Solved: Loop prevention and spaning tree config

danletkeman · ‎08-08-2009

Hello,

I'm trying to setup a redudant path within our network from one location to our isp. I'm not very familiar with spanning-tree and i'm wondering if I could get some insight as to what options i need to look into to make sure i have no loop's, storms or stp issues.

I have attached a diagram to show what i want to do. Currently the traffic goes from location 20 to our isp via the green line. I want to use the yellow line if the connection between location 24 and 30 is down.

All links are configured as trunk ports with spanning-tree portfast trunk on.

I'm trunking vlan 800 from location 20 to 24 then to 30. If I trunk vlan 800 from location 24 to 18 to 14 and then to 30 it flap's.

Thanks,

Dan.

Jon Marshall · ‎08-09-2009

Dan

STP should work out the topology for you. However you should not have "spanning-tree portfast trunk" configured on the trunk links.

That command allows the trunk port to being forwarding immediately which is absolutely what you don't want. The command is really designed for servers that are running 802.1q trunks to switches.

So please remove that line from your configurations. When you do add additional vlans to trunk links then be aware they may be a small interruption to that vlans traffic while STP works things out for you.

Jon

View solution in original post

Jon Marshall · ‎08-09-2009

Dan

STP should work out the topology for you. However you should not have "spanning-tree portfast trunk" configured on the trunk links.

That command allows the trunk port to being forwarding immediately which is absolutely what you don't want. The command is really designed for servers that are running 802.1q trunks to switches.

So please remove that line from your configurations. When you do add additional vlans to trunk links then be aware they may be a small interruption to that vlans traffic while STP works things out for you.

Jon

danletkeman · ‎08-09-2009

Thank you, I will give that a try today.

Dan.

danletkeman · ‎08-10-2009

Jon,

That didn't seem to work. I removed the spanning tree portfast commands from any trunk links and tried to let spanning tree take care of it, but the vlan's are still flapping.

Jon Marshall · ‎08-11-2009

Dan

Can you provide some more details -

1) what error messages are you seeing

2) do the vlans continue to flap after 1 minute

3) What commands are you using

Jon

danletkeman · ‎08-16-2009

Ok. Some revision to my first problem.

I want to have vlan 800 allowed on all of the trunk links in the diagram.

Currently the traffic flows from location 20 to the isp and from location 2 to the isp.

The vlan continutes to flap for longer than one minute and never stops.

All of the trunk ports look like this appart from different native and allowed vlan's.

switchport trunk encapsulation dot1q

switchport trunk native vlan 505

switchport trunk allowed vlan 505,800,184

switchport mode trunk

I tried setting switch 24 to be the root for vlan 800 and that didn't help the flapping.

Any other ideas?

danletkeman · ‎08-16-2009

It looks like the port connected to the isp (mac address 001d.71ef.9000) is the one giving me trouble:

1w5d: %SW_MATM-4-MACFLAP_NOTIF: Host 001d.71ef.9000 in vlan 800 is flapping bet

ween port Fa0/1 and port Fa0/2

I see that message on the switches always from the same mac address and the respective ports is flapping on.

Looks like spanning tree is working now between locations, 20,1,24,2,18,14, but not 30, which is the one connnected to the isp

This is the config from the three ports used at location 30:

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 531

switchport trunk allowed vlan 531,800,814

switchport mode trunk

!

interface FastEthernet0/2

switchport trunk encapsulation dot1q

switchport trunk native vlan 532

switchport trunk allowed vlan 532

switchport mode trunk

!

interface FastEthernet0/3

description ISP

switchport access vlan 800

switchport mode access

srr-queue bandwidth limit 20

no cdp enable

service-policy input mlimit

Marwan ALshawi · ‎08-16-2009

which switch is the root switch for vlan 800 ?

ok try this i will assum switch 24 is the root switch for vlan 800

and you dont need to block vlan 800 unles u want to !!

on aswitch 20 you can do the folloing

int fa ***link between switch 20 and 1

Switch(config-if)#spanning-tree vlan 800 cost 100

on witch 24 in the link between switch 24 and 2

Switch(config-if)#spanning-tree vlan 800 cost 100

now make sure the the cost from switch 24 trunk link of vlan 800 is less than frm switch 24>18>14

and mak esure the path cost of vlan 800

from 24>18>14>30

is less than the path cost 24>>218>14>30

good lcuk

danletkeman · ‎08-16-2009

No go. I have set the trunk links between 30-14 and 14-18 to a cost of 100 on both sides. The links between 24-1 and 24-18 have a cost of 50 on each switch and the links between 20-1, 2-18, 2-24, 20-24, 24-30 all have the default cost of 19 and it's still flapping.

Switch 24 is the root for vlan 800.