Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
583
Views
0
Helpful
2
Replies

STP on Parking VLAN?

Go to solution
devils_advocate
Level 7
Level 7

‎12-16-2013 07:48 AM - edited ‎03-07-2019 05:06 PM

Hello

This is likely an 'oh yes of course!' type question but I can't seem to figure it out...

This is a lab environment that I am rebuilding from scratch, its not production.

I have a 'Parking' Vlan for Unused and Shutdown ports on Access Switches.

My Distribution switches are the Spanning Tree Root (Rapid-PVST) for all VLANS

The Parking Vlan is not allowed on the trunk links, i.e manually pruned so presumably the BPDU's are not being forwarded?

All the L2 access switches seem to be becoming the Root bridge for Vlan 666, as does the distribution switch.

Now, I am thinking this is because Vlan 666 is not allowed on the Trunks, meaning the BPDU's are going nowhere and each switch is electing itself as the root for that vlan right?

So, if thats the case, is this best practice as both uplinks from each L2 Access switch are in the forwarding state for that Vlan?

I thought it was best not to have the Parking Vlan allowed on the trunks??!?!

Am I going mad (probably)?

Ta

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎12-16-2013 08:13 AM

Hi,

What you have observed is completely correct - each switch is isolated to just itself with respect to the Parking VLAN, so each of them elects itself as a root bridge.

The best practice would be not just to prune the Parking VLAN from trunks, but to actually deactivate it on your access switches. This way, even if two or more hosts get connected to ports in the Parking VLAN on the same switch, their communication will be discarded.

If you are using VTP then you can deactivate the Parking VLAN domain-wide as follows:

vlan 666
 state suspend

If you have your switches in VTP Transparent mode, you can also use the same command, or the same result with just a switch-local impact can be achieved with

vlan 666
 shutdown

(The state suspend is propagated via VTP, the shutdown command is not; if you are not running VTP then the difference between these two approaches is irrelevant.)

Because the VLAN will be suspended, no STP instance will be run for it. Give it a try!

Best regards,

Peter

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎12-16-2013 08:13 AM

Hi,

What you have observed is completely correct - each switch is isolated to just itself with respect to the Parking VLAN, so each of them elects itself as a root bridge.

The best practice would be not just to prune the Parking VLAN from trunks, but to actually deactivate it on your access switches. This way, even if two or more hosts get connected to ports in the Parking VLAN on the same switch, their communication will be discarded.

If you are using VTP then you can deactivate the Parking VLAN domain-wide as follows:

vlan 666
 state suspend

If you have your switches in VTP Transparent mode, you can also use the same command, or the same result with just a switch-local impact can be achieved with

vlan 666
 shutdown

(The state suspend is propagated via VTP, the shutdown command is not; if you are not running VTP then the difference between these two approaches is irrelevant.)

Because the VLAN will be suspended, no STP instance will be run for it. Give it a try!

Best regards,

Peter

0 Helpful

Go to solution
devils_advocate
Level 7
Level 7
In response to Peter Paluch

‎12-16-2013 08:16 AM

That makes perfect sense, thanks Peter!

I was not aware you could suspend a Vlan and prevent it running an STP instance.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card