Spanning-tree cost or port-priority command

Unanswered Question
Feb 15th, 2010

I have a 6500 switch connected to a 3560.  I have the 6500 as a vtp server and the 3560 as a vtp client in the same vtp domain.  1 of the links is a gigabit  L2 trunk link with all vlans allowed.  The second link is also a gigabit non trunk link that is in only 1 particular vlan on both ends.  I have 1 server connected to the 6509, and 1 server connected to the 3560 both on the same vlan as this second link.  If I want to force the servers to communicate via this second link only, do I need to modify the spanning-tree cost, or spanning-tree port priority to make sure these servers only communicate to each other via this second gigabit link?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Peter Paluch Mon, 02/15/2010 - 14:09

Hi David,

I assume that the 6500 is the root switch for all VLANs. In that case, you can make the non-trunk link to become forwarding for the server VLAN

  • either by lowering the port priority on the 6500 switch for that particular VLAN,
  • or by lowering the port cost on the 3560 switch for that particular VLAN

If the root bridge is the 3560 then the changes would be reversed.

Best regards,


david-flores Mon, 02/15/2010 - 14:35

Yes, the 6500 is the root bridge for all vlans.  So do I need to one make one one of the changes on either switch that you mentioned below, or do I make it on both?  For example, this config on the 6500

interface GigabitEthernet4/24
description server

no ip address
switchport access vlan 210
spanning-tree vlan 210 port-priority 16



Peter Paluch Mon, 02/15/2010 - 14:40

Hi David,

You are correct. From both alternatives I have suggested, it is sufficient to implement only one, not both. The configuration you have suggested seems to be OK and I would say it should work nicely. Just configure the port on your 6500 as you have suggested (by lowering the port priority) and leave the 3560 at its defaults.

Best regards,


Leo Laohoo Mon, 02/15/2010 - 14:49

If you want servers to go through a dedicated L2 Trunk link how about configuring the 1st Trunk as allow all VLANS except the server VLANs and the 2nd Trunk link as deny all VLANs except the server VLAN?

Peter Paluch Mon, 02/15/2010 - 14:55

Hi Leo,

Your solution would certainly work but David would lose the redundancy if he pruned the server VLAN from the trunk link.

Best regards,


Jon Marshall Mon, 02/15/2010 - 14:59

Oops, sorry Peter, i didn't see this response before i posted. Just ignore me

Peter Paluch Mon, 02/15/2010 - 15:03


You are always welcome and you should never, ever, be ignored! I am glad you responded.

Best regards,


Leo Laohoo Mon, 02/15/2010 - 15:21

Hi Peter,

Thanks for the critique but the thread states "I want to force the servers to communicate via this second link only" thus my suggestion.

Peter Paluch Mon, 02/15/2010 - 15:25

Hi Leo,

Oh, yes, you're right I just snapped onto the STP issue automatically.

Best regards,


david-flores Mon, 02/15/2010 - 14:55

I actually did consider this, but it seems a bit of a hassle on the configuration since it seems the  interface trunk command only has an allow statement, and not a deny one:

6509(config-if)#switchport trunk ?
  allowed        Set allowed VLAN characteristics when interface is in trunking
  encapsulation  Set trunking encapsulation when interface is in trunking mode
  native         Set trunking native characteristics when interface is in
                 trunking mode
  pruning        Set pruning VLAN characteristics when interface is in trunking

or is there an easier way?


Jon Marshall Mon, 02/15/2010 - 14:58

Hi all

Modifying the STP costs would be a better solution simply because if you use the allowed vlan command and the link fails then you can't use the other link to carry on sending traffic. So you are removing redundancy from your network which seems a bit counterintuitive as you are running STP anyway


Peter Paluch Mon, 02/15/2010 - 15:05


The command switchport trunk allowed vlan provides also the exclusion option: switchport trunk allowed vlan except XXX where XXX is the VLAN you want to disallow on the trunk. But as Jon has pointed out, this is an inferior solution as it removes the redundancy from your network.

Best regards,



This Discussion