Add VLAN to trunk causes switch to drop

  • 0
  • 1
  • Problem
  • Updated 1 year ago
  • Solved
Hi all,

I've got two switches separated by about 7 miles of fiber and an Internet link at each site. I need a certain number of VLANs to extend between the sites for HA purposes.

VLANs: tagged 243, 923-925, 927, 1000, untagged 4040

All of these VLANs span the trunk no problem except for 927. When I apply 927 the distant switch drops. When I remove 927, it comes back.

Spantree is applied and enabled at the HA site, but not the main site. Where do I need to look to solve this problem?
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Patrick Voss

Patrick Voss, Alum

  • 11,594 Points 10k badge 2x thumb
Hello Terren,

Would you elaborate on the switch drops? Do you lose communication through ALL the VLANs once 927 is added?
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
Yeah. The switch basically drops from the network.
Photo of Nick Yakimenko

Nick Yakimenko

  • 2,478 Points 2k badge 2x thumb
What is in the logs of both switches?
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
Mar 13 22:29:04 10.40.40.253 LinkTrap[11]Interface vlan.0.1000 is Down.
Mar 13 22:29:04 10.40.40.253 Spantree[11]Receive Event: Multiple BPDU sources received on Port = tg.11.1, BPDU Bridge MAC = 20:b3:99:57:d4:e8 Port = 338 Prior Bridge MAC = cc:f9:54:27:0e:3d Port = 2309
Mar 13 22:29:04 10.40.40.253 LinkTrap[11]Interface vlan.0.4040 is Down.
Mar 13 22:29:04 10.40.40.253 Spantree[11]Receive Event: Multiple BPDU sources received on Port = tg.11.2, BPDU Bridge MAC = cc:f9:54:27:0e:3d Port = 2309 Prior Bridge MAC = 20:b3:99:57:d4:e8 Port = 337
Mar 13 22:29:04 10.40.40.253 System[11]Reconnect attempted for logging server 1 (10.0.200.216)
Mar 13 22:56:16 10.40.40.253 LinkTrap[11]Interface tg.11.2 is Down.
Mar 13 22:56:16 10.40.40.253 Spantree[11]Multiple BPDU sources received condition has been cleared for Port = tg.11.2
Mar 13 22:56:16 10.40.40.253 System[11]Reconnect attempted for logging server 1 (10.0.200.216)
Mar 13 22:56:35 10.40.40.253 LinkTrap[11]Interface tg.11.1 is Down.
Mar 13 22:56:35 10.40.40.253 Spantree[11]Multiple BPDU sources received condition has been cleared for Port = tg.11.1
Mar 13 22:56:40 10.40.40.253 LinkTrap[11]Interface tg.11.1 is Up.
Mar 13 22:59:03 10.40.40.253 LinkTrap[11]Interface tg.11.1 is Down.
Mar 13 22:59:05 10.40.40.253 LinkTrap[11]Interface tg.11.2 is Up.
Mar 13 23:01:09 10.40.40.253 System[11]PoE Mode button has been activated.
Mar 13 23:01:44 10.40.40.253 LinkTrap[11]Interface tg.11.1 is Up.
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
This is a snippet of the logs from the HA site switch. The primary site switch does not show any related logs.
(Edited)
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Do you have spangaurd on or adminedge turned on?  Also, what hardware and code are you running at each site?   Also, what version.  Take a look at this, depending on what you are running.

https://community.extremenetworks.com/extreme/topics/connecting-s-series-with-x450-g2-rstp-error-mul...
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
When you run the command show spantree debug port *.*.* active 

send a screen shot.. look for a high number of tx bpdu's


Also, read this:

http://documentation.extremenetworks.com/EOS_Config/S-K-Series/S-K-7100_Configuration_Guide/c_multis...
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Also, another good command is, show spantree stats active

See if there is anything being blocked already etc... 
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
STP Diagnostic Port Counters for SID 0 Port tg.11.1
------------------------------------------------------------
Message Expiration Count - 0
Invalid BPDU Count - 0
Disputed BPDU Count - 2209
STP BPDU Rx Count - 0
STP BPDU Tx Count - 0
STP TCN BPDU Rx Count - 0
STP TCN BPDU Tx Count - 0
STP TC BPDU Rx Count - 0
STP TC BPDU Tx Count - 0
RST BPDU Rx Count - 2209
RST BPDU Tx Count - 0
RST TC BPDU Rx Count - 0
RST TC BPDU Tx Count - 0
MST BPDU Rx Count - 3544
MST BPDU Tx Count - 2295794
MST CIST TC BPDU Rx Count - 0
MST CIST TC BPDU Tx Count - 11
SPT BPDU Rx Count - 0
SPT BPDU Tx Count - 0
SPT TC BPDU Rx Count - 0
SPT TC BPDU Tx Count - 0
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
SID Port State Role Cost Priority
--- ---------- ---------------- ----------- -------- --------
0 tg.11.1 Forwarding Designated 20000 128
0 tg.11.2 Blocking Backup 20000 128
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
We may be barking up the wrong spantree here. It doesn't make much sense to me why 927 has problems, but the other six VLANs are fine.
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
I administratively set the second interface on the HA site switch to disable. Then I applied 927 to the trunk to the main interface with the same result. I feel like this isn't necessarily a spantree problem (it still could be). Here's the log buffer for the event:

Apr 4 15:36:11 10.40.40.253 LinkTrap[11]Interface tg.11.2 is Down. (This is when I admin down'd the port)
Apr 4 15:36:40 10.40.40.253 Spantree[11]Receive Event: Multiple BPDU sources received on Port = tg.11.1, BPDU Bridge MAC = cc:f9:54:27:0e:3d Port = 2309 Prior Bridge MAC = 20:b3:99:57:d4:e8 Port = 338
Apr 4 15:36:40 10.40.40.253 LinkTrap[11]Interface vlan.0.1000 is Down.
Apr 4 15:36:40 10.40.40.253 LinkTrap[11]Interface vlan.0.4040 is Down.
Apr 4 15:36:40 10.40.40.253 OSPF[11]Router global: OSPF: NBR 10.40.40.251 transitioned from FULL to DOWN
Apr 4 15:36:40 10.40.40.253 OSPF[11]Router global: OSPF: NBR 10.40.40.252 transitioned from FULL to DOWN
Apr 4 15:36:40 10.40.40.253 OSPF[11]Router global: OSPF: invalid route discarded - dest 127.0.0.0
Apr 4 15:36:41 10.40.40.253 Emanate[11.SNMPagent]Sr_send_inform: invalid transport
Apr 4 15:36:53 10.40.40.253 LinkTrap[11]Interface vlan.0.1000 is Up.
Apr 4 15:36:53 10.40.40.253 LinkTrap[11]Interface vlan.0.4040 is Up.
Apr 4 15:36:54 10.40.40.253 OSPF[11]Router global: OSPF: Packet dropped - vlan.0.4040 cfg error - src ip 10.40.40.251 - BAD PACKET
Apr 4 15:36:55 10.40.40.253 OSPF[11]Router global: OSPF: NBR 10.40.40.252 transitioned from LOADING to FULL
Apr 4 15:37:03 10.40.40.253 OSPF[11]Router global: OSPF: NBR 10.40.40.251 transitioned from LOADING to FULL
Apr 4 15:37:08 10.40.40.253 OSPF[11]Router global: OSPF: invalid route discarded - dest 127.0.0.0
Apr 4 15:37:09 10.40.40.253 Spantree[11]Multiple BPDU sources received condition has been cleared for Port = tg.11.1
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Does this number keep going up:

Disputed BPDU Count - 2209
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
2296 this morning.
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
Update: one of the MACs that was in the Multiple BPDU message belongs to an Avaya device. Compass shows me that MAC on the uplink port between the main site switch and another switch with the Address Type MAC and Filter ID 927. Also, this MAC is on tg.11.3 of the HA site switch with the Address Type BPDU, Filter ID 927, and VLAN ID 927.
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
How do you have STP configured on that Avaya device?  Is it running STP or is it broadcasting out BPDUs of its own with itself labeled as the root bridge? 

I am suspecting it is some weird STP config on a device.
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
I've opened a GTAC case. The Avaya MAC is only showing up on one uplink interface and a disabled port with nothing connected.
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Weird.. do share the results! 
Photo of Drew C.

Drew C., Community Manager

  • 40,072 Points 20k badge 2x thumb
Hi Terren, Do you have anything from GTAC that you can share with the group?
Photo of Terren Crider

Terren Crider

  • 1,564 Points 1k badge 2x thumb
Negative.  The resolution I'm pursuing is to institute a new VLAN to carry 927s current load.  It seems to work.  The true scope of the issue would likely involve a re-engineering of sorts.