I got some problem on Catalyst 3750G stack and MST. The attach file is the topology.
The core switch in the diagram is stacked by Catalyst 3750G-12SS and Catalyst 3750G-24TS, which using 12.2(46)SE as their IOS. The edge switch is Catalyst 2960-48TC with IOS 12.2(35)SE5. The red lines in the diagram are fiber links and the black lines are UTP links.
The upper half in the diagram is the normal situation. The switches are using MST as their spanning-tree protocol. The core 1 is the root bridge while the core 2 is backup root (with a priority 4096). Under the condition, everythig is fine. No matter you break the link (1), (2) or (3) or connect them back, the MST shows its ability to converge under 1 second. No more than 1 packet lost if you keep ping from core to edge and break / recovery the link between the switches.
The second part in the diagram shows another situation. If the master switch become member in the stack, something strange happen. You can break (5) or (6) and recovery them back, the switches are working fine still. Link (4) is the problem. When you break link (4), the traffic can change to the remain link less than 1 second. After recoverying the link (4), no one can connect to edge 1!
Let's look something further more. If you isue "show mac address-table" on core 1 under this condition, the MAC address about edge 1 is pointing to interface po1 which is connect to core 2. If you issue "show mac address-table" on core 2, the MAC address about edge 1 is point to gi1/0/1 which is connect to edge 1. It seems ok but the link between core 2 and edge 1 is in blocking state! Therefore, no one can connect to edge 1.
If the "clear mac dynamic" command was issued on core 1, the MAC address about edge 1 will point to gi1/0/1 again and the network will work fine again.
It looks like an IOS bug but I can't find any bug about this problem. Although I can issue "clear mac" to solve the problem, it's not a good solution for user. PVST can solve the problem too, but it takes 10 seconds to converge when the link up/down. is there any good idea to solve the problem?
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...