Spanning-tree now producing a block in new IOS

Answered Question
Jan 12th, 2010
User Badges:

I have several Cisco Catalyst 3560 switches configured with multiple VLANs.  Originally I was running IOS c3560-I9-mz.122-20.se4 and when I attached a Cisco 3550 switch in a basically unconfigured state to one of the access ports on the 3560, it would connect and act like it was a dumb hub or switch attached.


I just updated the Cisco 3560 switches to IOS c3560-ipbasek9-mz.122-53.SE.  Now when I connect the 3550 switch to the 3560, I get the following on the console of the C3550:


  00:08:04: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk FastEthernet0/24 VLAN1.
00:08:04: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet0/24 on VLAN0001. Inconsistent port type.


Using something like a cheap Netgear 16 port 10/100 switch does not do this and works just fine.  However, I use the unconfigured 3550 switch as part of my traveling classroom setup and really need it to act as it did before so that I don't have to configure one of the ports as a trunk port and then chnage vlans on the switch each time I move to a new location with different vlans.


Any ideas on how I could do this?


Thanks.


Gene

Correct Answer by Jon Marshall about 7 years 6 months ago

GKEEL wrote:


I'll try the

switchport nonegoiate


Gene


Another option if this is used for training purposes is to turn off STP on vlan 1 on the 3550 ie.


no spanning-tree vlan 1


however you obviously need to be very careful if you do this ie. you could bring the network down.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Tue, 01/12/2010 - 12:20
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

GKEEL wrote:


I have several Cisco Catalyst 3560 switches configured with multiple VLANs.  Originally I was running IOS c3560-I9-mz.122-20.se4 and when I attached a Cisco 3550 switch in a basically unconfigured state to one of the access ports on the 3560, it would connect and act like it was a dumb hub or switch attached.


I just updated the Cisco 3560 switches to IOS c3560-ipbasek9-mz.122-53.SE.  Now when I connect the 3550 switch to the 3560, I get the following on the console of the C3550:


  00:08:04: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk FastEthernet0/24 VLAN1.
00:08:04: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet0/24 on VLAN0001. Inconsistent port type.


Using something like a cheap Netgear 16 port 10/100 switch does not do this and works just fine.  However, I use the unconfigured 3550 switch as part of my traveling classroom setup and really need it to act as it did before so that I don't have to configure one of the ports as a trunk port and then chnage vlans on the switch each time I move to a new location with different vlans.


Any ideas on how I could do this?


Thanks.


Gene


Gene


The port on the 3560 that you are connecting the 3550 to, is it configured as a trunk or an access port. It should be configured as an access port but it looks like it has been configured as a trunk.


Jon

GKEEL_2 Tue, 01/12/2010 - 13:21
User Badges:

No, it is configured as an access port.  FYI, since I may not have been clear, the blocking is happening on the 3550 when it is connected.

Jon Marshall Tue, 01/12/2010 - 13:28
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

GKEEL wrote:


No, it is configured as an access port.  FYI, since I may not have been clear, the blocking is happening on the 3550 when it is connected.


Gene


No, i understood that, it's just that the 3550 is saying it is receiving an 802.1Q packet on that port. That is why it is blocking it because the port on the 3550 is configured as an access port.


What does "sh int trunk" on the 3560 show as regards the port that connects to the 3550 ?


Jon

GKEEL_2 Tue, 01/12/2010 - 13:43
User Badges:

The only trunking port that is shown on that switch is GI0/4 (That is a trunk port that connects to my main switch.  I am currently connecting the 3550 to port FA0/19.


I still have one of the 3560 switches that is running the older IOS (c3560-i9-mz.122-20.SE4.bin) and connecting to that switch on an access port configured the same as the new IOS port works just fine as it always has.


It must be something that has changed in one of the versions between the old and new.  I just wish I could figure out how to make this work with the new. 

Jon Marshall Tue, 01/12/2010 - 13:47
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Gene


On the fa0/19 port on the 3560 switch what is the config ?



Can you make sure it is configured as such


int fa0/19

switchport mode access

switchport nonegotiate

switchport access vlan 1


Jon

GKEEL_2 Tue, 01/12/2010 - 13:51
User Badges:

Here is the config for the port fa0/19:


interface FastEthernet0/19
switchport access vlan 2
switchport mode access
switchport voice vlan 5
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast



Note that this configuration worked fine with the old version of IOS.

Giuseppe Larosa Tue, 01/12/2010 - 13:50
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Gene,

post a sh interface type x/y switchport taken from old and new IOS


the default settings for a switchport should be switchport dynamic desirable that should mean: if on the other side there is tries to use DTP to negotiate a trunk with other side.

Here what can have changed: if C3550 answers to DTP I'm afraid C3560 can run into trunk if it misunderstands the C3550 answer.


what if:


you configure a C3550 port as a trunk


or you try to explicitly disable dynamic trunking setting

swithport mode access  on the C3560 side this is a minimal configuration step that could help


Hope to help

Giuseppe

GKEEL_2 Tue, 01/12/2010 - 14:08
User Badges:

I could do that but if I do, then I have to reconfigure the switch everytime I move from one training location to another as I have different VLANs configured in each location.  Since I am not the person who takes the equipemtn out, I need it to work with a standard config.


Rather than have to set it as a trunking port, I would simply purchase a new cheap Netgear to use which is probably the best solution to the issue.  Just weird how the IOS upgrade changed how the switches are working.

Leo Laohoo Tue, 01/12/2010 - 13:32
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Are you sure the 3550 does not have any config?

Giuseppe Larosa Tue, 01/12/2010 - 13:42
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Gene,

what Jon is suggesting is that the C3560 may be acting as a trunk on its side causing a mismatch on BDPU type because standard 802.1D STP Bdpus are used on access ports and cisco proprietary BDPUs on 802.1Q trunks so the C3550 reacts to this by disabling the port.


so it is important to see what the C3560 thinks of the port on its side


Hope to help

Giuseppe

GKEEL_2 Tue, 01/12/2010 - 14:02
User Badges:

The port configurations for both the old IOS switch and the new IOS switch are identical as I posted for the FA0/19 interface.


Sh interface typex/y is not a valid command for the IOS.

Giuseppe Larosa Tue, 01/12/2010 - 14:16
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Gene,

sorry we usually use placeholders here in the forums type x/y could stand for fas0/19 sorry I was not clear


as Jon has suggested the switchport nonegotiate should disable DTP negotiation and should force the port to act as an access port


may you post

sh interface 0/19 switchport




Hope to help

Giuseppe

Correct Answer
Jon Marshall Tue, 01/12/2010 - 14:23
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

GKEEL wrote:


I'll try the

switchport nonegoiate


Gene


Another option if this is used for training purposes is to turn off STP on vlan 1 on the 3550 ie.


no spanning-tree vlan 1


however you obviously need to be very careful if you do this ie. you could bring the network down.


Jon

GKEEL_2 Tue, 01/12/2010 - 14:32
User Badges:

I'll try that in the morning.  That sounds like it would be the optimal solution for me if it

works.  I really don't have to worry too much about other things because the

switch gets plugged into awal jack and then all of the class laptops get plugged into it.

Shouldn't have to worry about that.

GKEEL_2 Wed, 01/13/2010 - 06:18
User Badges:

Setting "no spanning-tree vlan 1" worked beautifully.  I guess it really did kind of turn the switch into just a dumb set of extra ports.


Thanks to all who took the time to provide ideas and support on this! It is much appreciated!


Gene

Actions

This Discussion