i would greatly appreciate any help to solve my STP puzzle. I have a new redundant network with two cores C1 and C2 and five access switches A1 to A5. They are all Cisco SG300 switches. I have noticed there are too many STP messages emanating from one host which has a MAC address which cannot be traced on the network. In the redundant network, I made C1 the root bridge by giving it a priority of 4096 and C2 has been given a priority of 8192 so that it is the secondary root bridge in the network. I have left all other STP settings to default on the rest of the switches in the network.
The problem is that one host is advertising a RST root bridge all the time. Now it has a mac address which is different from the mac address of the root bridge itself and i cannot trace this mac address on the network. Please have a look at the snapshot of Wireshark output in the attach
The source MAC address which is the host advertising all the time is 1c:df:0f:34:db and the root bridge is 1c:df:0f:bb:34:c4.
Why would the root bridge be resetted all the time?
I've also noticed that one port in a LAG configuration on one of the access switches is flapping up and down all the time. Please see below snapshot:
I tried to troubleshoot this problem. It is not the cable. It would be something else. Any idea what could cause this flapping of the port?Could it be related to STP?
On the other Core switch C2 I can see a LAG status switching between forwarding and blocking all the time. please see the below snapshot:
What could make the LAG status to flap from forwarding to blocking and back all the time like this?
I do not see anything unusual in the Wireshark capture you have posted:
There is only a single BPDU being displayed containing consistent information that arrives every 2 seconds. That corresponds with normal RSTP operation.
The difference between Source MAC (SMAC) and the Bridge ID (BID) is natural. On these switches, every switchport has its own MAC address used when sourcing frames. Additionally, the switch as a unit has, again, its own MAC address used in STP as the BID. In fact, these addresses are assigned in blocks: the lowest address is used by the switch as a unit, and then in an incremental fashion, next MAC addresses are assigned to individual switchports. In your case, the BID is 1c:df:0f:bb:34:c4 while the SMAC is 1c:df:0f:bb:34:db. The difference in the last octet is 0xdb-0xc4=23. This BPDU has therefore been sent from the 23rd port on the switch with the base MAC=BID. Note that the internal numbering of the ports may differ between switches - sometimes the numbering starts with FastEthernet ports, sometimes it starts with GigabitEthernet ports.
I am somewhat puzzled by the invalid Frame Check Sequence. I have never seen Wireshark display this data at all because all network cards and their drivers I've worked with never supplied the FCS information to Wireshark. Does any other frame in your capture exhibit a correct FCS?
Physical flapping of your G1 port is most probably caused by a wiring issue. I know you've indicated that the cable is allegedly not the cause of the problem but I tend to urge you to verify that once more. Ideally, use a manufactured, not a self-made cable, that is at least Cat5e or higher.
Thank you so much for the explanation. I thought it was unusual to have so many STP messages. Ok now I know which port it is. Thank you for that. I've check the frames again and I can't see the FCS errors now. Could it have been just a temporary thing? I also noticed slow internet speed on the network since yesterday. I haven't troubleshooting that. I will do so by next week.
Regarding the the flapping of the switch port, I checked the wiring. Could there be anything else that could cause it?Any settings for STP?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...