I would like some advice on the best way to configure STP in this scenario - see diagram here.
Two wifi controllers are attached to core switches DC1 and DC2. The core switches run MSTP, using SID 0, 1 & 2. All the VLANs passed to the WCs are in SID 0. (There are other DC switches participating in MSTP)
In order to support a new guest wifi service that doesn't use our normal ISP, VLAN 99 is supplied via a third party switch and needs to be supplied to the WCs.
As it was seen as undesirable to attach the third party switch to the core datacentre network, it is attached to a different switch - R1. R1 also runs MSTP by default.
VLAN 99 doesn't exist on DC 1 or 2, and all the links are configured only to egress the VLANs we specify, with all VLANs tagged, and with ingress filtering enabled.
The WCs support RSTP or Rapid PVST. They're currently running RSTP with default settings.
When making the connections between R1 and the WCs, we got STP blocking on R1s port leading to WC2. Currently we've disabled STP on this port, but I don't think that's the best solution. I don't think there's an actual risk of a broadcast storm here, but we would prefer STP to be enabled in case of malfunctions / misconfigurations.
How would you make this topology work?
No comments:
Post a Comment