09-07-2008 08:55 PM - edited 03-06-2019 01:13 AM
Hi everyone, I'm having difficulty with etherchanneling. The situation is like this.
I'm using a Aruba WLAN controller to form a etherchannel with a Cisco switch. Two interfaces Gi5/1 and G5/2 are binded into Port channel 3. The channel mode is on so that neither PAGP nor LACP is used. This is the only link between the two devices and it only carries VLAN812. VLAN 812 is also trunked across the two Distribution switches, and no other devices contains this VLAN. The Aruba controller is STP enabled with the parameter of standard 15-2-20-32768.
The problem comes when I shut or unplug one linke, the other link will turned into Loop inconsistency mode and the whole channel goes down
Sep 5 12:45:48: %SPANTREE-SP-2-LOOPGUARD_BLOCK: Loop guard blocking port Port-channel3 on VLAN0812.
Sep 5 17:12:17: %SPANTREE-SP-2-LOOPGUARD_BLOCK: Loop guard blocking port Port-channel3 on VLAN0812.
This is a bit confusing as loop guard will only work on non-designated ports but the port Po3 is a root port:
ADMIN2>sh span vlan 812 | in Po3
Po3 Root FWD 3 128.835 P2p Peer(STP)
Can anybody give me some hint on why this is happening? Thanks!
09-08-2008 01:25 AM
Hello Mengdi,
a link on STP loop guard
STP BPDUs as all other traffic are subject to load balancing on the channel and they are sent out a single member link.
When you shut or unplug that link STP BPDUs are received on the other link.
It may be that loop guard is working on single links and so from this point of view a possible inconsistency is detected.
If the port-channel is the only link I would consider to remove the loop guard config.
Hope to help
Giuseppe
09-09-2008 02:51 PM
Loopguard will block the port if the designated port suddently stop sending BPDUs. On a channel, BPDUs are send on only one link. I can only guess one of many possibility for a problem, but maybe you are shutting down the port on which the aruba was sending BPDUs. Normally, it should eventually start sending BPDUs on the remaining port and maybe it does not (it would be a bug on their side).
That said, considering that you don't have any redundancy for this vlan at the level of STP (well, you have redundancy because of the channel, but STP will not block any port because there is no redundant link from its perspective), loopguard is not really adding anything to your config and you can remove it. Another possibility would be to make sure the cisco bridge is root (which would be roughly equivalent as disabling loopguard, the feature not being run on designated ports as you said;-)
Regards,
Francois
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide