I have a 6500 switch connected to a 3560. I have the 6500 as a vtp server and the 3560 as a vtp client in the same vtp domain. 1 of the links is a gigabit L2 trunk link with all vlans allowed. The second link is also a gigabit non trunk link that is in only 1 particular vlan on both ends. I have 1 server connected to the 6509, and 1 server connected to the 3560 both on the same vlan as this second link. If I want to force the servers to communicate via this second link only, do I need to modify the spanning-tree cost, or spanning-tree port priority to make sure these servers only communicate to each other via this second gigabit link?
I assume that the 6500 is the root switch for all VLANs. In that case, you can make the non-trunk link to become forwarding for the server VLAN
If the root bridge is the 3560 then the changes would be reversed.
Yes, the 6500 is the root bridge for all vlans. So do I need to one make one one of the changes on either switch that you mentioned below, or do I make it on both? For example, this config on the 6500
no ip address
switchport access vlan 210
spanning-tree vlan 210 port-priority 16
You are correct. From both alternatives I have suggested, it is sufficient to implement only one, not both. The configuration you have suggested seems to be OK and I would say it should work nicely. Just configure the port on your 6500 as you have suggested (by lowering the port priority) and leave the 3560 at its defaults.
If you want servers to go through a dedicated L2 Trunk link how about configuring the 1st Trunk as allow all VLANS except the server VLANs and the 2nd Trunk link as deny all VLANs except the server VLAN?
Your solution would certainly work but David would lose the redundancy if he pruned the server VLAN from the trunk link.
You are always welcome and you should never, ever, be ignored! I am glad you responded.
Thanks for the critique but the thread states "I want to force the servers to communicate via this second link only" thus my suggestion.
I actually did consider this, but it seems a bit of a hassle on the configuration since it seems the interface trunk command only has an allow statement, and not a deny one:
6509(config-if)#switchport trunk ?
allowed Set allowed VLAN characteristics when interface is in trunking
encapsulation Set trunking encapsulation when interface is in trunking mode
native Set trunking native characteristics when interface is in
pruning Set pruning VLAN characteristics when interface is in trunking
or is there an easier way?
Modifying the STP costs would be a better solution simply because if you use the allowed vlan command and the link fails then you can't use the other link to carry on sending traffic. So you are removing redundancy from your network which seems a bit counterintuitive as you are running STP anyway
The command switchport trunk allowed vlan provides also the exclusion option: switchport trunk allowed vlan except XXX where XXX is the VLAN you want to disallow on the trunk. But as Jon has pointed out, this is an inferior solution as it removes the redundancy from your network.