S4 and SecureStack RSTP Spanning Tree Question

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Hi,

I have S4 as backbone and core of RSTP domain.

SYT_SRV_ROOM_S4_BACKBONE(su)->show spantree stats

Spanning tree status         - enabled
Spanning tree instance       - 0
Designated Root MacAddr      - 00-1f-45-a0-9a-5e
Designated Root Priority     - 4096
Designated Root Cost         - 0
Designated Root Port         - 0
Root Max Age                 - 20 sec
Root Hello Time              - 2  sec
Root Forward Delay           - 15 sec
Bridge ID MAC Address        - 00-1f-45-a0-9a-5e
Bridge ID Priority           - 4096
Bridge Max Age               - 20 sec
Bridge Hello Time            - 2  sec
Bridge Forward Delay         - 15 sec
Topology Change Count        - 1060
Time Since Top Change        - 00 days 09:57:54
Max Hops

I just connected a B5 to S4 with two cables.
SYT-SRVROOM-DMZ-B5-2(su)->show spantree stats
Spanning tree status       - enabled
Spanning tree instance     - 0
Designated Root MacAddr    - 00:1F:45:A0:9A:5E
Designated Root Port       - ge.1.46
Designated Root Priority   - 4096
Designated Root Cost       - 20000
Root Max Age               - 20
Root Hello Time            - 2
Root Forward Delay         - 15
Bridge ID MAC Address      - 00:1F:45:91:9E:E8
Bridge ID Priority         - 32768
Bridge Max Age             - 20
Bridge Hello Time          - 2
Bridge Forward Delay       - 15
Topology Change Count      - 477
Time Since Top Change      - 1 days 4:36:36
Max Hops                   - 20

What I want to ask is if I look port status on B5, I see one port is blocking one port is forwarding as expected:
SYT-SRVROOM-DMZ-B5-2(su)->show spantree stats port ge.1.45-46
 SID   Port         State              Role          Cost        Priority
 ---   ----------   ----------------   -----------   --------    --------
 0      ge.1.45      Discarding         Alternate     20000       128
 0      ge.1.46      Forwarding         Root          20000       128

But if I look the ports on S4 that connected to B5, I see both of them forwarding:

 SYT_SRV_ROOM_S4_BACKBONE(su)->show spantree stats port ge.2.35-36

SID   Port         State              Role          Cost        Priority---   ----------   ----------------   -----------   --------    --------
0     ge.2.35      Forwarding         Designated    20000       128
0     ge.2.36      Forwarding         Designated    20000       128

Is this expected or something is wrong with my STP setup?

Thanks,

Rahman
Photo of Rahman Duran

Rahman Duran

  • 2,012 Points 2k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Straw, Glyn

Straw, Glyn, Employee

  • 2,152 Points 2k badge 2x thumb
Hi Rahman, 

That is expected. The S is the root bridge and as such will forward. Only one end of the link has to block and it is never the root bridge end. 

Best Regards
Glyn
Photo of Rahman Duran

Rahman Duran

  • 2,012 Points 2k badge 2x thumb
Thanks for the quick answer :)
Photo of Straw, Glyn

Straw, Glyn, Employee

  • 2,152 Points 2k badge 2x thumb
you are welcome, happy spanning :-)
Photo of brad pitt

brad pitt

  • 60 Points
  • On N/S-Series, review command output from show spantree stats active to see "Topology change count" and "Time Since Top Change":
C5(su)-> show spantree stats  active
.
.
Topology Change Count      - 1
Time Since Top Change      - 0 days 2:01:58
Max Hops                   - 20
 SID   Port         State              Role          Cost        Priority
 ---   ----------   ----------------   -----------   --------    --------
 0      ge.1.46      Forwarding         Root          20000       128
  • On N/S-Series, review "show spantree debug port *.*.* active" to find if we have any high counts on the section "Ports with Received TC BPDUs" section:
S-Series(su)-> show spantree debug port *.*.* active
.
.
Ports with Received TC BPDUs         Count
------------------------------------------------------------
ge.2.2                                  107
ge.2.40                                 5
  • On N/S-Series and Securestack, review the same show spantree debug port *.*.* active output to look for any type of TC or TCN received, or invalid / disputed or Message expiration  to help trace down any problematic ports:​
C5(su)-> show spantree debug port *.*.* active

STP Diagnostic Port Counters for SID 0 Port ge.1.46
---------------------------------------------------------
Port Role                  - Root
Message Expiration Count   - 0
Invalid BPDU Count         - 0
STP BPDU Rx Count          - 0
STP BPDU Tx Count          - 0
STP TCN BPDU Rx Count      - 0
STP TCN BPDU Tx Count      - 0
STP TC BPDU Rx Count       - 907
STP TC BPDU Tx Count       - 34
RST BPDU Rx Count          - 0
RST BPDU Tx Count          - 0
RST TC BPDU Rx Count       - 0
RST TC BPDU Tx Count       - 0
  • On N/S-Series, enable movedaddrtrap logging on all ports to determine if any type of loop is occurring, then review moved mac addresses through logging buffer:
S-Series(su)-> set movedaddrtrap enable
S-Series(su)-> set movedaddrtrap *.*.* enable
S-Series(su)-> show logging buffer

AddrNtfy[1]MAC: 00-11-22-33-44-55: moved to port lag.0.4, FID 1 
AddrNtfy[1]MAC: 00-11-22-33-44-55: moved to port lag.0.4, FID 1 
AddrNtfy[1]MAC: 00-11-22-33-44-55: moved to port ge.1.22, FID 1
  • Look for the same mac address moving to different ports, which at a slow rate of creation may be normal such as roaming wireless users
  • Moved mac addresses at a rapid rate and not with wireless client mac addresses would typically indicate an issue
  • On SecureStacks, It may be useful to elevate logging level of STP if on 06.42.xx code or earlier as we did not introduce spantree debug commands until 06.61.xx code:
  • On SecureStack switches the following commands provide 3 State changes of Discarding, Learning and Forwarding, and the commands are not STP changes but port state changes due to link down / link up
  • On SecureStack switches when using the same logging commands, you will still see the messages below but when a Topology Change Notification has happened, one of the messages would include a "TCN" signifying a Topology Change Notification at the end of the log.
C5(su)-> set logging default severity 8
C5(su)-> set logging application STP level 8
C5(su)-> show logging buffer

This is from manager 1 %% Setting Port(33) instance(0) State: DISCARDING
This is from manager 1 %% Setting Port(33) instance(0) State: LEARNING
This is from manager 1 %% Setting Port(33) instance(0) State: FORWARDING
Photo of Ole

Ole

  • 330 Points 250 badge 2x thumb
When both ports from the B5 are connected to the S4 you can configure link aggregation between both devices. With this configuration both connections are active and you do not need RSTP!

Regards
Ole