cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
410
Views
0
Helpful
5
Replies

argu on spanning tree secondary ROOT bridge in flat VLAN topology

christianpho
Level 1
Level 1

Hi !

In our IT team we have different point of views on how we should configure STP at some of our sites.

Let explain me :

All our critical sites (spoke sites) are connected with a STP loop topology to allow a redundant path in case a link fail.

All our servers/services are centralized at a hub site. Our SLA for critical sites is to provide 24h/7d support.

The WAN link connection is always connected on port 1 on the root or master switch. If we have a redundant link, it would be connected on the 1 first port on a second switch.

Each spoke site has the main switch forced/elected as a root for Spanning tree topology, but no switch is actually configured as a backup root. In case where the primary root fail (official one), a new switch will be elected as the root but my concern is that the new topology formed might not be always predictive or optimum.

Just for precision, we don't want to load balance trafic between those 2 links, on those site we have only one VLAN and it's not on our planning to change this at this time.

Based on lectures of the BCMSN Certification exam, my understanding was that we have advantages to define a second switch as a secondary root to maintain the service.

Someone in our IT team thinks that forcing a second switch of each site make STP more difficult to troubleshoot. In his mind, the replacement of the primary switch is a simple matter of hours and it is not worth spending time or resource on STP tuning.

Do you have any arguments, opinions or thoughts to share on this topic ?

5 Replies 5

ralphcarter
Level 1
Level 1

SO if you have 2 switches (switch1 & switch2)at your "HUB Site" connected to each other, trunked to carry vlans, One of these switches is configured as the ROOT for the vlans in question.

SiteA aka spokeA connects into "HUB Site" switch1 (on port1) and connects to switch2 on (port1)

By setting switch1 as root primary and switch2 as root secondary, the redundant link from SiteA will be in blocked state.

If Switch1 ever fails, STP will reconverge and utilize the redundant link into switch2(it will be ROOT now)

If you dont set switch2 as the "root secondary" then its highly possible that another switch on the vlan will be chosen as root if switch1 fails and your traffic will be not optimal.

To ensure OPTIMAL traffic, make sure your central switches, in this case switch1 & switch2 to be "root primary" and "root secondary" respectivly.

STP is not that hard to configure and tune if well understood.

CCIE 26175
www.techsnips.com

I think you can have root guard option enable to reserve the primary & secondary root roles respective to switch 1 & 2 in STP.

Ralph.. what are your views on this..

Bhupesh

Well, if you dont enable "root secondary" on the second switch you would have to enable "root guard" on all ports connecting into these switches and if a failure occurs, you can kill your whole network by putting all these ports into "root inconsistent state" which you will have to manually re-enable. Too much of a headache!

But if you do setup "root secondary" for the second switch, you can use "root guard". It will protect your "Hub site" from losing "root" status.

CCIE 26175
www.techsnips.com

Hi !

It was my understanding also, but one thing I had forgot in my first explanation, we are sure if the actual root failed we will have loop free network. (all of them are connected in one big loop form, if one switch failed the network will become loop free)

But, if I know my new root switch was elected by something else then is't MAC address when I will replace my defective one I know I will able to replace my defective device and avoid my network reconverge at this time. (I know I will not able to recreate my loop layer 2 and avoid lost some part of the network)

Hi !

It was my understanding also, but one thing I had forgot in my first explanation, we are sure if the actual root failed we will have loop free network. (all of them are connected in one big loop form, if one switch failed the network will become loop free)

But, if I know my new root switch was elected by something else then is't MAC address when I will replace my defective one I know I will able to replace my defective device and avoid my network reconverge at this time. (I know I will not able to recreate my loop layer 2 and avoid lost some part of the network)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: