[c-nsp] spanning-tree problems

Fri Dec 9 11:52:22 EST 2005

Hi,

I made the mistake of plugging a 2801 with a 4-port etherswitch module into
the 3750 of an existing enterprise network without being vigilant about the
spanning-tree issues which might -- and did -- arise.

The 2801 had default bridge ID of 32768 (the same as the bridge ID of the
3750, which was the root bridge on the
vlan being utilized on the enterprise network), and the mac address of the
router is lower than that of the switch, so the 2801 became the root bridge.
This was after some nasty topology changes which caused outages on the
network (the vlans on this network span the entire campus so any
spanning-tree topology
changes can have wide-reaching effects).

To mitigate the issue, we plugged the 2801 temporarily into a Procurve
switch connected to the 3750 and things are stable. However, this is a
temporary fix. We need to move the 2801 to the 3750. The issue at the moment
is that simply unplugging the router from the Procurve initiates a cascade
of disruptive spanning-tree events and causes network outages.

Here is some debug spanning-tree events output from the 3750 which shows the
cascade of events:

UNPLUG SPANNING-TREE-ENABLED 2801 PORT FROM PROCURVE SWITCH, THEN PLUG SAME
2801 PORT BACK INTO PROCURVE

MDF-Cisco-3750#debug span event
Spanning Tree event debugging is on
MDF-Cisco-3750#
6w6d: RSTP(1): Gi1/0/12 rcvd info expired
6w6d: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port
GigabitEthernet1/0/12 on VLAN0001.
6w6d: RSTP(1): updt roles, information on root port Gi1/0/12 expired
6w6d: RSTP(1): we become the root bridge
6w6d: RSTP(1): updt roles, received superior bpdu on Gi1/0/2
6w6d: RSTP(1): Gi1/0/2 is now root port
6w6d: RSTP(1): updt roles, received superior bpdu on Gi1/0/3
6w6d: RSTP(1): Gi1/0/3 is now root port
6w6d: RSTP(1): Gi1/0/2 is now designated
6w6d: RSTP(1): Gi1/0/3 received a tc ack
6w6d: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port
GigabitEthernet1/0/12 on VLAN0001.
6w6d: RSTP(1): initializing port Gi1/0/12
6w6d: RSTP(1): Gi1/0/12 is now designated
6w6d: RSTP(1): updt roles, received superior bpdu on Gi1/0/12
6w6d: RSTP(1): Gi1/0/12 is now root port
6w6d: RSTP(1): Gi1/0/3 blocked by re-root
6w6d: RSTP(1): syncing port Gi1/0/1
6w6d: RSTP(1): syncing port Gi1/0/2
6w6d: RSTP(1): syncing port Gi1/0/4
6w6d: RSTP(1): Gi1/0/3 is now designated
6w6d: RSTP(1): Gi1/0/1 fdwhile Expired
6w6d: RSTP(1): Gi1/0/2 fdwhile Expired
6w6d: RSTP(1): Gi1/0/3 fdwhile Expired
6w6d: RSTP(1): Gi1/0/4 fdwhile Expired
6w6d: RSTP(1): Gi1/0/1 fdwhile Expired
6w6d: RSTP(1): Gi1/0/2 fdwhile Expired
6w6d: RSTP(1): Gi1/0/3 fdwhile Expired
6w6d: RSTP(1): Gi1/0/4 fdwhile Expired
6w6d: RSTP(1): Gi1/0/12 received a tc ack

Here are the spanning-tree configs on the 3750:

macro global description cisco-global
errdisable recovery cause link-flap
errdisable recovery interval 60
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree extend system-id
!
interface GigabitEthernet1/0/x
 description xxxxx
 switchport trunk encapsulation dot1q
 switchport mode trunk
 macro description cisco-switch
 auto qos voip trust
 spanning-tree link-type point-to-point
!

The 2801 has default spanning-tree configs.

Any ideas on the least disruptive manner of proceeding at this point?
Perhaps it's just a matter of moving the 2801 to the 3750 at a low usage
time, gritting our teeth and waiting it out while spanning-tree reconverges.
As far as I am aware, the network has no loops. However, I am not 100% sure
of that.

Unless there's something easy I'm overlooking, I think I'm going to have to
get a detailed topology map of the enterprise network from the company that
installed it before making any other changes.

Thanks,
Adam

---
[This e-mail was scanned for viruses by Webjogger's AntiVirus Protection System]