03-06-2023 08:55 AM
On our main router (a 7650 running the router firmware obviously, with system-max spanning-tree 254), we are running out of spanning trees. We are looking into topology groups as a mean to decrease the number of spanning tree, but we are running into some issues.
Let's say we have the following config on the router:
vlan 100 by port
tagged ethe 1/1/48
spanning-tree 802-1w
spanning-tree priority 1024
vlan 101 by port
tagged ethe 1/1/48
spanning-tree 802-1w
spanning-tree priority 1024
topology-group 1
master-vlan 100
member-vlan 101
(this is only an example, in my scenario I would have 7 or 8 VLANs the the topology group)
When I add vlan 101 to the topology group, the system removes all the spanning-tree lines and adds no spanning-tree. Which is fine since the spanning tree is controlled by the master vlan.
Those 2 VLANs are then dispatched to an access switch with the following config:
vlan 100 by port
tagged ethe 1/2/2
spanning-tree 802-1w
vlan 101 by port
tagged ethe 1/2/2
untagged ethe 1/1/7
spanning-tree 802-1w
interface ethernet 1/1/7
spanning-tree 802-1w admin-edge-port
stp-bpdu-guard
interface ethernet 1/2/2
spanning-tree 802-1w admin-pt2pt-mac
So, do I need to replicate the topology group on the access switch too?
If I don't, only the spanning tree from the master vlan is an actual extension of the router's spanning tree
--- VLAN 100 [ STP Instance owned by VLAN 100 ] ----------------------------
Bridge IEEE 802.1W Parameters:
Bridge Bridge Bridge Bridge Force tx
Identifier MaxAge Hello FwdDly Version Hold
hex sec sec sec cnt
8000d4c19e98eb28 20 2 15 Default 3
RootBridge RootPath DesignatedBri- Root Max Fwd Hel
Identifier Cost dge Identifier Port Age Dly lo
hex hex sec sec sec
1000d4c19e198a09 22000 8000609c9fb42f28 1/2/2 20 15 2
Port IEEE 802.1W Parameters:
<--- Config Params --><-------------- Current state ----------------->
Port Pri PortPath P2P Edge Role State Designa- Designated
Num Cost Mac Port ted cost bridge
1/2/2 128 20000 T F ROOT FORWARDING 2000 8000609c9fb42f28
--- VLAN 101 [ STP Instance owned by VLAN 101 ] ----------------------------
Bridge IEEE 802.1W Parameters:
Bridge Bridge Bridge Bridge Force tx
Identifier MaxAge Hello FwdDly Version Hold
hex sec sec sec cnt
8000d4c19e98eb28 20 2 15 Default 3
RootBridge RootPath DesignatedBri- Root Max Fwd Hel
Identifier Cost dge Identifier Port Age Dly lo
hex hex sec sec sec
800078a6e121f408 20000 800078a6e121f408 1/2/2 20 15 2
Port IEEE 802.1W Parameters:
<--- Config Params --><-------------- Current state ----------------->
Port Pri PortPath P2P Edge Role State Designa- Designated
Num Cost Mac Port ted cost bridge
1/1/7 128 20000 F T DESIGNATED FORWARDING 20000 8000d4c19e98eb28
1/2/2 128 20000 T F ROOT FORWARDING 0 800078a6e121f408
If I do, all the VLANs' spanning tree will be an extension of the router's spanning tree. However, when I assign vlan 101 to an edge port, it won't broadcast any BPDU packets so I won't have any network loop protection.
--- VLAN 101 [ STP Instance owned by stp-group 1, master VLAN 100 ] ----
Bridge IEEE 802.1W Parameters:
Bridge Bridge Bridge Bridge Force tx
Identifier MaxAge Hello FwdDly Version Hold
hex sec sec sec cnt
8000d4c19e98eb28 20 2 15 Default 3
RootBridge RootPath DesignatedBri- Root Max Fwd Hel
Identifier Cost dge Identifier Port Age Dly lo
hex hex sec sec sec
1000d4c19e198a09 22000 8000609c9fb42f28 1/2/2 20 15 2
Port IEEE 802.1W Parameters:
<--- Config Params --><-------------- Current state ----------------->
Port Pri PortPath P2P Edge Role State Designa- Designated
Num Cost Mac Port ted cost bridge
1/1/7 128 0 F F DISABLED DISABLED 0 0000000000000000
1/2/2 128 20000 T F ROOT FORWARDING 2000 8000609c9fb42f28
So how can we transfert from having topology group to being able to assign a single VLAN on a port while retaining the spanning tree?