cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1458
Views
10
Helpful
11
Replies

MSTP and many switches and vlans

ian.mac
Level 1
Level 1

Hi All,

We have a network of about 35 edge switches with 2 6500 aggregation switches.

Each edge switch connects to both agg switches at layer2.

We have about 250 vlans, and any vlan could be on any switch.

We are intending to move to MSTP but I seem to have a conceptual problem.

I understand that switches must agree about vlan to MSTI mapping.

I do not currently need the load balancing, so was planning an single instance.

Do I actually need ALL vlans to exist on ALL switches though.

ie if I do not need a vlan on a switch can I prune it, or will that make MSTP break?

Having to have all vlans on all switches is an admin nightmare.

Thanks

11 Replies 11

Hi,

hm, good question.

first of all, do you mean that you have on different switches different set of VLAN?

As I understand it's not the best design, but anyway. may be it would be better to configure the same set of VLANs on all switches (with VTP eg.) and manually remove certain VLANs from the trunks where those VLANs are not needed.

back to MST, as I understood the MST will not break if some of VLANs in MSTI mapping don'T exist. if you have a look into sh span mst config, you will see something like

Instance Vlans mapped

0 1-4096

it doesn't necessary to have all 4096 VLANs on the switch.

Hi Konstantin,

Thanks for the reply.

Yes, I mean that vlans are in effect randomly distributed across switches.

(we are in a ISP datacentre environment here, a vlan translates to a customer, and they may be on 1 or more switches)

You say :-

back to MST, as I understood the MST will not break if some of VLANs in MSTI mapping don'T exist. if you have a look into sh span mst config, you will see something like

Instance Vlans mapped

0 1-4096

it doesn't necessary to have all 4096 VLANs on the switch.

That's is what I would like it to be, but I cannot get a firm answer from anybody.

This is a multi-vendor environment, and the other vendor seems to be saying the same thing, but it is unclear for that final leap from "MST's must agree on all vlans" to "that means all vlans must exist and be trunked everywhere"

I totally understand the "MST's must agree" and when I lab it, if I have different vlans in different MSTI's the switches disagree and you get regions.

On both Cisco and the other vendor a show command show all 4094 vlans as belonging to the MST instance, whether those vlans exist or not.

MST seems happy, it is just a question of will it lead to bad things happening

Thanks

hm, it's quite interesting.

I'd suggest to wait and see what Cisco's internal experts can say about.

or open a TAC ticket.

Hi,

In a good layer-2 design, your all the vlans should be on all the switches and mapped to the same MST instance. It can work without it but is not a good design and you might see some unexpected effects during the network operation which is not good for the network health. Please ensure that trunks carry all of the VLANs mapped to an instance or do not carry any VLANs at all for this instance.

HTH,

-amit singh

Hi Amit,

thanks for replying.

So are you saying that pruning vlans is a bad idea and not recommended by Cisco?

I am not trying to be awkward here or put words into your mouth, I just need to be absolutely clear, so that if we see problems in the future and TAC say "why are you doing that" we are doing it correctly.

Given that we have hundreds of vlans and over 30 switches (and growing all the time) and any given switch might only have 10 or 20 vlans with active edge ports, having to create all vlans everywhere and tag appropriately is a pain

thanks

hm, if you have 20-30 VLANs per switch I woudn't implement the MST :).

We do the MST because we have more then 65 VLANs on each switch, but the access switches (like 2970) don't support more then 64 PVST instances.

We need MSTP as it is a multivendor network, and Cisco does not do standard RSTP (not rapid per vlan)

We had a problem where the cisco were doing MSTP and the other vendor RSTP and this where these questions have come from.

hm, I faced some problem that come from the fact that some cisco IOS supports only "pre-standart" RSTP, but if you configure an options something like "spanning-tree rstp pre-standart" then cisco tries to adopt somehow the BPDUs to the version of RSTP which runs on the other side.

sorry if my explanation not quite clear :).

Nope, removing the vlans of the trunk ports is not a bad idea. For removing the specific vlans on the trunk ports you have to have all those vlans locally on the switches. If you dont have the vlans configured on the switches, no need to prune. In your current toplogy if you are mapping some vlans on the switches to a particular MST instance and pruning is required then make sure that you have trunk ports configured with the identical pruning configuration for the vlans.

If only 10-20 vlans are there, I would agree to the above poster that you should be fine with the PVST+ running in your current topology. If you really need to run MSTP, I would suggest to have an identical toplogy view as far as the STP root bridge is concerned and all the switches should be configured identically and then use trunk prunning as required.

HTH,

-amit singh

Francois Tallet
Level 7
Level 7

MST compute up to 65 different spanning tree instances. Practically, it means that you can have up to 65 different topologies in your network. Those topologies are computed by MST *irrespective* of the vlans. Just think of MST as a control plane, a routing protocol.

Now traffic is flowing on vlans (that's your data plane if you want). When MST has determined that port P must block for instance X, we need to translate this state in terms of vlan. That's where the vlan to instance mapping is used. The switch can derive from the vlan to instance mapping which vlans are affected when MST has determined that instance X must block on port P. For example, if vlan 1-100 are mapped to instance X, the switch will block vlan 1-100 on port P. It does not mean that all the vlan 1-100 have to be created. It means that whatever exist in the range 1-100 will be blocked.

In the MST configuration, all the vlans are mapped to a single MST instance. By default, all the vlans are mapped to instance 0. It means that all the vlans will follow the unique topology computed in the network. Basically, MST with default configuration = RSTP.

So Ian, no problem. Just use MST with no configuration and you have RSTP (in the IEEE sense of the term, i.e. not Per Vlan RSTP). You don't need to create more vlan that you need. Btw, creating vlan is a Cisco stuff, because in PVST we run a spanning tree instance per vlan. It's expensive so we needed an administrative way to limit the number of instances running: that's where "creating" a vlan makes sense.

What Amit mentioned about enabling all your vlans across your network is a high level recommendation. In the IEEE world again, there is no concept of enabling/disabling vlans. All vlans exist (no problem because no PVST in the IEEE world;-) and unnecessary vlans are pruned by an additional control protocol like GVRP or MVRP (equivalent in Cisco world: VTP pruning). Also, in MST, we recommand to pay extra care when removing vlans from a trunks. See: http://www.cisco.com/warp/public/473/147.html#two_vlans_same. But doing otherwise is not an error as long as you know what you are doing.

Running MST still makes sense with 20-30 vlans. It's easier to interact with third party boxes running RSTP or MST this way. Also, with no configuration, MST is as simple as PVST.

Cisco came up with an implementation of the MST standard before it was finalized. That's why older software versions are "pre-standard". This is only a problem if you want to form a region between a third party device and a pre-standard MST switches. If you only need one instance (i.e. you only use instance 0), you don't need to form a region. So both standard and pre-standard versions of MST will work equally well for you.

Regards,

Francois

Hi Francois,

That is the exact answer I was hoping for :-)

We just wanted to be sure that just because MSTs between switches agreed on vlans, that whether the vlan actually existed on the switch at the layer 2 level made any difference.

I will now discuss this with our account team.

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: