I have a c3500xl and c3550 switch connected via gbic. I am trying to add a new c3550 connected via a gbic. I know I am running the cables correctly, but everytime I connect the new one, random users on the other 2 switches start losing connection. After looking at the spanning-tree configurations, I noticed that the existing switches see the c3500xl as the root of vlan1. The new c3550 I'm trying to connect thinks he is the root. How can I change this?
You can control which switch is the root, on a VLAN by VLAN basis. On whichever switch you want to make the root, run the following command:
spanning-tree vlan 1 2 3 4 5 priority 10
The "1 2 3 4 5" are the VLANs you want the bridge-priority to apply to. (I just included VLANs 1, 2, 3, 4, and 5 here as an example; use the numbers that correspond to your VLANs.)
The bridge-priority of "10" makes it extremely likely that this switch will be chosen as the root. The range of valid priority numbers numbers runs from 0 to 65535, and the default is 32768. Lower numbers are higher priority; that is, more likely to be selected as the root.
Generally speaking, the root switch should be one that's logically central to your network. Everybody else plugs into this, either directly or indirectly.
If you do this on the switch that is NOT the current root, there will be a 30 to 50 second stoppage in network service, max. Once it's done, it's done.
If you do this on the switch that is the current root, there will be no service disruption.
If you change the bridge-priority on the new switch to a higher number (which is a lower priority), BEFORE you attach it to the network, you should be able to attach it without disrupting users on the other switches. A quick-and-easy way to do this that applies to all VLANs is to run the command:
which will change the bridge priority on that switch, for all VLANs, to 49152. This will also help the new switch cut over even quicker to a redundant link in the event it loses its primary path back to the root switch. (3 to 5 second delay max.)
Another way to configure the STP on the root switch would be to use the macro:
spanning-tree vlan root
This automatically sets the priority for the VLANs for the vlan range you specify to 8192 [for primary root] & 16384 [for secondary root] and this would still be higher than the default priority of 32768 for other switches. In general, Cisco does not recommend tuning individual STP paramters.
Very true... the defaults issued by using the "primary" or "secondary" parameters are quite sufficient to effect control over who becomes the 'root' on a per VLAN basis.
That said, there is something to be said for simply disabling this 'feature' of negotiation completely. We elected to use the "set vtp mode transparent" (as opposed to choosing "server" or "client" mode) for the simple reason that we NEVER wanted to risk having somebody plug a rogue or misconfigured switch into the network and dropping the whole thing on its head. We also considured the risks of a potential virus which might send falsified service advertisements, perhaps decremented by 1. The resultant DoS would be very ugly!
The "transparent" mode simply means that the switch will not A) advertise and B) will ignore all other switch advertisements.
We weighed the overall advantages of quick switch VTP configuration against the potential of network compromise and opted for the one-time costs hard-coding the entries in our configurations.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...