I have got a large campus collpased backbone with two core 6509 systems connected to 30 stacks of 3750's.
Each stack of 3750's has 8 vlans. This leads to a large number of vlans on the core 6500s and as such a lot of spanning tree instances. Am I correct in saying that even with using Rapdid PVST+ then there will still be a seperate spanning tree instance per vlan? I think so because I can tweak the root bridge for each vlan. Is there any "optimisation" built into RAPID PVST+ to eliminate the overhead of all this? In other words, does RapidPVST+ automatically include MST to cut down the number of BPDU's and CPU etc?
Or do I need to manually build two MST instances for each wiring closet?
What would Cisco recommend here?
Yes, you are right that it would give you 240 VLANs on your core, and 240 instances of Spanning Tree. You are right that it is an awful lot of tweaking, and PVST+ does not include MST to cut down the BPDUs.
You have two alternatives - move to MST, or go to layer-3. The move to MST would give you what you want, but I think it would be as much tweaking as the PVST solution. But it would cut down on the number of Spanning Tree instances the distribution switches are handling.
But if you really only have 8 VLANs in each access stack, and if there is no requirement for VLANs to span across more than one stack, you should consider going to layer-3 between your distribution layer and your access layer. Have 8 instances of Spanning Tree in each stack. Have two layer-3 (no switchport) uplinks from each stack to each of the distribution switches, and run OSPF over the whole lot.
Nowadays, OSPF is super-fast to converge - much faster than your layer-2 Rapid Spanning Tree. The only restriction, as I said, is that you cannot get a VLAN to span more than one stack at layer-2.
Thanks for answering Kevin.
Yes, I have thought of the L3 access layer. However, to run OSPF would require the enhanced image ro run on nearly 260 48 port 3750's. As you know this is very expensive to do and the customer would not accept the cost.
I suppose I could run RIPv2 as an alternative and summarise the routes on each 3750 stack. However, there is something "retrograde" about using RIP !!!
MST appeals to me as well but again there is a lot of tweaking and fiddling across so many VLANS.
What do you think? Spanning closets is not required since I have convinced the customer to readdress.
Mmm, it's six of one and half-a-dozen of the other. If you run RIP, I suppose you could tweak the times down to something like 1 4 4 6, especially since effectively each access closet is a stub ( ... well ... you know what I mean ... ) and instability in one should not affect the others.
In fact, with point-to-point uplinks, even RIP should detect a failure pretty quickly and reconverge faster than its dead-time. It would be a lot less fiddling. You would also get optimal and/or load-balanced routing according to the destination IP, and not according to root-bridge criteria as it would be with MST.
Depends how fast a convergence your customer needs and how much he is willing to pay.
Who is going to have to maintain this, you or the customer? Just a thought.
Me, I would lab up a Layer-3 scenario to try and focus on the advantages and disadvantages. There so many different architectures you could try.
Have you thought of flexlink? That's a feature that basically does uplink backup without STP. Right now, I don't think there is vlan load balancing yet, but it's coming very soon.
Else, do you have a problem with rapid-PVST? Around 200 vlans should be ok for a cat6k to handle. The main issue with MST is that you have to keep the configuration consistent across the whole network. If you can easily migrate your whole network to MST, then it's not that complex. I can help you.
Hi Francois, and thanks for your reply.
I have done some redesign work and got the wiring closets down to 15 with 8 vlans each so we are down to 120 vlans. Do you think I am over complicating things with MST?
I am load balancing the vlans on each wiring closet so there are 2 STP topologies per closet. Therefore I need to define two instances in each closet. That would mean that the core 6500s would have 30 instances and the wiring closets each with 2 instances.
Would the wiring closets still need to have the exact MST config of the 6500s? In other words for the MST region to match the 30 instances would need to be defined on all the wiring closets even though they only used 2? Or can I just configure the two instances on the wiring closet and as long as the name and revision number match the wiring closet switch would work OK?
That's something like 360 PVST instance ports (accounting for a trunk between the cat6k). That should be a piece of cake for the CPU of your 6k, even in rapid-PVST mode;-) I'm a strong supporter of MST, but I would not bother migrating unless you are planning on adding lots of vlans.
With MST, indeed, the configuration (vlan to instance mapping, name and revision) have to match across the network. Else, you fall back to RSTP in the IEEE sense of the term, with a single topology for the whole network. That's the main constraint for MST. What I generally suggest, in order to avoid the need to update the MST configuration, is to pre-allocate lots of MST instances in the MST configuration (it does not mean that all the instances will be running, as you don't have to define all the vlans in VTP). Something like vlan 1-100 to instance 0, vlan 101-200 to instance 1 etc...
This way, you can always add vlans or instances to your network without changing the MST configuration.
VTP3 will soon be available in IOS and will allow you to propagate an MST configuration to an entire domain in one shot,
Put aside the administrative overhead introduced by the management of this MST configuration, MST is just as simple as PVST when it is run network wide.
I have set this up and it works in teh lab with MST. However, it just seems an unecessary complication with 120 vlans. I am using Sup720-3B so these should be more than capable of those vlans. I might just stick with rapdi-pvst+ and keep it simple.
Its a little late for a reply here, but for posterities sake...
You have EIGRP stub available in IP Base code on 3750s. Its been in there since 12.2(25)SEE. That would allow you to do L3 to the closets without the expense of the enhanced image.