[c-nsp] configuring spanning-tree to block on the backplane

Peter Rathlev peter at rathlev.dk
Sat Dec 27 17:09:23 EST 2008

On Sat, 2008-12-27 at 12:58 -0500, Jason Lixfeld wrote:
> Here's the scenario:
> server 1 has a trunk to switch 1.  One active vlan on the trunk, 15.
> server 2 has a trunk to switch 1.  One active vlan on the trunk, 15.
> switch 2 has 2 trunks to switch 1.  One active vlan on the trunks, 15.

So it's something like this:

|  SW 1  |______|  SW 2  |
+--------+      +--------+
 |      |

> Spanning-tree is setup as PVST on switch 1 and switch 2.  Spanning- 
> tree for vlan 15 blocks one of the ports on switch 2, which is  
> expected.  What I need to do is change the path from server 1 to  
> server 2 so it goes via switch 2, not directly through switch 1, but  
> I'm not sure if it's possible to block a path between two ports on the  
> same switch in order to do what I want.  I've tried variations of  
> disabling spanning-tree on vlan 15 on switch 1 and/or fudging the vlan  
> port costs on switch 1 and/or switch 2, but any way I cut the cake,  
> there is always a physical port being blocked between switch 1 and  
> switch 2.  I can always just wire the servers directly to switch 2,  
> but if I can find a way to do it remotely by fudging the tree, it'd  
> save me a trip.		

The spanning tree protocol treats a switch as a node in the graph, so
there would be no link to block "inside" the node. Thus I don't think
STP can solve your problem.

If the two physical connections between switch 1 and switch 2 aren't
used for anything else, you could use two different VLANs on switch 1,
each server/uplink pair in its own VLAN, and then make the two uplink
ports connect to the same access VLAN on switch 2. It would require that
the uplinks are simple access ports (on both sides) so it may not suit
your needs.

Otherwise you might be able to do something with private VLANs. As far
as I can see, you'd have to configure the two server access ports as
isolated PVLAN ports and then have the uplinks be promicuous ports.
Switch 2 would be left alone. I'm not sure what STP would make of this
though and it might not work at all.

> Incase it matters, switch 1 is a 3550 running 12.2(25)SEE1.  Switch 2  
> is a 6509/SUP720 running 12.2(33)SXH3a.  The 6509 connects to the 3550  
> via two ports on a WS-X6148A-GE-TX.

Forcing the traffic to go via a 6148 card would give them less bandwidth
than if they were just switched on the 3550, at least if the two ports
share an ASIC.


More information about the cisco-nsp mailing list