Implementing MST on a Large Campus

Implementing MSTin a Large Campus Environment

February 13, 2007Rich Ingram

rni@umn.edu

Overview

• Introduction• Multiple Spanning Tree Protocol• Our Implementation

Implementing MST on a Large Campus

Introduction

Implementing MST on a Large Campus

U of M Twin Cities Campus Network

• 23 Cisco 6509s• 4,323 Cisco 3750s• 1,133 Switch Stacks• 74,414 Switchports• Redundant 10-Gigabit Backbone• Topology: 18 layer-2 switched domains

interconnected by a layer-3 MPLS-VPN backbone

Implementing MST on a Large Campus

Spanning Tree

• Finds and blocks loops• Don’t turn it off !!!• Cisco’s default is PVST+• If you don’t need MSTP, run Rapid-PVST+

Implementing MST on a Large Campus

Alphabet Soup – The Standards

• 802.1D – defines Bridges, including STP• 802.1Q – defines VLANs, assumes a single

Spanning Tree• 802.1W – defines RSTP, rolled into 802.1D• 802.1S – defines MSTP, rolled into 802.1Q• Cisco options: PVST+, Rapid-PVST+, MST

Implementing MST on a Large Campus

Multiple Spanning Tree Protocol

Implementing MST on a Large Campus

What is MSTP?

• Protocol to map VLANs to Spanning Trees• First, you create Multiple Spanning Trees called

“Instances”• You then map VLANs to those Instances• All VLANs belong to an Instance

Implementing MST on a Large Campus

Why Run MSTP?

• Answer #1: Your hardware makes you

• The 3750 can only run 128 Spanning Trees• Spanning Tree doesn’t run on the 129th VLAN• (interesting default)• Any loops on that VLAN and you’re toast

Implementing MST on a Large Campus

Lesson Learned #1

• Know your hardware• MSTP can help you

Implementing MST on a Large Campus

Why Run MSTP?

• Answer #2: You have too many VLANs

• Running Spanning Tree on every VLAN may be a problem with CPU load on some smaller switches

Implementing MST on a Large Campus

MST0 – That Special Instance

• By default, all VLANs are in MST0• MST0 is where the BPDUs are• BPDUs are sent untagged (on the native VLAN)• BPDUs contain “M-Records”• M-Records hold topology information for the

other MST Instances

Implementing MST on a Large Campus

Other MSTP Instances

• Maximum of 65 Instances• Each Instance has its own Topology and Root• Topology parameters are configurable per-

Instance (root priority, port cost, etc.)• BPDU parameters are configurable only for

MST0 (timers, hop count, etc.)

Implementing MST on a Large Campus

MSTP Region

• A Region contains one or more Instances• Defined by the MST configuration

– Name– Revision Number– VLAN-to-Instance Mapping

• If the MST configuration is different, the Region is different.

Implementing MST on a Large Campus

Multiple MSTP Regions

• Multiple Regions are interconnected by a single Common Spanning Tree (CST)

• There is one Root for the CST• The CST interconnects all the MST0 Instances

of all the Regions

Implementing MST on a Large Campus

Our Implementation

Implementing MST on a Large Campus

Our Implementation – Guidelines

• Pre-define the MST configuration everywhere• Pre-define root priorities everywhere• Use Portfast to define Edge Ports• Make the Spanning Tree topology match the

layer-3 topology (i.e. HSRP)

Implementing MST on a Large Campus

Lesson Learned #2

• It’s 10 p.m. on Saturday night, do you know where your root is?– Answer #1: It’s right where I put it.– Answer #2: It’s not where I put it,

but it’s in a good backup spot.– Answer #3: No, but it’s going to be

in a lot of trouble when it gets back.

Implementing MST on a Large Campus

Our Implementation –Hierarchical Root Priorities

Range: 0-61440 (lower is better)• CN/DC: 4096• RA: 8192• BA/DA: 20480• EN/DE: 28672• Default (not used): 32768

Implementing MST on a Large Campus

Our Implementation – Core Nodes

• No need for multiple topologies• All VLANs are in MST0

Implementing MST on a Large Campus

spanning-tree mode mst

spanning-tree mst configuration name InfoTech-CN-01 revision 1

Our Implementation – Data Center

• Two topologies (mostly) and HSRP• VLANs are split between MST1 and MST2

– In order to utilize redundant links

• Needed a different topology for a special case

Implementing MST on a Large Campus

Lesson Learned #3

• Spanning Tree topology != VLAN pruning• Manual pruning is dangerous• It’s easy to prune yourself off the active topology

Implementing MST on a Large Campus

Lesson Learned #4

• How many Roots did you say you have?

• Make sure your MST configurations match

Implementing MST on a Large Campus

Our Implementation – Data Center

Implementing MST on a Large Campus

spanning-tree mode mst

spanning-tree mst configuration name DataCenter revision 1 instance 1 vlan 10-19, 30-39, 50-59, 70-79, 90-99, 110-119, 130-139, 150-159 instance 1 vlan 170-179, 190-199, 210-219, 230-239, 250-259, 270-279, 290-299 instance 1 vlan 310-319, 330-339, 350-359, 370-379, 390-399, 410-419, 430-439 instance 1 vlan 450-459, 470-479, 490-499, 510-519, 530-539, 550-559, 570-579 instance 1 vlan 590-599, 610-619, 630-639, 650-659, 670-679, 690-699, 710-719 instance 1 vlan 730-739, 750-759, 770-779, 790-799, 810-819, 830-839, 850-859 instance 1 vlan 870-879, 890-899, 910-919, 930-939, 950-959, 970-979, 990-999 instance 1 ... instance 2 vlan 2-9, 20-29, 40-49, 60-69, 80-89, 100-109, 120-129, 140-149 instance 2 vlan 160-169, 180-189, 200-209, 220-229, 240-249, 260-269, 280-289 instance 2 vlan 300-309, 320-329, 340-349, 360-369, 380-389, 400-409, 420-429 instance 2 vlan 440-449, 460-469, 480-489, 500-509, 520-529, 540-549, 560-569 instance 2 vlan 580-589, 600-609, 620-629, 640-649, 660-669, 680-689, 700-709 instance 2 vlan 720-729, 740-749, 760-769, 780-789, 800-809, 820-829, 840-849 instance 2 vlan 860-869, 880-889, 900-909, 920-929, 940-949, 960-969, 980-989 instance 2 ... instance 2 vlan 4000 instance 3 vlan 4001

Our Implementation –Edge Parameters

• Global commands:– spanning-tree portfast bpdufilter default

• Interface commands:– spanning-tree portfast [trunk]– spanning-tree guard root

Implementing MST on a Large Campus

Our Implementation – Other

• VTP auto pruning• UDLD• no keepalive

Implementing MST on a Large Campus

Monitoring

• It’s important to watch this stuff!• Most Spanning Tree events show up as SNMP

Traps and not syslog• Pay attention to traps• Check manually every now and then (better yet,

regularly)

Implementing MST on a Large Campus

Testing

• Don’t forget to test this stuff!• Good test plans are hard to write• Do it anyway

Implementing MST on a Large Campus

Links

IEEE 802.1 Standards• http://standards.ieee.org/getieee802/802.1.html

Cisco 802.1W and 802.1S SRND• http://www.cisco.com/application/pdf/en/us/guest/tech/tk621/c1501/ccmigration_09186a0080174993.pdf

Cisco Understanding Multiple Spanning-Tree Protocol White Paper• http://cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml

Cisco Understanding Rapid Spanning-Tree Protocol White Paper• http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml

Cisco 12.2SX Configuration Guide (see sections on MST)• http://cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_book09186a00801609ea.html

Cisco MST Migration Configuration Example (includes configuration guidelines)• http://cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a00807b075f.shtml

Implementing MST on a Large Campus

Implementing MST on a Large Campus

Thank You

Rich Ingramrni@umn.edu