[c-nsp] Maximum spannig tree instances

Gert Doering gert at greenie.muc.de
Tue Jul 14 11:46:50 EDT 2009 

Hi,

On Tue, Jul 14, 2009 at 11:16:57AM -0400, Jon Lewis wrote:
> On Tue, 14 Jul 2009, Gert Doering wrote:
> >On Tue, Jul 14, 2009 at 09:26:13AM -0400, Jon Lewis wrote:
> >>But isn't that the whole point of MST?
> >
> >We have found MST to be mostly pointless...
> >
> >"Too much hassle, too little gain"
> 
> So do you just do rapid-pvst and limit which VLANs are allowed on all 
> trunk ports?  

Yes.

Most of our VLANs are actually quite "short reach", that is, they
are distributed like this

 ISP Router A (6500) == ISP Switch A (6500) -- CustomerX Switch A -- Hosts
     ||                        ||                     |
 ISP Router B (6500) == ISP Switch B (3550) -- CustomerX Switch B -- Hosts

(leave off row "B" for non-VRRP customers.  Double lines are trunks,
single lines are single-VLAN access ports)

There's an insane amount of switches and trunks, but most VLANs really
span only 3 (standard case) or 6 (HSRP/VRRP) devices.


The trunks between "ISP Router" and "ISP Switch" are pre-configured,
the links between "ISP Switch" and "customer switch" get configured
on-demand (from the VLAN range designated to "ISP Switch A")


> I know you're not a fan of VTP, and I suppose this may be 
> another reason.  Even with the trunks limiting which VLANs get through, 
> VTP still creates all the vlans on all the switches, and in a PVST setup, 
> they run a spanning tree instance for each VLAN, even if they aren't 
> really participating in the VLAN.

Yes, this would kill us immediately.  "ISP Switch A" could, theoretically,
have about 350 active VLANs (one VLAN per port, 7 blades x 48 ports),
while "ISP Switch B" would choke on more than 64...

"ISP Router A" is linked to 4 different 6500 distribution switches, and
could end up with more than 1000 active VLANs (in reality it doesn't, 
due to physical space constraints in this building :) ).


> >two VLANs that share the same topology - which maps very poorly to MST
> >instances.  At the same time, there is a fairly high dynamic in adding
> >and removing VLANs, which is *quite* painful with MST instance
> >mappings...
> 
> I've wondered about that...if we were to move to MST, we're going to have 
> to assign every VLAN to an MST instance, which could get messy.
> 
> Maybe it is time to just turn off VTP and manually create VLANs only where 
> they're needed, in which case we'll only have to worry about the number of 
> PVST instances on the central 6509s, as there's no way we'd run up to 128 
> VLANs on a 3550.  

Yep, this is what we do.  VLANs are really only created where they are
needed (some ranges are pre-created, others on-demand).

"switchport trunk allowed vlan *ADD* 1234"

is one of our favourites, tho... :-)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090714/e7e8b9e5/attachment.bin>

More information about the cisco-nsp mailing list