Article ID: 5246
Products
DFE
Matrix E1
SecureStack C3
SecureStack C2
SecureStack B3
SecureStack B2
SecureStack A2
Protocols/Features
MSTP
Multiple Spanning Tree Protocol
Standards
802.1s
Goals
Configure 802.1s to load share
Use separate STP path for each VLAN
Sample configuration
Symptoms
Spanning tree blocks all VLANs on one link
Cause
The above-stated products by default operate with 802.1s Multiple Spanning Tree Protocol active ('show spantree version') but unconfigured, with the net result that it behaves like 802.1w Rapid Spanning Tree Protocol.
However, in order to utilize MSTP's unique advantages it is necessary to perform some degree of MSTP configuration, as explained below.
Solution
Please refer to
5389 for a lower-level discussion of 802.1s basics, as necessary.
This example assumes that it is desired to have two switches each supporting VLANs 2 and 3, with two ethernet paths between the switches such that each normally forwards for its own dedicated VLAN but remains available to support the other VLAN in the event that one of the paths fails. Further, for simplicity each switch is running in IVL Mode (
4918), so that VLAN=FID.
The relevant configuration of both switches is identical except for Bridge Priority and Port Priority.
VLAN Configuration
- On each switch, configure the redundant InterSwitch Links to egress the traffic VLANs, VLAN-tagged. This example shows only the configuration necessary for the ISLs, which function as 802.1Q Trunks for VLANs 2 and 3. Other designs are of course possible, but this plan allows for full traffic path redundancy in the event of failure of one of the ISLs:
Matrix>set vlan create 2,3
Matrix>clear vlan egress 1 fe.1.47-48
Matrix>set vlan egress 2 fe.1.47-48 tagged
Matrix>set vlan egress 3 fe.1.47-48 tagged
This largely agrees with what is described in 5038 for creating 802.1Q Trunks. Note that though VLAN 1 is used to provide the Common Spanning Tree (CST) path and for the interchange of MSTP BPDUs, this is not dependent upon VLAN 1 egress permissions. VLAN 1 may optionally also be used to support user traffic, or not. In this example, VLAN 1 is dedicated to BPDUs.
Basic MSTP Configuration
- On each switch, set a common MSTP Region name:
Matrix>set spantree mstcfgid cfgname myregion
- On each switch, create the desired MSTP instances (MSTIs, each with a unique SID), in this example adding two more spanning trees which represent two paths that will have their own loop detection and forwarding rules:
Matrix>set spantree msti 20 create
Matrix>set spantree msti 30 create
- On each switch, map each FID to a newly created SID:
Matrix>set spantree mstmap 2 20
Matrix>set spantree mstmap 3 30
- On each switch, check the results; noting that the "MST Configuration Identifier" shown in the output of the 'show spantree mstcfgid' command will be identical for all bridges which are to be members of the same MSTP Region:
Matrix>show spantree mstmap
Matrix>show spantree mstcfgid
Each VLAN is now mapped to its own spanning tree instance. However, though VLANs 2 and 3 are operating independently in terms of STP path computation, they are using the same rules and thus will be observed to block and forward in tandem, on the same side of the same links. The remainder of the configuration will adjust the forwarding rules so that each of the links will normally provide dedicated forwarding for its own VLAN but be available to accommodate the other VLAN should the alternate link go down.
Load-Sharing MSTP Configuration
- On each switch, adjust the Bridge Priority (4832) so that each switch will serve as Root Bridge for a different SID. On Enterasys devices, the default Bridge Priority is 32768 (0x8000). Configure the first switch with a lower priority for SID 20, so it will be the Root Bridge for VLAN 2:
Matrix>set spantree priority 4096 20
Configure the second switch with a lower priority for SID 30, so it will be the Root Bridge for VLAN 3:
Matrix>set spantree priority 4096 30
As configured, if the two port 47s are cross-attached and the two port 48s are cross-attached; then port 47, being the lowest port on each bridge, will be preferred as the forwarding path for each VLAN. Thus, though VLAN 2 will block on one side of the link and VLAN 3 will block on the other side, the setup is not yet load sharing. Here this may be corrected - forcing each VLAN to forward on a dedicated link - if the connections are swapped to derive two port-47-to-port-48 cross-attachments. Rather than swapping the cables, the following configuration performed on one of the switches will have the same effect on the spanning tree topology.
- On one switch, adjust the Port Priority so that the Designated Port role will be swapped. On Enterasys devices, the default Port Priority is 128 (0x80). Configure the first switch with a lower priority for port 48, so it will be the Designated Port for VLAN 2:
Matrix>set spantree portpri fe.0.48 16 sid 20
Note: Spanning Tree election/precedence rules (4734) for MSTP are the same as those for RSTP, except that they are granular to individual SIDs (Spanning Tree instances) rather than to the single Spanning Tree instance running on a RSTP bridge. Thus, you may not only adjust Bridge Priority and/or Port Priority as shown above, but for more complicated scenarios you may also adjust Path Cost ('set spantree adminpathcost sid ') on individual or all SIDs, as desired.
When the two switches are interconnected using ports fe.1.47-48, the actions of MSTP will block one of the links for VLAN 2 and will block the other for VLAN 3, leaving only the Root Bridge for each VLAN forwarding traffic for that VLAN. If one of the links is removed, both VLANs will forward over the remaining link; and if the link is restored, each VLAN will again isolate to its individual dedicated path.
As necessary,
Contact Enterasys Networks Technical Services for further configuration assistance.