1/1 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8022 0000 1400 0200 0F00
*Apr 20 10:06:49.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0121 type/len 0026
*Apr 20 10:06:49.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/2
*Apr 20 10:06:49.971:     42 42 03 SPAN
*Apr 20 10:06:49.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:49.971:     B:8001 aabb.cc00.0100 80.23 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:49.971: STP: VLAN0001 Et1/2 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8023
Switch# 0000 1400 0200 0F00
*Apr 20 10:06:49.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0131 type/len 0026
*Apr 20 10:06:49.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/3
*Apr 20 10:06:49.971:     42 42 03 SPAN
*Apr 20 10:06:49.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:49.971:     B:8001 aabb.cc00.0100 80.24 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:49.971: STP: VLAN0001 Et1/3 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8024 0000 1400 0200 0F00
Switch#
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0110 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et0/1
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.02 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et0/1 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8002 0000 1400 0200 0F00
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0120 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et0/2
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.03 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et0/2 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8003 0000 1400 0200 0F00
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0130 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et0/3
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.04 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et0/3 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8004 0000 1400 0200 0F00
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0101 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/0
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.21 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et1/0 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8021 0000 1400 0200 0F00
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0111 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/1
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.22 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et1/1 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8022 0000 1400 0200 0F00
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0121 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/2
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.23 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et1/2 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8023
Switch# 0000 1400 0200 0F00
*Apr 20 10:06:51.971: STP SW: TX: 0180.c200.0000<-aabb.cc00.0131 type/len 0026
*Apr 20 10:06:51.971:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/3
*Apr 20 10:06:51.971:     42 42 03 SPAN
*Apr 20 10:06:51.971:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:51.971:     B:8001 aabb.cc00.0100 80.24 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:51.971: STP: VLAN0001 Et1/3 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8024 0000 1400 0200 0F00
Switch#
*Apr 20 10:06:53.975: STP SW: TX: 0180.c200.0000<-aabb.cc00.0110 type/len 0026
*Apr 20 10:06:53.975:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et0/1
*Apr 20 10:06:53.975:     42 42 03 SPAN
*Apr 20 10:06:53.975:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:53.975:     B:8001 aabb.cc00.0100 80.02 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:53.975: STP: VLAN0001 Et0/1 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8002 0000 1400 0200 0F00
*Apr 20 10:06:53.975: STP SW: TX: 0180.c200.0000<-aabb.cc00.0120 type/len 0026
*Apr 20 10:06:53.975:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et0/2
*Apr 20 10:06:53.975:     42 42 03 SPAN
*Apr 20 10:06:53.975:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:53.975:     B:8001 aabb.cc00.0100 80.03 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:53.975: STP: VLAN0001 Et0/2 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8003 0000 1400 0200 0F00
*Apr 20 10:06:53.975: STP SW: TX: 0180.c200.0000<-aabb.cc00.0130 type/len 0026
*Apr 20 10:06:53.975:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et0/3
*Apr 20 10:06:53.975:     42 42 03 SPAN
*Apr 20 10:06:53.975:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:53.975:     B:8001 aabb.cc00.0100 80.04 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:53.975: STP: VLAN0001 Et0/3 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8004 0000 1400 0200 0F00
*Apr 20 10:06:53.975: STP SW: TX: 0180.c200.0000<-aabb.cc00.0101 type/len 0026
*Apr 20 10:06:53.975:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/0
*Apr 20 10:06:53.975:     42 42 03 SPAN
*Apr 20 10:06:53.975:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:53.975:     B:8001 aabb.cc00.0100 80.21 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:53.975: STP: VLAN0001 Et1/0 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8021 0000 1400 0200 0F00
*Apr 20 10:06:53.975: STP SW: TX: 0180.c200.0000<-aabb.cc00.0111 type/len 0026
*Apr 20 10:06:53.975:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/1
*Apr 20 10:06:53.975:     42 42 03 SPAN
*Apr 20 10:06:53.975:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:53.975:     B:8001 aabb.cc00.0100 80.22 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:53.975: STP: VLAN0001 Et1/1 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC000100 00000000 8001AABBCC000100 8022 0000 1400 0200 0F00
*Apr 20 10:06:53.975: STP SW: TX: 0180.c200.0000<-aabb.cc00.0121 type/len 0026
*Apr 20 10:06:53.975:     encap 802.1Q vLAN linktype ieee-st vlan 1 len 64 on v1 Et1/2
*Apr 20 10:06:53.975:     42 42 03 SPAN
*Apr 20 10:06:53.975:     CFG P:0000 V:00 T:00 F:00 R:8001 aabb.cc00.0100 00000000
*Apr 20 10:06:53.975:     B:8001 aabb.cc00.0100 80.23 A:0000 M:1400 H:0200 F:0F00
*Apr 20 10:06:53.975: STP: VLAN0001 Et1/2 tx BPDU: config protocol=ieee
    Data : 0000 00 00 00 8001AABBCC0

Select allOpen in new window

I just setup 3 Switches in triangle topolgy

SW1 is the Root Bridge
SW2 has a Root port and Des Port
SW3 has Root Port and Alternate(BLK) port.

I configured spanning tree bpdufilter enable on SW2 interface facing the SW3 Alternate port.

the way I realized that there is a loop was when I ran the command : Show spanning-tree on every switch, I have not seen any blocked port.
That means there is a LOOP

Thank you