cancel
Showing results for 
Search instead for 
Did you mean: 

S4 and SecureStack RSTP Spanning Tree Question

S4 and SecureStack RSTP Spanning Tree Question

Rahman_Duran1
New Contributor III
Hi,

I have S4 as backbone and core of RSTP domain.

SYT_SRV_ROOM_S4_BACKBONE(su)->show spantree stats

Spanning tree status - enabled
Spanning tree instance - 0
Designated Root MacAddr - 00-1f-45-a0-9a-5e
Designated Root Priority - 4096
Designated Root Cost - 0
Designated Root Port - 0
Root Max Age - 20 sec
Root Hello Time - 2 sec
Root Forward Delay - 15 sec
Bridge ID MAC Address - 00-1f-45-a0-9a-5e
Bridge ID Priority - 4096
Bridge Max Age - 20 sec
Bridge Hello Time - 2 sec
Bridge Forward Delay - 15 sec
Topology Change Count - 1060
Time Since Top Change - 00 days 09:57:54
Max Hops

I just connected a B5 to S4 with two cables.
SYT-SRVROOM-DMZ-B5-2(su)->show spantree stats
Spanning tree status - enabled
Spanning tree instance - 0
Designated Root MacAddr - 00:1F:45:A0:9A:5E
Designated Root Port - ge.1.46
Designated Root Priority - 4096
Designated Root Cost - 20000
Root Max Age - 20
Root Hello Time - 2
Root Forward Delay - 15
Bridge ID MAC Address - 00:1F:45:91:9E:E8
Bridge ID Priority - 32768
Bridge Max Age - 20
Bridge Hello Time - 2
Bridge Forward Delay - 15
Topology Change Count - 477
Time Since Top Change - 1 days 4:36:36
Max Hops - 20

What I want to ask is if I look port status on B5, I see one port is blocking one port is forwarding as expected:
SYT-SRVROOM-DMZ-B5-2(su)->show spantree stats port ge.1.45-46
SID Port State Role Cost Priority
--- ---------- ---------------- ----------- -------- --------
0 ge.1.45 Discarding Alternate 20000 128
0 ge.1.46 Forwarding Root 20000 128

But if I look the ports on S4 that connected to B5, I see both of them forwarding:

SYT_SRV_ROOM_S4_BACKBONE(su)->show spantree stats port ge.2.35-36

SID Port State Role Cost Priority--- ---------- ---------------- ----------- -------- --------
0 ge.2.35 Forwarding Designated 20000 128
0 ge.2.36 Forwarding Designated 20000 128

Is this expected or something is wrong with my STP setup?

Thanks,

Rahman
5 REPLIES 5

Straw__Glyn
Extreme Employee
Hi Rahman,

That is expected. The S is the root bridge and as such will forward. Only one end of the link has to block and it is never the root bridge end.

Best Regards
Glyn

When both ports from the B5 are connected to the S4 you can configure link aggregation between both devices. With this configuration both connections are active and you do not need RSTP!

Regards
Ole

  • On N/S-Series, review command output from show spantree stats active to see "Topology change count" and "Time Since Top Change":
C5(su)-> show spantree stats active . . Topology Change Count - 1 Time Since Top Change - 0 days 2:01:58 Max Hops - 20 SID Port State Role Cost Priority --- ---------- ---------------- ----------- -------- -------- 0 ge.1.46 Forwarding Root 20000 128
  • On N/S-Series, review "show spantree debug port *.*.* active" to find if we have any high counts on the section "Ports with Received TC BPDUs" section:
S-Series(su)-> show spantree debug port *.*.* active . . Ports with Received TC BPDUs Count ------------------------------------------------------------ ge.2.2 107 ge.2.40 5
  • On N/S-Series and Securestack, review the same show spantree debug port *.*.* active output to look for any type of TC or TCN received, or invalid / disputed or Message expiration to help trace down any problematic ports:​
C5(su)-> show spantree debug port *.*.* active STP Diagnostic Port Counters for SID 0 Port ge.1.46 --------------------------------------------------------- Port Role - Root Message Expiration Count - 0 Invalid BPDU Count - 0 STP BPDU Rx Count - 0 STP BPDU Tx Count - 0 STP TCN BPDU Rx Count - 0 STP TCN BPDU Tx Count - 0 STP TC BPDU Rx Count - 907 STP TC BPDU Tx Count - 34 RST BPDU Rx Count - 0 RST BPDU Tx Count - 0 RST TC BPDU Rx Count - 0 RST TC BPDU Tx Count - 0
  • On N/S-Series, enable movedaddrtrap logging on all ports to determine if any type of loop is occurring, then review moved mac addresses through logging buffer:
S-Series(su)-> set movedaddrtrap enable S-Series(su)-> set movedaddrtrap *.*.* enable S-Series(su)-> show logging buffer AddrNtfy[1]MAC: 00-11-22-33-44-55: moved to port lag.0.4, FID 1 AddrNtfy[1]MAC: 00-11-22-33-44-55: moved to port lag.0.4, FID 1 AddrNtfy[1]MAC: 00-11-22-33-44-55: moved to port ge.1.22, FID 1
  • Look for the same mac address moving to different ports, which at a slow rate of creation may be normal such as roaming wireless users
  • Moved mac addresses at a rapid rate and not with wireless client mac addresses would typically indicate an issue
  • On SecureStacks, It may be useful to elevate logging level of STP if on 06.42.xx code or earlier as we did not introduce spantree debug commands until 06.61.xx code:
  • On SecureStack switches the following commands provide 3 State changes of Discarding, Learning and Forwarding, and the commands are not STP changes but port state changes due to link down / link up
  • On SecureStack switches when using the same logging commands, you will still see the messages below but when a Topology Change Notification has happened, one of the messages would include a "TCN" signifying a Topology Change Notification at the end of the log.
C5(su)-> set logging default severity 8 C5(su)-> set logging application STP level 8 C5(su)-> show logging buffer This is from manager 1 %% Setting Port(33) instance(0) State: DISCARDING This is from manager 1 %% Setting Port(33) instance(0) State: LEARNING This is from manager 1 %% Setting Port(33) instance(0) State: FORWARDING

you are welcome, happy spanning 🙂

GTM-P2G8KFN