STP_2Trunks

Above is a design issue that may be present on exam day or on the job, the issue being that as indicated in the top right corner there are 4 VLANs configured on both sides of the Trunks, but SW2 has interface Fa1/0/2 set to blocking – So only one link is being used for all VLAN traffic.

To allow both links to load balance traffic, PVST and Port Prioity can be configured to allow some VLANs to set Fa1/0/2 on SW2 as the Root Port for certain VLANs, and Fa1/0/1 for others – So both links will be used to transmit traffic over the two Trunks!

Important Note to preface these topics – The port MUST be Trunking (non-Access port), and the VLANs being load-balanced MUST be allowed over those Trunk links, or there will be no separate instances of STP per VLAN on the switch!

Also, one huge difference between the two methods is that PVST Load Balancing is configured on the local switch / bridge, whereas Port Priority Load Balancing is configured on the remote switch / bridge.

One more note before moving on, 802.1d Spanning-Tree is configured as PVST Spanning-Tree by default, as can be seen in the running configuration of a fresh switch:

!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!

This means a separate instance is run for every VLAN on the switch by default.

 

The criteria used to select a Root Port on switches / bridges

 

A quick review of the criteria used when selecting a Root Port going from Top to Bottom, if there is a tie it moves onto the next consideration down on the list:

  • Port that receives superior BPDU (Lowest Root Bridge ID)
  • Port with lowest Root Path cost
  • Port receiving BPDU with lowest sender BID
  • Port with lowest sender Port ID

I wanted to emphasize the sender portion in the last two selection considerations, as these pertain to the remote neighbor switch (bridge), whereas the top two criteria are based on Root Bridge BID or Root Path cost.

PVST load balancing will use #2 on the list (Root Path Cost) by configuring the local switches interface with a lower Path Cost per VLAN to change the Root Path Cost on specified VLANs, whereas Port Priority load balancing will use #4 on the list (Lowest sender Port ID) configured on the remote switch, as it is the SENDER’s Port ID and not the local Port ID of the switch that interfaces are to be load balanced on.

#1 and #3 in that criteria is based on Root Bridge manipulation rather than Root Path manipulation for specific interfaces, so they will not be covered in this post for PVST or Port Priority load balancing.

 

First to demonstrate manually changing Path Cost on an interface

 

To note right at the front end of this configuration, this is an “all or nothing” sort of configuration, meaning all VLANs will be impacted by this change and it does not provide any sort of load balancing (which will be demonstrated with a debug).

Also to note, this is NOT FOR LOAD BALANCING, but to demonstrate how to change the cost of an interface in general which is generally better suited for non-Trunk STP ports.

To avoid a wall of text I will post only VLAN 30’s “sh span vlan #” output as I will be working on that VLAN in configuration, but all VLANs have the same values by default as shown here:

SW2#sh span vlan 30

VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 19
Port 3 (FastEthernet1/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Root FWD 19 128.3 P2p
Fa1/0/2 Altn BLK 19 128.4 P2p

So as can be seen highlighted in red both interface Path Costs are 19 (FastEthernet), so to change the forwarding interface, the blocking interfaces Path Cost must be configured lower than 19.

I started a debug before making the change to demonstrate a behavior of making this change, so first will be the configuration, followed by the debugging output:

Adjusting Path Cost on the interface

SW2(config)#int fa1/0/2
SW2(config-if)#spanning-tree cost ?
<1-200000000> port path cost

SW2(config-if)#spanning-tree cost 10
SW2(config-if)#

The debug output following the configuration change

*Mar 1 00:16:18.547: STP: VLAN0001 new root port Fa1/0/2, cost 10
*Mar 1 00:16:18.547: STP: VLAN0001 Fa1/0/2 -> listening
*Mar 1 00:16:18.547: STP: VLAN0001 sent Topology Change Notice on Fa1/0/2
*Mar 1 00:16:18.547: STP[1]: Generating TC trap for port FastEthernet1/0/1
*Mar 1 00:16:18.547: STP: VLAN0001 Fa1/0/1 -> blocking
*Mar 1 00:16:18.547: STP: VLAN0010 new root port Fa1/0/2, cost 10
*Mar 1 00:16:18.547: STP: VLAN0010 Fa1/0/2 -> listening
*Mar 1 00:16:18.547: STP: VLAN0010 sent Topology Change Notice on Fa1/0/2
SW2(config-if)#
*Mar 1 00:16:18.547: STP[10]: Generating TC trap for port FastEthernet1/0/1
*Mar 1 00:16:18.547: STP: VLAN0010 Fa1/0/1 -> blocking
*Mar 1 00:16:18.547: STP: VLAN0020 new root port Fa1/0/2, cost 10
*Mar 1 00:16:18.547: STP: VLAN0020 Fa1/0/2 -> listening
*Mar 1 00:16:18.547: STP: VLAN0020 sent Topology Change Notice on Fa1/0/2
*Mar 1 00:16:18.547: STP[20]: Generating TC trap for port FastEthernet1/0/1
*Mar 1 00:16:18.547: STP: VLAN0020 Fa1/0/1 -> blocking
*Mar 1 00:16:18.547: STP: VLAN0030 new root port Fa1/0/2, cost 10
SW2(config-if)#
*Mar 1 00:16:18.547: STP: VLAN0030 Fa1/0/2 -> listening
*Mar 1 00:16:18.547: STP: VLAN0030 sent Topology Change Notice on Fa1/0/2
*Mar 1 00:16:18.547: STP[30]: Generating TC trap for port FastEthernet1/0/1
*Mar 1 00:16:18.547: STP: VLAN0030 Fa1/0/1 -> blocking
SW2(config-if)#
*Mar 1 00:16:33.555: STP: VLAN0001 Fa1/0/2 -> learning
*Mar 1 00:16:33.555: STP: VLAN0010 Fa1/0/2 -> learning
*Mar 1 00:16:33.555: STP: VLAN0020 Fa1/0/2 -> learning
*Mar 1 00:16:33.555: STP: VLAN0030 Fa1/0/2 -> learning
SW2(config-if)#
*Mar 1 00:16:48.562: STP[1]: Generating TC trap for port FastEthernet1/0/2
*Mar 1 00:16:48.562: STP: VLAN0001 Fa1/0/2 -> forwarding
*Mar 1 00:16:48.562: STP[10]: Generating TC trap for port FastEthernet1/0/2
*Mar 1 00:16:48.562: STP: VLAN0010 Fa1/0/2 -> forwarding
*Mar 1 00:16:48.562: STP[20]: Generating TC trap for port FastEthernet1/0/2
*Mar 1 00:16:48.562: STP: VLAN0020 Fa1/0/2 -> forwarding
*Mar 1 00:16:48.562: STP[30]: Generating TC trap for port FastEthernet1/0/2
*Mar 1 00:16:48.562: STP: VLAN0030 Fa1/0/2 -> forwarding
SW2(config-if)#
SW2(config-if)#

So first from the top configuration portion,  the STP cost can be changed to any number between 1 and 200,000,000 (200 million) without effecting the bandwidth on the interface, and it only applies to STP with the command “spanning-tree cost #” configured on the physical interface.

With the debug output I wanted to demonstrate that all VLANs are impacted, but I found it interesting that they go from smallest VLAN # to largest, in that they individually transition states by VLAN instead of the interface itself. So first VLAN 1 put Fa1/0/1 into Blocking and Fa1/0/2 into listening, followed by VLAN 10, etc.

With manually changing the STP Cost all VLANs change post states at the same time down to the millisecond, however they all do it as separate VLANs instead of just the interface showing transition output, making this “all or nothing” in regards to VLANs.

 

Load Balancing using PVST (Per-VLAN Spanning-Tree)

 

Again, this method is configured on the local switch that you want the changes to take effect on, as shown in the configuration below!

So to confirm currently, I’ll expand on the “sh span” verification command, by calling out the specific VLAN I need information on:

SW2#sh span vlan 30

VLAN0030

Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 19
Port 3 (FastEthernet1/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Root FWD 19 128.3 P2p
Fa1/0/2 Altn BLK 19 128.4 P2p

As seen I’ve removed the manual cost config to Fa1/0/2, and will hone in on just the Server VLAN 30, so it takes the Fa1/0/2 Trunk between SW1 and SW2.

Important but maybe not obvious note, this must be configured on the interface that is in blocking mode so watch the interface # on exam day, I’ve included some debug output to demonstrate this only impacts VLAN 30:

SW2#debug span events
Spanning Tree event debugging is on
SW2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#int fa1/0/2
SW2(config-if)#span ?
bpdufilter Don’t send or receive BPDUs on this interface
bpduguard Don’t accept BPDUs on this interface
cost Change an interface’s spanning tree port path cost
guard Change an interface’s spanning tree guard mode
link-type Specify a link type for spanning tree protocol use
mst Multiple spanning tree
port-priority Change an interface’s spanning tree port priority
portfast Enable an interface to move directly to forwarding on link up
stack-port Enable stack port
vlan VLAN Switch Spanning Tree

SW2(config-if)#span vlan ?
WORD vlan range, example: 1,3-5,7,9-11

SW2(config-if)#span vlan 30 ?
cost Change an interface’s per VLAN spanning tree path cost
port-priority Change an interface’s spanning tree port priority

SW2(config-if)#span vlan 30 cost ?
<1-200000000> Change an interface’s per VLAN spanning tree path cost

SW2(config-if)#span vlan 30 cost 10 ?
<cr>

SW2(config-if)#span vlan 30 cost 10
SW2(config-if)#
*Mar 1 00:51:55.956: STP: VLAN0030 new root port Fa1/0/2, cost 10
*Mar 1 00:51:55.956: STP: VLAN0030 Fa1/0/2 -> listening
*Mar 1 00:51:55.956: STP: VLAN0030 sent Topology Change Notice on Fa1/0/2
*Mar 1 00:51:55.956: STP[30]: Generating TC trap for port FastEthernet1/0/1
*Mar 1 00:51:55.956: STP: VLAN0030 Fa1/0/1 -> blocking
SW2(config-if)#
*Mar 1 00:52:10.963: STP: VLAN0030 Fa1/0/2 -> learning
SW2(config-if)#
*Mar 1 00:52:26.013: STP[30]: Generating TC trap for port FastEthernet1/0/2
*Mar 1 00:52:26.013: STP: VLAN0030 Fa1/0/2 -> forwarding
SW2(config-if)#

I left the “span ?” output in there to get a glimpse of other configurations on the interface level with beginning with the command “spanning-tree …” or as I type “span …”

It can be seen the STP Cost value for configuration is the same as changing the general interface cost, and the debug shows it is the same transitions states, however only for VLAN 30.

There are very similar looking commands with very different effects that can be configured at the global configuration level, however that is to change the Root Bridge settings per VLAN which will be covered in a future post.

Also to note, I didn’t use multiple VLANs in this demo, however the syntax shown in the ? is important to note for exam day:

SW2(config-if)#span vlan ?
WORD vlan range, example: 1,3-5,7,9-11

Entering that exact string highlighted, if the VLANs exist on the switch, is a vlaid command. The important thing to note are there are no spaces between #’s / hyphens / commas for additonal subnets or ranges, so that is a possible syntax gotcha for exam day.

Verification that VLAN 30 is using interface Fa1/0/2 for its traffic

Voice VLAN 20

SW2#sh span vlan 20

VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 32788
Address 1ce6.c7c1.c800
Cost 19
Port 3 (FastEthernet1/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32788 (priority 32768 sys-id-ext 20)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Root FWD 19 128.3 P2p
Fa1/0/2 Altn BLK 19 128.4 P2p

Server VLAN 30

SW2#sh span vlan 30

VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 10
Port 4 (FastEthernet1/0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Altn BLK 19 128.3 P2p
Fa1/0/2 Root FWD 10 128.4 P2p

Again for exam day keep in mind this must be configured on the Switch / Interface that is in Blocking state on the LOCAL switch, so be sure to carefully verify the correct Switch Name and Interface # are in the answer being selected!

 

Load balancing by manually configuring Port Priority on the interface

 

This is the method that is configured on the REMOTE switch, as the local switch is looking for the lowest SENDER Port ID, not the lowest Local Port ID!

To view Port Priority per VLAN, it is shown in the bottom of the “sh span vlan #” output at the bottom under the “Prio.Nbr” field shown here:

SW2#sh span vlan 30

VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 19
Port 3 (FastEthernet1/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Root FWD 19 128.3 P2p
Fa1/0/2 Altn BLK 19 128.4 P2p

 

As can be seen, the Priority Number is broken up into two parts, the Priority and the Port Number. I’ve highlighted in red the Priority value which is 128 by default, and highlighted in blue is the “Port number” which is not to be confused with the interface number, as these Trunks are plugged into Fa1/0/1 and Fa1/0/2 on SW1 and SW2.

***One note on Port numbers in STP, I’ve found that generally that second value after priority is the interface # + 2, so if you are made to guess at what interface # is being utilized based on the Priority Number output I would answer the Port number value – 2 for the interface #***

However, if able to access a CLI to run a verification command, “sh span vlan #” will give you the interfaces listed at the bottom and the # in the second value of Prio.Nbr is the interface Port number.

^^^ If you are not crystal clear on that concept, I would urge anyone to google it and find examples until you clearly understand that concept, as it is an important one ^^^

Configuration of Port Priority Load balancing

First a quick demonstration on the local switch, to show that local configuration will not do anything for the interface that it is intended for:

Verification before configuration

SW2#sh span vlan 30

VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 19
Port 3 (FastEthernet1/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Root FWD 19 128.3 P2p
Fa1/0/2 Altn BLK 19 128.4 P2p

This is with everything at its default values, all previous configurations have been removed from all VLANs and Interfaces.

Configuration on the interface

SW2(config)#int fa1/0/2
SW2(config-if)#span vlan 30 ?
cost Change an interface’s per VLAN spanning tree path cost
port-priority Change an interface’s spanning tree port priority

SW2(config-if)#span vlan 30 port-priority ?
<0-240> port priority in increments of 16

SW2(config-if)#span vlan 30 port-priority 32 ?
<cr>

SW2(config-if)#span vlan 30 port-priority 32
SW2(config-if)#

Note that the Priority value is in increments of 16, so any example of a configuration without it being divisible by 16 is invalid, UNLESS it is set to 0 which is also an option of the range available of 0-240 for Priority value.

Verification that it has not changed the interface state / state

SW2(config-if)#do sh span vlan 30

VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 19
Port 3 (FastEthernet1/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Root FWD 19 128.3 P2p
Fa1/0/2 Altn BLK 19 32.4 P2p

The local Priority ID did change, so the interface on the other side of that link has a new #3 criteria from the Root Port selection list above, however it is needed on this switch as this has the interface in Blocking state.

So to correct this we go to SW1 interface Fa1/0/2 and verify on SW2

SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#int fa1/0/2
SW1(config-if)#span vlan 30 port 32
SW1(config-if)#
ASR>2
[Resuming connection 2 to sw2 … ]

SW2#sh span vlan 30

VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 1ce6.c7c1.c800
Cost 19
Port 4 (FastEthernet1/0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 5897.1eab.c800
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa1/0/1 Altn BLK 19 128.3 P2p
Fa1/0/2 Root LIS 19 128.4 P2p

SW2#

Even got back to SW2 in time to catch the interface in Listening state!

I’ll spare the wall of output, but the other three VLANs still of course have Fa1/0/1 as the Root Port, as the configuration on SW1 only effects VLAN 30.

 

One last command helpful for exam day and on the job!

 

To quickly view local to remote interface mappings if you don’t have any diagram to go off of, say in the exam room to test your knowledge of switching(!), use the command “sh cdp neighbors” as shown here:

SW2#sh cdp nei
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone,
D – Remote, C – CVTA, M – Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
SW1 Fas 1/0/2 127 S I WS-C3750V Fas 1/0/2
SW1 Fas 1/0/1 127 S I WS-C3750V Fas 1/0/1
SW2#

I would imagine not a lot of scenarios outside of a lab will have matching interface links, so be sure to verify when possible on exam day the local and remote interface, which is shown under the Port ID section of “sh cdp nei” output.

If any readers of this have an explanation as to how an STP Port # is created other than adding +2 to the interface #, please leave me a comment as I am curious and would love to update that with a solid answer! Until next time!