So I have a medium-ish sized network (~30 sites) in a semi-mesh fiber topology. I'm trying to migrate from my predecessor's design of "stretch all the vlans, STP all the things" to routed OSPF underlay with VXLAN overlay. In the mean-time, I'm part way through migration and having unexpected issue: MST is blocking my OSPF peering vlans.
Sample config:
switch 1 port1 <----> switch 2 port 1 switch 1 port2 <----> switch 2 port 2 #Switch 1: int 1/1/1 vlan trunk allow 1,10 int 1/1/2 vlan trunk allow 1,20 int vlan 10 ip address 10.10.10.1/24 int vlan 20 ip address 10.20.20.1/24 spanning-tree spanning-tree priority 0 spanning-tree mst 10 vlan 10 spanning-tree mst 10 priority 0 spanning-tree mst 20 vlan 20 spanning-tree mst 20 priority 0 #Switch 2: int 1/1/1 vlan trunk allow 1,10 int 1/1/2 vlan trunk allow 1,20 int vlan 10 ip address 10.10.10.2/24 int vlan 20 ip address 10.20.20.2/24 spanning-tree spanning-tree mst 10 vlan 10 spanning-tree mst 20 vlan 20
Now, it is my expectation that:
- vlan 1 would be permitted on all ports
- vlan 1 is a member of mst instance 0 (default)
- mst instance 0 should be designated on both ports of switch1
- mst instance 0 should be root on port 1/1/1 of switch 2
- mst instance 0 should be blocking/alternate on port 1/1/1 of switch 2
(all of the above statements appear to match what I see in the running switches)
further, it my expectation that:
- vlan 10 would be permitted on 1/1/1 of both switches
- vlan 10 is a member of mst instance 10, of which instance 10 on switch 1 should be root
- vlan 10 should be a designated port on 1/1/1 of switch 1 and root port on 1/1/1 of switch 2
- vlan 10 should not be fundamentally capable of blocking anywhere, as it only exists on 2 ports.
(all of the above statements appear to match what I see in the running switches)
further, it my expectation that:
- vlan 20 would be permitted on 1/1/2 of both switches
- vlan 20 is a member of mst instance 20, of which instance 20 on switch 1 should be root
- vlan 20 should be a designated port on 1/1/2 of switch 1 and root port on 1/1/2 of switch 2
- vlan 20 should not be fundamentally capable of blocking anywhere, as it only exists on 2 ports.
This is where the problem lies:
Vlan 20 is blocking/alternate on port 1/1/2 of switch 2.
is My config wrong or is my understanding of MST operation wrong?
I am trying to build a set of OSPF routed point-to-point links using vlan 10, vlan 20 between these two switches so that I can remove vlan 1 from both links, create a vxlan SVI routed between the two switches, and bridge vlan 1 from switch to switch over a routed vxlan, rather than using STP to block these two routed links.
Thoughts? other config or output that would help?
No comments:
Post a Comment