This is happening if you have native VLAN mismatch, and receive a BPDU where the PVID and dot1q-field doesn't match
*Mar 1 01:32:07.467: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on FastEthernet0/20 VLAN146.
*Mar 1 01:32:07.467: %SPANTREE-2-BLOCK_PVID_PEER: Blocking FastEthernet0/20 on VLAN0001. Inconsistent peer vlan.
*Mar 1 01:32:07.467: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking FastEthernet0/20 on VLAN0146. Inconsistent local vlan.
*Mar 1 01:32:07.471: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on FastEthernet
Cisco statement ->
Port VLAN ID (PVID) inconsistencyA per−VLAN spanning tree (PVST+) Bridge Protocol Data
Unit (BPDU) is received on a different VLAN than it was originated: (Port VLAN ID Mismatch
or *PVID_Inc).
Rack1SW1#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000b.5f70.0580
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000b.5f70.0580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/5 Desg FWD 19 128.5 P2p
Fa0/13 Desg BKN*19 128.13 P2p *PVID_Inc
Fa0/14 Desg BKN*19 128.14 P2p *PVID_Inc
Fa0/15 Desg BKN*19 128.15 P2p *PVID_Inc
Fa0/16 Desg BKN*19 128.16 P2p *PVID_Inc
Fa0/17 Desg BKN*19 128.17 P2p *PVID_Inc
Fa0/18 Desg BKN*19 128.18 P2p *PVID_Inc
Fa0/19 Desg BKN*19 128.19 P2p *PVID_Inc
Fa0/20 Desg BKN*19 128.20 P2p *PVID_Inc
Fa0/21 Desg BKN*19 128.21 P2p *PVID_Inc
Rack1SW1#
Mittwoch, 23. Februar 2011
Montag, 14. Februar 2011
Spanning-tree loopguard
Spanning-Tree Loopguard is a often misunderstood technology. Let's have a look how it works ->
RSRack1SW3#sh run | incl loop
spanning-tree loopguard default
RSRack1SW3#
RSRack1SW3#show spanning-tree loop
RSRack1SW3#sh cdp nei fa0/15
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
RSRack1SW1 Fas 0/15 126 R S I WS-C3550- Fas 0/18
RSRack1SW3#
RSRack1SW3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 000b.5f70.0580
Cost 19
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000b.5f70.b880
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 19 128.13 P2p
Fa0/15 Altn BLK 19 128.15 P2p
RSRack1SW3#
...
RSRack1SW1(config)#int fa 0/18
RSRack1SW1(config-if)#spanning-tree bpdufilter enable
RSRack1SW1(config-if)#
...
RSRack1SW3#
*Mar 1 00:25:55.363: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port FastEthernet0/15 on VLAN0001.
RSRack1SW3#
RSRack1SW3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 000b.5f70.0580
Cost 19
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000b.5f70.b880
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 19 128.13 P2p
Fa0/15 Desg BKN*19 128.15 P2p *LOOP_Inc
RSRack1SW3#
We just filter BPDU from the remote side of the Blocking-Port. SW3 fa0/15 no longer receives BPDUs from the Root Bridge. The normal behaviour would be to transition from Blocking to Listening to Learning and finally to Forwarding, which would create a nice L2-Loop (never say Spanning-Tree Loop, more like Stupid-Administrator-loop). The loopguard feature sets the port into loop-incosistency state.
But what happens in a Loop-Free-Topology where the Root-Port no longer receives BPDUs ?
RSRack1SW1(config)#int fa 0/18
RSRack1SW1(config-if)#spanning-tree bpdufilter enable
RSRack1SW1(config-if)#
RSRack1SW1#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
RSRack1SW3 Fas 0/18 144 R S I WS-C3550- Fas 0/15
RSRack1SW1#
...
RSRack1SW3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 000b.5f70.0580
Cost 19
Port 15 (FastEthernet0/15)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000b.5f70.b880
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/15 Root FWD 19 128.15 P2p
RSRack1SW3#
*Mar 1 00:38:41.363: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port FastEthernet0/15 on VLAN0001.
RSRack1SW3#
Aha, now we see that if we don't receive any further BPDUs on a loopguard enabled Non-Designated Port, the port transitions to the Loop-Incosistency state.
BTW: Obviously iff we shut/no shut the port on this loop-free topology between SW1 and SW3 both switches will be Root and no loop is formed, but that would be no design for productive environments. The example should just show the operation of loopguard.
Abonnieren
Posts (Atom)