cancel
Showing results for 
Search instead for 
Did you mean: 

Configuring RSTP (802.1w) and Spanning Tree Best Practices on ICX Switches

BenBeck
Moderator
Moderator

Hey all, 

I wanted to take a moment to look at spanning tree. By default, ICX switches run 802.1d spanning tree on a per-vlan basis. Ideally, we want to use a protocol with faster convergence such as rapid spanning tree (802.1w). I will go through some general configuration steps and a few best practices. These configurations will not suit all customers, but it is a good starting point for many. 

Enabling RSTP on vlan(s) 

ICX#conf t
ICX(config)#vlan 10 20 30 <--edits three vlans at once. You can edit vlans one at a time or using a range via the 'to' syntax (vlan 1 to 20)
ICX(config-mvlan-10*30)#spanning-tree 802-1w

Now that 802.1w is running, we will want to set a root bridge priority. If no priority is defined, the default of 32768 will be used. Let us assume you want this switch to be the root bridge. A lower priority number wins, so let us go ahead and set it to zero to ensure this switch becomes root bridge:

ICX(config-mvlan-10*30)#spanning-tree 802-1w priority 0

The resulting configuration will look like this:

vlan 10 by port
 tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 ethe 1/2/2 ethe 1/2/3 ethe 1/2/4 ethe 1/2/5 ethe 1/2/6 ethe 1/2/7 ethe 1/2/8
 spanning-tree 802-1w
 spanning-tree 802-1w priority 0
!
vlan 20 by port
 tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 ethe 1/2/2 ethe 1/2/3 ethe 1/2/4 ethe 1/2/5 ethe 1/2/6 ethe 1/2/7 ethe 1/2/8
 spanning-tree 802-1w
 spanning-tree 802-1w priority 0
!
vlan 30 by port
 tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 ethe 1/2/2 ethe 1/2/3 ethe 1/2/4 ethe 1/2/5 ethe 1/2/6 ethe 1/2/7 ethe 1/2/8
 spanning-tree 802-1w
 spanning-tree 802-1w priority 0

Now that our RSTP instances are running, let's take a look at a couple best practices.

Switch-to-switch connections should be defined as point-to-point links to increase convergence times. In this example, let us assume ports 1/2/1 through 1/2/8 are all switch-to-switch links:

ICX#conf t
ICX(config)#interface ethernet 1/2/1 to 1/2/8
ICX(config-mif-1/2/1-1/2/8)#spanning-tree 802-1w admin-pt2pt-mac

The resulting configuration:

interface ethernet 1/2/1
 port-name Switch-to-Switch-Connection
 spanning-tree 802-1w admin-pt2pt-mac

Switch-to-client (edge) connections should be defined as operational edge ports. In this example, let us assume ports 1/1/1 through 1/1/48 are all client edge ports:

ICX#conf t
ICX(config)#interface ethernet 1/1/1 to 1/1/48
ICX(config-mif-1/1/1-1/1/48)#spanning-tree 802-1w admin-edge-port


Client ports can also have STP BPDU Guard enabled. This will shut down the port if any BPDUs are received on the port. 


ICX#conf t
ICX(config)#interface ethernet 1/1/1 to 1/1/48
ICX(config)#stp-bpdu-guard

The resulting configuration:

interface ethernet 1/1/1
 port-name Client-Port
 spanning-tree 802-1w admin-edge-port
 stp-bpdu-guard


To see RSTP information, you can use the following commands:

ICX#show 802-1w
ICX#show 802-1w detail


Note: If you are running 802.1d, you will use 'show spanning-tree' and 'show spanning-tree detail'. MSTP also has unique commands such as 'show mstp' and 'show mstp detail'

To see all available configuration options for spanning tree, please see our FastIron Layer 2 Switching Configuration Guide:

HTML Version

PDF Version (requires login)

Let us know if you have any questions!

Ben Beck, RCNA, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us
2 REPLIES 2

sven_siersdorfe
New Contributor II

Great starting point for RSTP deployment. Thank you.

abilashpr
Contributor III

Dear Ben Beck,

Good one, it would be great if you could share some troubleshooting steps to resolve any STP Loop. 

Thank you for sharing this!!!

Regards,

Abilash PR.