stp extreme
Post on 04-Jun-2018
217 Views
Preview:
TRANSCRIPT
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 1/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. Do not reproduce.
Rapid Spanning Tree Protocol (RSTP) Deployment
Guidelines for Converged Networks – Revision 01
Abstract: The following Application Note was written to help business partners and sys-
tems engineers with configuring Rapid Spanning Tree Protocol (RSTP) loop avoidance for
converged networks. This configuration can be generalized and applied to most converged
networks from various IP PBX vendors in order to provide loop avoidance and prevent
end-user cabling errors from taking down voice, video and data application services.
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 2/25
Extreme Networks Application Note
Table of Contents
1. Introduction
1.1. Loop Avoidance and Spanning Tree Protocol
2. Configuring RSTP
2.1. STP Domains and Modes
2.2. STP Domain Modes for Converged Networks
2.3. Encapsulation and Default-Encapsulation
2.4. STPD Default-Encapsulation for Converged Networks
2.5. Participating Ports and VLANs
2.6. Adding Ports and VLANs in Converged Networks
2.7. Link-Type and Converged Networks
2.8. Bridge-Priority
2.9. Auto-Bind
3. Sample RSTP Configurations
3.1 Single Core Switch Configuration
3.1.1. “NJCore1” Switch Configuration
3.1.2. “IDF1” Switch Configuration
3.1.3. “IDF2” Switch Configuration
3.2. Dual Aggregation Switch Configuration
3.2.1. “NJAgg1” Switch Configuration
3.2.2. “NJAgg2” Switch Configuration
3.2.3. “IDF1” Switch Configuration
3.2.4. “IDF2” Switch Configuration
4. Verification Steps for Sample Configurations
4.1. Single Core Switch Configuration
4.1.1. Verify “IDF1” Switch Configuration
4.1.2. Verify “IDF2” Switch Configuration
4.2. Dual Aggregation Switch Configuration
4.2.1. Verify “IDF1” Switch Configuration
4.2.2. Verify “IDF2” Switch Configuration
5. Basic RSTP Deployment Checklist
6. Conclusion
6.1. Hardware and Software Versions Tested
7. Additional References
3
3
4
4
6
6
7
7
8
9
10
10
10
10
11
12
13
14
15
16
17
18
19
19
19
20
21
22
23
24
24
24
25
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 3/25
1. Introduction
Layer 2 loops can occur in converged network environments,
sometimes even with Spanning Tree Protocol (STP)
enabled. Most loops are accidental, but they can cripple
voice and data communication services across entire
segments. Spanning tree is disabled on all Extreme Networks®
switches by default. Operating a network without any typeof loop avoidance mechanism like STP or other alternative
technique can be problematic even in loop-free topologies.
These deployment guidelines explain how to enable Rapid
Spanning Tree Protocol (RSTP) in order to eliminate the
majority of Layer 2 loops in converged network environments.
The two sample configurations represent field proven cases
that provide loop-free operation at the network edge, closest
to end users.
Two sample configurations described in this Application Note:
1. Single Core, Two IDF Switches
2. Dual Aggregation with Virtual Router Redundancy
Protocol (VRRP), Two IDF Switches
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 3
Figure 1: Usage Model
1.1. Loop Avoidance and SpanningTree Protocol
Converged networks require a loop avoidance mechanism to
protect against end-user cabling errors. The widespread
deployment of automatic polarity on edge ports exacerbates
the problem, because a simple straight CAT5e patch cable
can automatically establish a link and result in a broadcast
storm. Networks that are deployed without enabling STP
can leave customers vulnerable to three types of loops without
proper configuration. Figure 1 shows the three most common
loops found in Ethernet networks. The self loop occurs when
an end user loops a cable back within the same switch. A
switch-to-switch loop occurs when the end user connects a
third party switch into the network with dual connections.
Lastly, the IP telephone loop can happen when an end user
attaches both the Power+Data and Data only ports of an IP
telephone into the switch.
Network administrators must take appropriate steps to provide
loop-free operation by configuring and enabling RSTP or analternative loop avoidance mechanism. With RSTP, the network
can quickly and automatically detect the most common loops
and place one of the two ports into a BLOCKING state to
avoid a broadcast storm (See Figure 2).
Self Loop
LoopFormed
Switch-to-Switch Loop
LoopFormed IP TelephoneLoop
LoopFormed
5361-01
Figure 1: Types of Network Loops
Self Loop
LoopAvoided
Switch-to-Switch Loop
LoopAvoided
IP TelephoneLoop
LoopAvoided
5362-01
Blocking
Blocking
Blocking
Figure 2: Loop Avoidance Using RSTP
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 4/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 4
There is a fourth type of loop that occurs less frequently, but it can be just as troublesome. If a user attaches an adjacent device to
the network that has a loop the outcome can be catastrophic to voice, video and data communications. To help avoid the occurrence
of this possible loop, Extreme Networks introduced the edge-safeguard feature for edge ports. The edge-safeguard feature will
detect the presence of an adjacent looped device and software disable the port to avoid a network interruption. See Figure 3.
Looped Hub
LoopFormed
5363-01
Figure 3: Adjacent Looped Device2. Configuring RSTP
The following sections outline the fundamentals necessary to successfully configure and enable RSTP on Extreme Networks
ExtremeXOS® switch for a converged network environment.
2.1. STP Domains and Modes
An Extreme Networks spanning tree instance or database is called a Spanning Tree Protocol Domain (STPD). The STPD determines
the version of spanning tree protocol to use on the switch, the Bridge Protocol Data Unit (BPDU) encapsulation format and the
participating ports and VLANs to be protected by spanning tree. All switch platforms have STPD “s0” preconfigured in their
factory default configuration, but spanning tree has been disabled by default. See Example 1. You must properly configure and
enable spanning tree if you require a loop-free environment.
Example 1: Default Spanning Tree Protocol Domain “s0”
* NJCore1.5 # show stpd
MSTP Global Conguration:
MSTP Region Name : 00049635e5f9
MSTP Format Identier : 0
MSTP Revision Level : 3
Common and Internal Spanning Tree (CIST) : ----
Total Number of MST Instances (MSTI) : 0
Name Tag Flags Ports Bridge ID Designated Root Rt Port Rt Cost
s0 0000 D----- 0 800000049635e5f9 0000000000000000 ------- 0
Total number of STPDs: 1
Flags: (C) Topology Change, (D) Disable, (E) Enable, (R) Rapid Root Failover
(T) Topology Change Detected, (M) MSTP CIST, (I) MSTP MSTI
Figure 3: Adjacent Looped Device
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 5/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 5
The domain “s0” is preconfigured to automatically bind and protect all ports assigned to the untagged Default VLAN as show in
Example 2. You must enable domain “s0” if you want to use the preconfigured settings to implement spanning tree protection. Many
customers modify the untagged VLANs assigned to the switch ports, so Extreme Networks leaves “s0” disabled in the factory default
configuration. This also minimizes the impact of introducing an Extreme Networks switch into an environment that is already running a
version spanning tree.
Example 2: STPD s0 Default Configuration
NJCore1.10 # show stpd s0
Stpd: s0 Stp: DISABLED Number of Ports: 26
Rapid Root Failover: Disabled
Operational Mode: 802.1D Default Binding Mode: 802.1D
802.1Q Tag: (none)
Ports: 1,2,3,4,5,6,7,8,9,10,
11,12,13,14,15,16,17,18,19,20,
21,22,23,24,25,26
Participating Vlans: Default
Auto-bind Vlans: Default
Bridge Priority: 32768
BridgeID: 80:00:00:04:96:35:e5:f9
Designated root: 00:00:00:00:00:00:00:00
RootPathCost: 0 Root Port: ----
MaxAge: 0s HelloTime: 0s ForwardDelay: 0s
CfgBrMaxAge: 20s CfgBrHelloTime: 2s CfgBrForwardDelay: 15s
Topology Change Time: 35s Hold time: 1s
Topology Change Detected: FALSE Topology Change: FALSE
Number of Topology Changes: 0
Time Since Last Topology Change: 0s
You have the option of modifying domain “s0” to protect different combinations of ports and VLANs or you can create a new domain.
Example 3 shows how to create a new domain. User defined domain names have a maximum length of 32 characters.
Example 3: User Defined Spanning Tree Domain Configuration
* NJCore1.11 # create stpd s1
All Extreme Networks spanning tree domains, including domain “s0” and user defined domains use operational mode IEEE 802.1D by
default. Example 4 shows a user defined domain. Notice that the user defined domain is disabled with an operational mode of 802.1D.
Example 4: User Defined STPD s1 Default Configuration
* NJCore1.12 # show stpd s1
Stpd: s1 Stp: DISABLED Number of Ports: 0
Rapid Root Failover: Disabled
Operational Mode: 802.1D Default Binding Mode: EMISTP
802.1Q Tag: (none)
Ports: (none)
Participating Vlans: (none)
Auto-bind Vlans: (none)
Bridge Priority: 32768
BridgeID: 80:00:00:04:96:35:e5:f9
Designated root: 00:00:00:00:00:00:00:00
RootPathCost: 0 Root Port: ----
MaxAge: 0s HelloTime: 0s ForwardDelay: 0s
CfgBrMaxAge: 20s CfgBrHelloTime: 2s CfgBrForwardDelay: 15s
Topology Change Time: 35s Hold time: 1s
Topology Change Detected: FALSE Topology Change: FALSE
Number of Topology Changes: 0Time Since Last Topology Change: 0s
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 6/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 6
Each STPD instance has three possible modes of operation:
• IEEE 802.1D – Use the 802.1D (dot1d) operational mode for backward compatibility with previous STP versions and for
compatibility with third-party switches using IEEE standard 802.1D. When configured in this mode, all rapid configuration
mechanisms are disabled.
• IEEE 802.1w (Rapid Spanning Tree Protocol) – Use the 802.1w (dot1w) operational mode for compatibility with
RSTP. When configured in this mode, all rapid configuration mechanisms are enabled.
•
IEEE 802.1s (Multiple Instance Spanning Tree Protocol) – Use the MSTP (mstp) operational mode for compatibilitywith MSTP. MSTP is an extension of RSTP and offers the benefit of better scaling with fast convergence.
2.2. STP Domain Modes for Converged Networks
IP networks responsible for delivering real-time applications such as Voice-over-IP (VoIP) and video require fast convergence in
order to maintain quality audio and satisfactory picture quality. The legacy 802.1D mode of spanning tree takes about 30-60 seconds
to converge making it suboptimal for converged networks. If you are deploying spanning tree in a converged network environment
you should change your spanning tree domain to mode 802.1w (dot1w) or 802.1s (mstp) to ensure fast convergence when network
topology changes occur. Example 5 shows how to properly create and configure a user defined domain to operate in RSPT mode.
Example 5: User Defined RSTP Domain Configuration
* NJCore1.8 # create stpd s1* NJCore1.9 # cong stpd s1 mode dot1w
2.3. Encapsulation and Default-Encapsulation
The STPD encapsulation mode determines how the switch formats BPDU messages. The encapsulation mode and operational mode
for STPD are independent settings. The encapsulation may be modified on an individual port basis, or you can use the default-
encapsulation configured for the domain. The “s0” domain is preconfigured to use 802.1D as its default-encapsulation mode while
user defined domains automatically select Extreme Multiple Instance Spanning Tree Protocol (EMISTP) as their default-encapsulation
mode (See Example 6).
Example 6: Default-Encapsulation Modes for Spanning Tree Domains
* NJCore1.4 # show stpd s0
Stpd: s0 Stp: DISABLED Number of Ports: 26
Rapid Root Failover: Disabled
Operational Mode: 802.1D Default Binding Mode: 802.1D
* NJCore1.3 # show stpd s1
Stpd: s1 Stp: DISABLED Number of Ports: 0
Rapid Root Failover: Disabled
Operational Mode: 802.1W Default Binding Mode: EMISTP
Each port assigned to an STPD has three possible modes of BPDU encapsulation:
• IEEE 802.1D – Use the 802.1D (dot1d) encapsulation mode for backward compatibility with previous STP versions and
for compatibility with third-party switches using IEEE standard 802.1D. BPDUs are sent untagged in 802.1D mode. Thisencapsulation mode supports the following STPD modes of operation: 802.1D, 802.1w, and MSTP.
• Extreme Multiple Instance Spanning Tree Protocol (EMISTP) – Use the EMISTP (emistp) encapsulation mode
when connecting with Extreme Networks switches only. BPDUs for each STPD are sent with an 802.1Q tag in EMISTP
encapsulation mode. The STPDs running in this mode have a one-to-one relationship with VLANs and send and process
packets in EMISTP format. This encapsulation mode supports the following STPD modes of operation: 802.1D and
802.1w.
• Per VLAN Spanning Tree (PVST+) – Use the PVST+ (pvst-plus) encapsulation mode when connecting to third-party
switches running the PVST+ version of STP. BPDUs for each STPD are sent with an 802.1Q tag in PVST+ encapsulation mode.
The STPDs running in this mode have a one-to-one relationship with VLANs and send and process packets in PVST+ format.
This encapsulation mode supports the following STPD modes of operation: 802.1D and 802.1w.
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 7/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 7
You can manually specify how the BPDU should be formatted on a per port basis, but this requires that you append the encapsulation
mode at the end of the add VLAN and port command. Example 7 shows how a port can be added to the domain with a manually
specified BDPU encapsulation mode. Most administrators prefer to use the default-encapsulation to assign the BPDU format to a
switch port.
Example 7: Add VLAN and Port to Spanning Tree Domain with Encapsulation
* NJCore1.12 # cong stpd s1 add vlan data10 ports 1 dot1d
If most switch ports in a spanning tree domain are using the same port encapsulation mode it is easier to change the default-encapsulation
and assign the ports. Example 8 shows how a port can inherit the default-encapsulation mode configured for the spanning tree
domain by not appending the BPDU encapsulation at the end of an add VLAN and port command.
Example 8: Add VLAN and Port to Spanning Tree Domain with Default-Encapsulation
* NJCore1.14 # cong stpd s1 default-encapsulation dot1d
* NJCore1.15 # cong stpd s1 add vlan data10 ports 1
2.4. STPD Default-Encapsulation for Converged Networks
Most IP telephones have the ability to pass untagged BPDU messages across their internal switch fabrics. Unfortunately, manymanufacturers and models of IP telephones are also incapable of passing 802.1Q tagged BDPU messages across their internal switch
fabrics. This makes the EMISTP and PVST+ encapsulation modes suboptimal for converged network environments. If you are
deploying spanning tree in a converged network environment you should change your spanning tree domain default-encapsulation
mode to 802.1D (dot1d) so that the IEEE standard untagged BPDU message format is used. Example 9 shows how a user defined
spanning tree domain can be configured to properly support RSTP in a converged network. This configuration will allow the
Extreme Networks switch to detect and prevent loops across an IP telephone’s internal switch fabric. The STPD mode 802.1w
(dot1w) and default-encapsulation 802.1D (dot1d) are the preferred setting for interoperating with third-party IEEE bridges and
for preventing looped IP telephone scenarios.
Example 9: User Defined RSTP Domain with 802.1D Encapsulation Mode Configuration
* NJCore1.8 # create stpd s1
* NJCore1.9 # cong stpd s1 mode dot1w
* NJCore1.19 # cong stpd s1 default-encapsulation dot1d
* NJCore1.20 # enable stpd s1
2.5. Participating Ports and VLANs
Once you have selected a STPD domain, operational mode and default-encapsulation mode for a converged network environment
you will need to add ports and VLANs that are to be protected. The ordering by which you add ports and VLANs is very important
when using 802.1D (dot1d) default-encapsulation.
Example 10: Adding Port and Untagged VLAN to RSTP Configuration
* NJCore1.5 # create vlan data10
* NJCore1.6 # cong vlan data10 tag 10
* NJCore1.7 # cong vlan data10 add ports 1
* NJCore1.8 # create stpd s1
* NJCore1.9 # cong stpd s1 mode dot1w
* NJCore1.10 # cong stpd s1 default-encapsulation dot1d
* NJCore1.11 # enable stpd s1
* NJCore1.12 # cong stpd s1 add vlan data10 ports 1
Example 10 shows port 1 and untagged “data10” VLAN being added to spanning tree domain “s1”. Example 11 shows port 1 and
untagged “data10” VLAN are participating in the domain.
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 8/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 8
Example 11: Spanning Tree Domain with Port and Untagged Participating VLAN Added
* NJCore1.14 # show stpd s1
Stpd: s1 Stp: ENABLED Number of Ports: 1
Rapid Root Failover: Disabled
Operational Mode: 802.1W Default Binding Mode: 802.1D
802.1Q Tag: (none)
Ports: 1
Participating Vlans: data10
Auto-bind Vlans: (none)
Bridge Priority: 32768
BridgeID: 80:00:00:04:96:35:e5:f9
Designated root: 80:00:00:04:96:35:e5:f9
RootPathCost: 0 Root Port: ----
MaxAge: 20s HelloTime: 2s ForwardDelay: 15s
CfgBrMaxAge: 20s CfgBrHelloTime: 2s CfgBrForwardDelay: 15s
Topology Change Time: 35s Hold time: 1s
Topology Change Detected: FALSE Topology Change: FALSE
Number of Topology Changes: 1
Time Since Last Topology Change: 260s
If you attempt to add a port and tagged VLAN to the spanning tree domain before you have added the port and its untagged VLAN,
you will receive an error in the command prompt. The ports untagged VLAN must be added first, because the 802.1w domain requires
an untagged VLAN in order to transmit and receive BPDUs. If you attempt to bind a port and tagged VLAN before you have bound
the ports untagged VLAN, the domain will have no way of transmitting or receiving BPDU messages, which is why you see an error
condition in Example 12.
Example 12: Error Adding Port and Tagged VLAN Only to RSTP Configuration
* NJCore1.5 # create vlan voice11
* NJCore1.6 # cong vlan voice11 tag 11
* NJCore1.7 # cong vlan voice11 add ports 1 tagged
* NJCore1.8 # create stpd s1* NJCore1.9 # cong stpd s1 mode dot1w
* NJCore1.10 # cong stpd s1 default-encapsulation dot1d
* NJCore1.11 # enable stpd s1
* NJCore1.12 # cong stpd s1 add vlan voice11 ports 1
Error: Cannot add VLAN voice11 port 1 to STP domain s1
When you add untagged and tagged VLANs in the incorrect order, an error may occur and VLANs will fail to be added to the domain.
You must add ports and untagged VLANs to the domain first.
2.6. Adding Ports and VLANs in Converged Networks
In a converged network environment you want to avoid loops on both the data and voice VLANs, therefore, both must be added to
the RSTP domain for protection. As per the previous section, you must always add ports and untagged VLANs to the RSTP domain,before you add ports and its tagged VLANs. This is necessary because the dot1d encapsulation requires an untagged VLAN in order
transmit and receive untagged BPDU messages.
When adding ports to an RSTP domain, you must follow this approach:
• First, add each port and its untagged VLAN to the RSTP domain
• Second, add each port and its tagged VLANs to the RSTP domain
Example 13 shows the proper order for adding untagged and tagged VLANs to an RSTP domain in a converged network environment.
The data10 VLAN was previously added to port 1 as untagged and the voice11 VLAN was previously added to port 1 as tagged.
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 9/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 9
Example 13: Adding Untagged and Tagged VLANs to an STPD in a Converged Network
* NJCore1.12 # cong stpd s1 add vlan data10 ports 1 # must add untagged 1st
* NJCore1.13 # cong stpd s1 add vlan voice11 ports 1 # must add tagged 2nd
Note: If you remove the port and untagged VLAN from the RSTP domain and you are using dot1d encapsulation, the tagged VLANs
will also be removed from the domain.
Example 14: Port Data and Voice VLANs Participating in STP Domain s1
* X450a-24t.16 # show stpd s1
Stpd: s1 Stp: ENABLED Number of Ports: 1
Rapid Root Failover: Disabled
Operational Mode: 802.1W Default Binding Mode: 802.1D
802.1Q Tag: (none)
Ports: 1
Participating Vlans: data10,voice11
Auto-bind Vlans: (none)
Bridge Priority: 32768
BridgeID: 80:00:00:04:96:35:e5:f9
Designated root: 80:00:00:04:96:35:e5:f9
RootPathCost: 0 Root Port: ----
MaxAge: 20s HelloTime: 2s ForwardDelay: 15s
CfgBrMaxAge: 20s CfgBrHelloTime: 2s CfgBrForwardDelay: 15s
Topology Change Time: 35s Hold time: 1s
Topology Change Detected: FALSE Topology Change: FALSE
Number of Topology Changes: 1
Time Since Last Topology Change: 350s
2.7. Link-Type and Converged Networks
The STPD port link-type is a very important parameter that should be configured in any converged network environment. The
link-type effects whether or not the port Forwarding Database (FDB) table will be flushed during a topology change. The link-type
also controls how quickly a port will transition to the forwarding state and it determines whether or not the port transmits and
receives BPDU messages to participate in the spanning tree topology. Failure to configure port link-types can result in undesired
behavior such as inadvertent FDB flushing and longer convergence times when a topology change occurs. In order to minimize FDB
flushing and speed up convergence there are two link-type combinations that should be applied in a converged network environment:
• Point-to-Point – Use link type point-to-point on all switch-to-switch links within the environment. If the switch-to-
switch connection is a Link Aggregation Group, configure the master port as link-type point-to-point.
• Edge with Edge-Safeguard – Use link type edge with edge-safeguard enable on any edge ports connected to hosts that
are participating in spanning tree, such as PC workstations, printers, IP telephones.
If you plan on implementing RSTP on application server and IP PBX ports you should use Edge with Edge-Safeguard. Most enterprises
leave RSTP disabled for ports connected to these services to avoid any effects of STP flapping. If you use auto-bind in the core the PBX
and application server ports will automatically be added to the domain so remember to configure your link-types properly in this type ofarrangement. Example 15 shows how to configure port link-types for a switch-to-switch port 24 and edge port 1.
Example 15: Port Link-Type Configuration for STP Domain s1
* NJCore1.14 # cong stpd s1 port link-type point-to-point 24
* NJCore1.15 # cong stpd s1 port link-type edge 1 edge-safeguard enable
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 10/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 10
2.8. Bridge Priority
The STPD bridge priority value determines whether or not the Extreme Networks switch will operate as a root bridge. The bridge
with the lowest priority is elected as the root bridge for the domain. Generally, you will only modify the priority on a switch that you
want to force to be the root bridge (typically a core switch) and you sometimes modify a second switch that you want to force to be
the backup root bridge (typically a backup core switch). The default STPD priority for all Extreme Networks switches is 32768. The
bridge priority can be modified in increments of 4096 from 0 to 61440. Assuming no tie conditions, the bridge with the lowest priority is
elected as the root bridge and the bridge with the second lowest bridge priority would act as the backup root bridge. When there is a
tie and two or more bridges have equal priority, the bridge with the lowest MAC address becomes the root bridge and the bridgewith the second lowest MAC address will essentially be the backup root bridge
Example 16: Bridge Priority Configuration for STP Domain s1
* NJCore1.27 # cong stpd s1 priority 4096
2.9. Auto-bind
The auto-bind feature allows the domain to automatically add and remove ports and VLANs to the STPD domain using the default-
encapsulation. You should only use auto-bind for VLANs that are to be protected by spanning tree. The auto-bind feature makes STP
modifications to the switch less error prone, because the switch will automatically adjust the STP bindings according to how the switch
VLANs and port are configured.
3. Sample RSTP Configurations
3.1. Single Core Switch Configuration
Figure 4 show a basic RSTP configuration. There is a single Summit® X450a-24t switch “CORE1” that is the Layer 3 switch and
Spanning Tree Root Bridge. There are two IDF closets. The “IDF1” closet has two stacked Summit X250e-24p switches that are link
aggregated back to the core. The “IDF2” closet has a single Summit X150-24p switch that is link aggregated back to the core. The
STP was intentionally disabled for all IP PBX and application server facing ports on “CORE1”. The untagged “data10” VLAN is used to
transmit and receive BPDUs and both the untagged “data10” and tagged “voice11” VLANs are protected by spanning tree.
5364-01
“IP PBX”10.1.1.10/24
“DHCPSVR”10.1.1.254/24
10/3
100-Full
“IDF1” “IDF2”1:25 2:25
“NJCore1”1
21 22 23
2526
24
2
AvayaG700
STPD “sO” mode “dot1w”Default Encapsulation “dot1d”Bridge Priority 4096Ports 21,23 P2PUntagged Participating VLAN “data10”Tagged Participating VLAN “voice11”
STPD “sO” mode “dot1w”Default Encapsulation “dot1d”Ports 1:1-1:24,2:1-2:24 type Edge w/Edge-SafeguardPorts 1:25 P2PUntagged Participating VLAN “data10”Tagged Participating VLAN “voice11”
STPD “sO” mode “dot1w”Default Encapsulation “dot1d”Ports 1-24 type Edge w/Edge-SafeguardPorts 25 type P2PUntagged Participating VLAN “data10”Tagged Participating VLAN “voice11”
L A GL A G
Figure 4: Single Core RSTP Configuration
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 11/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 11
3.1.1. “NJCore1” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
cong snmp sysname NJCore1
# Congure Link Aggregation Groups
enable sharing 21 grouping 21-22 lacp
enable sharing 23 grouping 23-24 lacp
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 21,23 untagged
cong vlan data10 ipaddress 192.168.10.1/24
enable ipforwarding data10
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 21,23 tagged
cong vlan voice11 ipaddress 192.168.11.1/24
enable ipforwarding voice11
create vlan server100
cong vlan server100 tag 100cong vlan server100 add ports 1-2 untagged
cong port 1 auto off speed 100 duplex full
cong vlan server100 ipaddress 10.1.1.1/24
enable ipforwarding server100
# Congure DHCP Relay function
cong bootprelay add 10.1.1.254
enable bootprelay
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all
# Dene and enable a custom RSTP domain for the root bridge
create stpd s1
cong stpd s1 mode dot1w
cong stpd s1 default-encapsulation dot1d
cong stpd s1 priority 4096
enable stpd s1
# Manually add sports, untagged and tagged participant VLANs to spanning tree
cong stpd s1 add data10 ports 21,23
cong stpd s1 add voice11 ports 21,23
# Tune participant port link-types for fastest transition to forwarding
cong stpd s1 ports link-type point-to-point 21,23
# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 12/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 12
3.1.2. “IDF1” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
cong snmp sysname IDF1
# Congure Link Aggregation Groups
enable sharing 1:25 grouping 1:25,2:25 lacp
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 1:1-25,2:1-24 untagged
cong vlan data10 ipaddress 192.168.10.2/24
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 1:1-25,2:1-24 tagged
cong iproute add default 192.168.10.1
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all# Dene and enable a custom RSTP domain
create stpd s1
cong stpd s1 mode dot1w
cong stpd s1 default-encapsulation dot1d
enable stpd s1
# Autobind the ports, untagged and tagged participant VLANs to spanning tree
enable stpd s1 auto-bind data10
enable stpd s1 auto-bind voice11
# Tune participant port link-types for fastest transition to forwarding state
cong stpd s1 ports link-type point-to-point 1:25
cong stpd s1 ports link-type edge 1:1-24,2:1-24 edge-safeguard enable
# Congure static LLDP-MED for phone provisioning on edge ports
enable lldp ports 1:1-24,2:1-24
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic avaya-extreme call-server 10.1.1.10
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic avaya-extreme le-server 10.1.1.254
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic avaya-extreme dot1q-framing tagged
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic dot1 vlan-name
# Disable EDP on edge ports
disable edp ports all
enable edp ports 1:25
# Congure ood rate limiting on edge ports. This control excessive ooding
# on the network edge, which can be harmful to host and IP Phone CPU processing
cong ports 1:1-24,2:1-24 rate-limit ood broadcast 500
cong ports 1:1-24,2:1-24 rate-limit ood multicast 500
cong ports 1:1-24,2:1-24 rate-limit ood unknown-destmac 500# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 13/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 13
3.1.3. “IDF2” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
cong snmp sysname IDF2
# Congure Link Aggregation Groups
enable sharing 25 grouping 25,26 lacp
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 1-25 untagged
cong vlan data10 ipaddress 192.168.10.3/24
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 1-25 tagged
cong iproute add default 192.168.10.1
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all# Dene and enable a custom RSTP domain
create stpd s1
cong stpd s1 mode dot1w
cong stpd s1 default-encapsulation dot1d
enable stpd s1
# Autobind the ports, untagged and tagged participant VLANs to spanning tree
enable stpd s1 auto-bind data10
enable stpd s1 auto-bind voice11
# Tune participant port link-types for fastest transition to forwarding state
cong stpd s1 ports link-type point-to-point 25
cong stpd s1 ports link-type edge 1-24 edge-safeguard enable
# Congure static LLDP-MED for phone provisioning on edge ports
enable lldp ports 1-24
cong lldp ports 1-24 advertise vendor-specic avaya-extreme call-server 10.1.1.10
cong lldp ports 1-24 advertise vendor-specic avaya-extreme le-server 10.1.1.254
cong lldp ports 1-24 advertise vendor-specic avaya-extreme dot1q-framing tagged
cong lldp ports 1-24 advertise vendor-specic dot1 vlan-name
# Disable EDP on edge ports
disable edp ports all
enable edp ports 25
# Congure ood rate limiting on edge ports. This control excessive ooding
# on the network edge, which can be harmful to host and IP Phone CPU processing
cong ports 1-24 rate-limit ood broadcast 500
cong ports 1-24 rate-limit ood multicast 500
cong ports 1-24 rate-limit ood unknown-destmac 500# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 14/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 14
3.2. Dual Aggregation Switch
This is an advanced RSTP configuration (Figure 5). There are dual Summit X450a-24t switches at the core. The “NJAgg1” switch is
the VRRP Master that is providing the Layer 3 routing and Spanning Tree Root Bridge functions. The “NJAgg2” switch is the VRRP
Backup and backup Root Bridge. There are two IDF closets. The “IDF1” closet has two stacked Summit X250e-24p switches that
are single connected back to each core switch. The “IDF2” closet has a single Summit X150-24p switch that is single connected back
to each core switch. Spanning Tree Protocol was intentionally disabled for all IP PBX and application server facing ports on “NJAgg1”
and “NJAgg2”. The untagged “data10” VLAN is used to transmit and receive BPDUs. Both the “data10” and “voice11” VLANs have
been protected against loops.
5365-01
“NJAgg1”
1:25
23
2:26
24 23 24
2625
21 21
“IDF1”
STPD “sO” mode “dot1w”
Default Encapsulation “dot1d”
Bridge Priority 4096
Ports 21,23,24 type P2P
Untagged Participating VLAN “data10”
Tagged Participating VLAN “voice11”
VRRP “Master”
“NJAgg2”
STPD “sO” mode “dot1w”
Default Encapsulation “dot1d”
Bridge Priority 8192
Ports 21,23,24 type P2P
Untagged Participating VLAN “data10”
Tagged Participating VLAN “voice11”
VRRP “Backup”
STPD “sO” mode “dot1w”
Default Encapsulation “dot1d”
Ports 1:1-1:24,2:1-2:24 type Edge with Safeguard
Ports 1:25,2:26 P2P
Untagged Participating VLAN “data10”
Tagged Participating VLAN “voice11”
“IDF2”
STPD “sO” mode “dot1w”
Default Encapsulation “dot1d”
Ports 1-24 type Edge with Safeguard
Ports 25,26 type P2P
Untagged Participating VLAN “data10”
Tagged Participating VLAN “voice11”
Figure 5: Dual Aggregation Switch RSTP Configuration
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 15/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 15
3.2.1. “NJAgg1” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
disable stpd s0 auto-bind default
cong snmp sysname NJAgg1
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 21,23,24 untagged
cong vlan data10 ipaddress 192.168.10.1/24
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 21,23,24 tagged
cong vlan voice11 ipaddress 192.168.11.1/24
create vlan server100
cong vlan server100 tag 100
cong vlan server100 add ports 1-2 untagged
cong port 1 auto off speed 100 duplex full
cong vlan server100 ipaddress 10.1.1.1/24
enable ipforwarding# Congure Virtual Router Redundancy Protocol – Master Switch
# You can use the same or different vrid’s for each VLAN
create vrrp data10 vrid 1
cong vrrp data10 vrid 1 priority 255
cong vrrp data10 vrid 1 add 192.168.10.1
create vrrp voice11 vrid 2
cong vrrp voice11 vrid 2 priority 255
cong vrrp voice11 vrid 2 add 192.168.11.1
create vrrp server100 vrid 3
cong vrrp server100 vrid 3 priority 255
cong vrrp server100 vrid 3 add 10.1.1.1
enable vrrp
# Congure DHCP Relay function
cong bootprelay add 10.1.1.254
enable bootprelay
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all
# Use domain s0 for the root bridge
cong stpd s0 mode dot1w
cong stpd s0 default-encapsulation dot1d
cong stpd s0 priority 4096
enable stpd s0# Manually add ports, untagged and tagged participant VLANs to spanning tree
cong stpd s0 add data10 ports 21,23,24
cong stpd s0 add voice11 ports 21,23,24
# Tune participant port link-types for fastest transition to forwarding
cong stpd s0 ports link-type point-to-point 21,23,24
# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 16/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 16
3.2.2. “NJAgg2” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
disable stpd s0 auto-bind default
cong snmp sysname NJAgg2
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 21,23,24 untagged
cong vlan data10 ipaddress 192.168.10.254/24
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 21,23,24 tagged
cong vlan voice11 ipaddress 192.168.11.254/24
create vlan server100
cong vlan server100 tag 100
cong vlan server100 add ports 1-2 untagged
cong port 1 auto off speed 100 duplex full
cong vlan server100 ipaddress 10.1.1.254/24
enable ipforwarding# Congure Virtual Router Redundancy Protocol – Master Switch
# You can use the same or different vrid’s for each VLAN
create vrrp data10 vrid 1
cong vrrp data10 vrid 1 priority 100
cong vrrp data10 vrid 1 add 192.168.10.1
create vrrp voice11 vrid 2
cong vrrp voice11 vrid 2 priority 100
cong vrrp voice11 vrid 2 add 192.168.11.1
create vrrp server100 vrid 3
cong vrrp server100 vrid 3 priority 100
cong vrrp server100 vrid 3 add 10.1.1.1
enable vrrp
# Congure DHCP Relay function
cong bootprelay add 10.1.1.254
enable bootprelay
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all
# Use domain s0 for the root bridge
cong stpd s0 mode dot1w
cong stpd s0 default-encapsulation dot1d
cong stpd s0 priority 8192
enable stpd s0# Manually add ports, untagged and tagged participant VLANs to spanning tree
cong stpd s0 add data10 ports 21,23,24
cong stpd s0 add voice11 ports 21,23,24
# Tune participant port link-types for fastest transition to forwarding
cong stpd s0 ports link-type point-to-point 21,23,24
# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 17/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 17
3.2.3. “IDF1” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
disable stpd s0 auto-bind default
cong snmp sysname IDF1
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 1:1-25,2:1-24,2:26 untagged
cong vlan data10 ipaddress 192.168.10.2/24
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 1:1-25,2:1-24,2:26 tagged
cong iproute add default 192.168.10.1
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all
# Congure and use domain s0 for RSTPcong stpd s0 mode dot1w
cong stpd s0 default-encapsulation dot1d
enable stpd s0
# Autobind the ports, untagged and tagged participant VLANs to spanning tree
enable stpd s0 auto-bind data10
enable stpd s0 auto-bind voice11
# Tune participant port link-types for fastest transition to forwarding state
cong stpd s0 ports link-type point-to-point 1:25,2:26
cong stpd s0 ports link-type edge 1:1-24,2:1-24 edge-safeguard enable
# Congure static LLDP-MED for phone provisioning on edge ports
enable lldp ports 1:1-24,2:1-24
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic avaya-extreme call-server 10.1.1.10
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic avaya-extreme le-server 10.1.1.254
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic avaya-extreme dot1q-framing tagged
cong lldp ports 1:1-24,2:1-24 advertise vendor-specic dot1 vlan-name
# Disable EDP on edge ports
disable edp ports all
enable edp ports 1:25,2:26
# Congure ood rate limiting on edge ports. This control excessive ooding
# on the network edge, which can be harmful to host and IP Phone CPU processing
cong ports 1:1-24,2:1-24 rate-limit ood broadcast 500
cong ports 1:1-24,2:1-24 rate-limit ood multicast 500
cong ports 1:1-24,2:1-24 rate-limit ood unknown-destmac 500
# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 18/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 18
3.2.4. “IDF2” Switch Configuration
# Remove the default VLAN from all ports and name the switch
cong vlan default delete ports all
disable stpd s0 auto-bind default
cong snmp sysname IDF2
# Dene VLANs, assign ports, IP addresses and enable forwarding
create vlan data10
cong vlan data10 tag 10
cong vlan data10 add ports 1-26 untagged
cong vlan data10 ipaddress 192.168.10.3/24
create vlan voice11
cong vlan voice11 tag 11
cong vlan voice11 add ports 1-26 tagged
cong iproute add default 192.168.10.1
# Congure Layer 3 based Quality of Service for VoIP
create qosprole qp6
cong diffserv examination code-point 46 qp6
enable diffserv examination ports all
disable dot1p examination ports all
# Congure and use domain s0 for RSTPcong stpd s0 mode dot1w
cong stpd s0 default-encapsulation dot1d
enable stpd s0
# Autobind the ports, untagged and tagged participant VLANs to spanning tree
enable stpd s0 auto-bind data10
enable stpd s0 auto-bind voice11
# Tune participant port link-types for fastest transition to forwarding state
cong stpd s0 ports link-type point-to-point 25,26
cong stpd s0 ports link-type edge 1-24 edge-safeguard enable
# Congure static LLDP-MED for phone provisioning on edge ports
enable lldp ports 1-24
cong lldp ports 1-24 advertise vendor-specic avaya-extreme call-server 10.1.1.10
cong lldp ports 1-24 advertise vendor-specic avaya-extreme le-server 10.1.1.254
cong lldp ports 1-24 advertise vendor-specic avaya-extreme dot1q-framing tagged
cong lldp ports 1-24 advertise vendor-specic dot1 vlan-name
# Disable EDP on edge ports
disable edp ports all
enable edp ports 25,26
# Congure ood rate limiting on edge ports. This control excessive ooding
# on the network edge, which can be harmful to host and IP Phone CPU processing
cong ports 1-24 rate-limit ood broadcast 500
cong ports 1-24 rate-limit ood multicast 500
cong ports 1-24 rate-limit ood unknown-destmac 500
# Turn on CPU DoS protection
enable dos-protect
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 19/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 19
4. Verification Steps for Sample Configurations
4.1. Single Core Switch Configuration
Introduce all eight loop scenarios and verify that the Extreme Networks switch correctly enters the BLOCKING state on looped ports.
Also check that the ports go into the DISABLED state when an adjacent looped device is attached.
5366-01
“IPPBX”10.1.1.10/24
“DHCPSVR”10.1.1.254/24
10/3
100-Full
“NJCore1”1
21 22 23 24
2
AvayaG700
L A GL A G
1:251:3
Self
Loop #1
Self
Loop #2
2:26 2625“IDF1” “IDF2” 3 4
1:1 1:2 1:5
1
1:6 1:7
2
Data andPower
DataOnly
Data andPower
DataOnly
Adjacent LoopedDevice #1
Looped IPTelephone
#1
L2 Switch
Hub
1 2 5
1
6 7
2
Switch-to-SwitchLoop #2
Switch-to-SwitchLoop #1
Adjacent LoopedDevice #2
Looped IPTelephone
#2
L2 Switch
Hub
Figure 6: Single Core Switch Configuration
4.1.1. Verify “IDF1” Switch Configuration
Introduce several Layer 2 loops into the IDF1 configuration and verify Spanning Tree Protocol resolution. Connect IDF1 switch ports as
follows:
• Connect IP Telephone #1 Power+Data Port to IDF1 Port 1:1
• Connect IP Telephone #1 Data Port to IDF1 Port 1:2
• Connect between IDF1 Port 1:3 to IFD1 Port 1:4
• Connect IDF1 Port 1:5 to Netgear Switch Port 1
• Connect IDF1 Port 1:6 to Netgear Switch Port 2
• Connect looped hub to IDF1 Port 1:7
Whenever a loop is introduced the lowest port number in the loop will remain in the FORWARDING state and the highest port number
in the loop will enter the BLOCKING state. If an adjacent looped device is attached the edge-safeguard feature will place the port in the
DISABLED state by software disabling it. The administrator must manually re-enable the downed port in software after the adjacent
looped device has been removed. Example 17 shows the results from the IDF1 switch. You should expect similar results in your own
configuration.
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 20/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 20
Example 17: IFD1 Switch with Loops Configured
Slot-1 IDF1.2 # show stpd s1 ports 1:1-3,1:5-7,2:3
Port Mode State Cost Flags Priority Port ID Designated Bridge
1:1 802.1D FORWARDING 200000 eDeepw-S-- 128 8001 80:00:02:04:96:34:4f:65
1:2 802.1D BLOCKING 200000 eBeeaw-S-- 128 8002 80:00:02:04:96:34:4f:65
1:3 802.1D FORWARDING 200000 eDeepw-S-- 128 8003 80:00:02:04:96:34:4f:65
1:5 802.1D FORWARDING 200000 eDeepw-S-- 128 8005 80:00:02:04:96:34:4f:65
1:6 802.1D BLOCKING 200000 eBeeaw-S-- 128 8006 80:00:02:04:96:34:4f:65
1:7 802.1D DISABLED 200000 e?ee-w-S-- 128 8007 00:00:00:00:00:00:00:00
2:3 802.1D BLOCKING 200000 eBeeaw-S-- 128 8083 80:00:02:04:96:34:4f:65
Total Ports: 7
------------------------- Flags: ----------------------------
1: e=Enable, d=Disable
2: (Port role) R=Root, D=Designated, A=Alternate, B=Backup, M=Master
3: (Cong type) b=broadcast, p=point-to-point, e=edge, a=auto
4: (Oper. type) b=broadcast, p=point-to-point, e=edge
5: p=proposing, a=agree
6: (partner mode) d = 802.1d, w = 802.1w, m = mstp
7: i = edgeport inconsistency
8: S = edgeport safe guard active
s = edgeport safe guard congured but inactive
9: B = Boundary, I = Internal
10: r = Restricted Role
4.1.2. Verify “IDF2” Switch Configuration
Introduce several Layer 2 loops into the IDF2 configuration and verify Spanning Tree Protocol resolution. Connect IDF2 switch ports as
follows:
• Connect IP Telephone #1 Power+Data Port to IDF2 Port 1
• Connect IP Telephone #1 Data Port to IDF2 Port 2
• Connect between IDF2 Port 3 to IFD2 Port 4
• Connect IDF2 Port 5 to Netgear Switch Port 1
• Connect IDF2 Port 6 to Netgear Switch Port 2
• Connect looped hub to IDF2 Port 7
You should expect similar results in your own configuration.
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 21/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 21
Example 18: IFD2 Switch with Loops Configured
IDF2.37 # show stpd s1 ports 1-7
Port Mode State Cost Flags Priority Port ID Designated Bridge
1 802.1D FORWARDING 200000 eDeepw-S-- 128 8001 80:00:00:04:96:27:fd:1d
2 802.1D BLOCKING 200000 eBeeaw-S-- 128 8002 80:00:00:04:96:27:fd:1d
3 802.1D FORWARDING 200000 eDeepw-S-- 128 8003 80:00:00:04:96:27:fd:1d
4 802.1D BLOCKING 200000 eBeeaw-S-- 128 8004 80:00:00:04:96:27:fd:1d
5 802.1D FORWARDING 200000 eDeepw-S-- 128 8005 80:00:00:04:96:27:fd:1d
6 802.1D BLOCKING 200000 eBeeaw-S-- 128 8006 80:00:00:04:96:27:fd:1d
7 802.1D DISABLED 200000 e?ee-w-S-- 128 8007 00:00:00:00:00:00:00:00
Total Ports: 7
------------------------- Flags: ----------------------------
1: e=Enable, d=Disable
2: (Port role) R=Root, D=Designated, A=Alternate, B=Backup, M=Master
3: (Cong type) b=broadcast, p=point-to-point, e=edge, a=auto
4: (Oper. type) b=broadcast, p=point-to-point, e=edge
5: p=proposing, a=agree
6: (partner mode) d = 802.1d, w = 802.1w, m = mstp
7: i = edgeport inconsistency
8: S = edgeport safe guard active
s = edgeport safe guard congured but inactive
9: B = Boundary, I = Internal
10: r = Restricted Role
4.2. Dual Aggregation Switch Configuration
Introduce all eight loop scenarios and verify that the Extreme Networks switch correctly enters into the BLOCKING state on looped
ports. Also check that the ports go into the DISABLED state when an adjacent looped device is attached.
“NJAgg1”
23 24 23 24
21 21
“NJAgg2”
5367-01
1:251:3
Self Loop #1
Self Loop #2
2:26 2625“IDF1” “IDF2” 3 4
1:1 1:2 1:5
1
1:6 1:7
2
Switch-to-SwitchLoop #1
Adjacent LoopedDevice #1
Looped IPTelephone
#1
L2 Switch
Hub
1 2 5
1
6 7
2
Switch-to-SwitchLoop #2
Adjacent LoopedDevice #2
Looped IPTelephone
#2
L2 Switch
Hub
Figure 7: Dual Aggregation Switch Configuration
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 22/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 22
4.2.1. Verify “IDF1” Switch Configuration
Introduce several Layer 2 loops into the IDF1 configuration and verify Spanning Tree Protocol resolution. Connect IDF1 switch ports as
follows:
• Connect IP Telephone #1 Power+Data Port to IDF1 Port 1:1
• Connect IP Telephone #1 Data Port to IDF1 Port 1:2
• Connect between IDF1 Port 1:3 to IFD1 Port 1:4
• Connect IDF1 Port 1:5 to Netgear Switch Port 1
• Connect IDF1 Port 1:6 to Netgear Switch Port 2
• Connect looped hub to IDF1 Port 1:7
Whenever a loop is introduced the lowest port number in the loop will remain in the FORWARDING state and the highest port number
in the loop will enter the BLOCKING state. If an adjacent looped device is attached the edge-safeguard feature will place the port in the
DISABLED state by software disabling it. The administrator must manually re-enable the downed port-in-software after the adjacent
looped device has been removed. Example IDF shows the results from the IDF1 switch. You should expect similar results in your own
configuration.
Example 19: IFD1 Switch with Loops Configured
* Slot-1 IDF1.31 # show stpd s0 ports 1:1-3,1:5-7,2:3,1:25,2:26
Port Mode State Cost Flags Priority Port ID Designated Bridge
1:1 802.1D FORWARDING 200000 eDeepw-S-- 128 8001 80:00:02:04:96:34:4f:65
1:2 802.1D BLOCKING 200000 eBeeaw-S-- 128 8002 80:00:02:04:96:34:4f:65
1:3 802.1D FORWARDING 200000 eDee-w-S-- 128 8003 80:00:02:04:96:34:4f:65
1:5 802.1D FORWARDING 200000 eDeepw-S-- 128 8005 80:00:02:04:96:34:4f:65
1:6 802.1D BLOCKING 200000 eBeeaw-S-- 128 8006 80:00:02:04:96:34:4f:65
1:7 802.1D DISABLED 200000 e?ee-w-S-- 128 8007 00:00:00:00:00:00:00:00
1:25 802.1D FORWARDING 20000 eRppaw---- 128 8019 10:00:00:04:96:35:e5:f9
2:3 802.1D BLOCKING 200000 eBeeaw-S-- 128 8083 80:00:02:04:96:34:4f:65
2:26 802.1D BLOCKING 20000 eAppaw---- 128 809a 20:00:00:04:96:27:c5:49
Total Ports: 9
------------------------- Flags: ----------------------------
1: e=Enable, d=Disable
2: (Port role) R=Root, D=Designated, A=Alternate, B=Backup, M=Master
3: (Cong type) b=broadcast, p=point-to-point, e=edge, a=auto
4: (Oper. type) b=broadcast, p=point-to-point, e=edge
5: p=proposing, a=agree
6: (partner mode) d = 802.1d, w = 802.1w, m = mstp
7: i = edgeport inconsistency
8: S = edgeport safe guard active
s = edgeport safe guard congured but inactive
9: B = Boundary, I = Internal10: r = Restricted Role
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 23/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 23
4.2.2. Verify “IDF2” Switch Configuration
Introduce several Layer 2 loops into the IDF2 configuration and verify Spanning Tree Protocol resolution. Connect IDF2 switch ports as
follows:
• Connect IP Telephone #1 Power+Data Port to IDF2 Port 1
• Connect IP Telephone #1 Data Port to IDF2 Port 2
• Connect between IDF2 Port 3 to IFD2 Port 4
• Connect IDF2 Port 5 to Netgear Switch Port 1
• Connect IDF2 Port 6 to Netgear Switch Port 2
• Connect looped hub to IDF2 Port 7
You should expect similar results in your own configuration.
Example 20: IFD2 Switch with Loops Configured
* Slot-1 IDF1.32 # show stpd s0 ports 1-7,25,26
Port Mode State Cost Flags Priority Port ID Designated Bridge
1 802.1D FORWARDING 200000 eDee-w-S-- 128 8001 80:00:00:04:96:27:fd:1d
2 802.1D BLOCKING 200000 eBeeaw-S-- 128 8002 80:00:00:04:96:27:fd:1d
3 802.1D FORWARDING 200000 eDee-w-S-- 128 8003 80:00:00:04:96:27:fd:1d
4 802.1D BLOCKING 200000 eBeeaw-S-- 128 8004 80:00:00:04:96:27:fd:1d
5 802.1D FORWARDING 200000 eDeepw-S-- 128 8005 80:00:00:04:96:27:fd:1d
6 802.1D BLOCKING 200000 eBeeaw-S-- 128 8006 80:00:00:04:96:27:fd:1d
7 802.1D DISABLED 200000 e?ee-w-S-- 128 8007 00:00:00:00:00:00:00:00
25 802.1D FORWARDING 20000 eRppaw---- 128 8019 10:00:00:04:96:35:e5:f9
26 802.1D BLOCKING 20000 eAppaw---- 128 801a 20:00:00:04:96:27:c5:49
Total Ports: 9
------------------------- Flags: ----------------------------
1: e=Enable, d=Disable
2: (Port role) R=Root, D=Designated, A=Alternate, B=Backup, M=Master3: (Cong type) b=broadcast, p=point-to-point, e=edge, a=auto
4: (Oper. type) b=broadcast, p=point-to-point, e=edge
5: p=proposing, a=agree
6: (partner mode) d = 802.1d, w = 802.1w, m = mstp
7: i = edgeport inconsistency
8: S = edgeport safe guard active
s = edgeport safe guard congured but inactive
9: B = Boundary, I = Internal
10: r = Restricted Role
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 24/25
Extreme Networks Application Note
© 2009 Extreme Networks, Inc. All rights reserved. RSTP Deployment Guidelines Application Note—Page 24
5. Basic RSTP Deployment Checklist
P Select a STPD domain (Either use “s0” or create a new one, e.g. “s1”)
P Configure STPD mode dot1w
P Configure STPD default-encapsulation dot1d
P If the bridge is root, configure STPD priority to 4096
PIf the bridge is backup root, configure STPD priority to 8192 (VRRP arrangement)
P Enable the selected STPD domain
P (Optionally) Auto-bind VLANs to the STPD domain
P If no auto-bind, add ports and untagged VLANs to the STPD domain first
P If no auto-bind, add ports and tagged VLANs to the STPD domain second
P Configure STPD port link-type point-to-point on switch-to-switch links
P Configure STPD port link-type edge with edge-safeguard enabled on user facing ports
6. Conclusion
The sample configurations and recommendations described in this Application Note can be generalized for most customerconfigurations. The behavior of some features shown, such as edge-safeguard, will operate slightly different in pre-12.x software
releases. Layer 2 loops can occur in converged networks, even with STP enabled. By default, Extreme Networks switches have
spanning tree disabled. These deployment guidelines explain how to enable RSTP in order to eliminate the majority of Layer 2
loop conditions that end users may accidentally introduce. The three sample configurations represent field proven cases that can
be leveraged to help provide loop-free operation at the network edge, closest to end users.
6.1. Hardware and Software Versions Tested
The following hardware models and software versions were used to test all three RSTP loop avoidance configurations described in this
Application Note.
Qty. Models TestedLicenseLevels Software Versions
2 Summit X450a-24t Core 12.1.2.17-patch1-17
12.1.3.14
12.2.2.11
2 Summit X250e-24p Edge 12.1.2.17-patch1-17
12.1.3.14
12.2.2.11
1 Summit X150-24p L2-Edge 12.1.2.17-patch1-17
12.1.3.14
12.2.2.11
1 Avaya 4602SW+ IP Telephone N/A Release 2.9
Release 2.8.3
1 Avaya 4610SW+ IP Telephone N/A Release 2.9
Release 2.8.3
2 Avaya 9640 IP Telephone N/A Release 3.0
1 Avaya S8300B Media Ser ver N/A Release R014x.00.1.731.2
1 Avaya G250 Media Servers N/A Release 27.27
1 EPICenter® 7.0 SP1 Ser ver Bronze-20
Table 1:
8/13/2019 Stp Extreme
http://slidepdf.com/reader/full/stp-extreme 25/25
Extreme Networks Application Note
www.extremenetworks.com
Corporate
and North America
Extreme Networks, Inc.
3585 Monroe Street
Santa Clara, CA 95051 USA
Phone +1 408 579 2800
Europe, Middle East, Africa
and South America
Phone +31 30 800 5100
Asia Pacific
Phone +852 2517 1123
Japan
Phone +81 3 5842 4011
7. Additional References
[1] ExtremeXOS Command Reference Guide, Software Version 12.2.2, Extreme Networks, March 2009,
http://www.extremenetworks.com/services/software-userguide.aspx
[2] ExtremeXOS Concepts Guide, Software Version 12.2.2, Extreme Networks, March 2009,
http://www.extremenetworks.com/services/software-userguide.aspx
[3] Newton’s Telecom Dictionary 21st Edition, Harry Newton, March 2005, CMP Books
top related