Spanning Tree traffic

Discussion in 'Cisco' started by S. Gione, Oct 1, 2004.

  1. S. Gione

    S. Gione Guest

    I put a sniffer on our network to monitor some aberrent behavior on one of
    the hosts and fired it up to test prior to applying filters. Anyway, I
    noticed a large amount of spanning tree traffic from our Cisco switch which
    surprised me because I thought once the root switch was established, STP
    only fired-up occasionally to resolve chages, etc.

    My question: Is this normal, or do I need to dig deeper for some underlying
    problem. (I didn't notice anything unusual in the STP traffic messages.)
     
    S. Gione, Oct 1, 2004
    #1
    1. Advertising

  2. S. Gione

    MC Guest

    Any port that is configured with normal spanning tree will send periodic
    BDPU's,
    May want to turn on portfast on ports connected directly to servers/clients.


    "S. Gione" <> wrote in message
    news:Ys17d.1066$...
    > I put a sniffer on our network to monitor some aberrent behavior on one of
    > the hosts and fired it up to test prior to applying filters. Anyway, I
    > noticed a large amount of spanning tree traffic from our Cisco switch

    which
    > surprised me because I thought once the root switch was established, STP
    > only fired-up occasionally to resolve chages, etc.
    >
    > My question: Is this normal, or do I need to dig deeper for some

    underlying
    > problem. (I didn't notice anything unusual in the STP traffic messages.)
    >
    >
     
    MC, Oct 1, 2004
    #2
    1. Advertising

  3. Hello, MC!
    You wrote on Thu, 30 Sep 2004 22:15:35 -0400:

    M> Any port that is configured with normal spanning tree will send
    M> periodic BDPU's,
    M> May want to turn on portfast on ports connected directly to
    M> servers/clients.

    I don't think portfast will stop BPDU's.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Oct 1, 2004
    #3
  4. S. Gione

    Ivan Ostreš Guest

    In article <cjifjh$2ne$>, says...
    > Hello, MC!
    > You wrote on Thu, 30 Sep 2004 22:15:35 -0400:
    >
    > M> Any port that is configured with normal spanning tree will send
    > M> periodic BDPU's,
    > M> May want to turn on portfast on ports connected directly to
    > M> servers/clients.
    >
    > I don't think portfast will stop BPDU's.
    >


    I agree, BPDU's are still transmited and received with or without
    portfast.

    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
     
    Ivan Ostreš, Oct 1, 2004
    #4
  5. S. Gione

    mh Guest

    Spanning tree Bridged Protocol Data Units (BPDU) are sent out every
    port every 2 seconds. This rate is controlled by the SPT hello timer.
     
    mh, Oct 1, 2004
    #5
  6. S. Gione

    S. Gione Guest

    This 2-second rate is what was measured.

    It seemed awfully "chatty", but if this is normal, I guess I won't worry
    about it. The packets are small and represent a very low percentage of
    total traffic.

    Thanks.

    "mh" <> wrote in message
    news:...
    > Spanning tree Bridged Protocol Data Units (BPDU) are sent out every
    > port every 2 seconds. This rate is controlled by the SPT hello timer.
     
    S. Gione, Oct 1, 2004
    #6
  7. S. Gione

    mh Guest

    if you have a single switch, then you can disable spanning tree.

    Let me be more specific this does not mean you can only have a single
    switch in your entrie network; it means that froma routed port, if you
    only have a single switch then youy can safetly disable spanning tree.
    If you have two or more switches connected togther then disabling
    spanning tree is generally not a good idea...
     
    mh, Oct 2, 2004
    #7
  8. Hello, mh!
    You wrote on 2 Oct 2004 14:31:30 -0700:

    m> if you have a single switch, then you can disable spanning tree.

    m> Let me be more specific this does not mean you can only have a
    m> single switch in your entrie network; it means that froma routed
    m> port, if you only have a single switch then youy can safetly
    m> disable spanning tree. If you have two or more switches connected
    m> togther then disabling spanning tree is generally not a good
    m> idea...

    It's not a good idea even with a single switch.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Oct 2, 2004
    #8
  9. S. Gione

    Velvet Guest

    mh wrote:

    > if you have a single switch, then you can disable spanning tree.
    >
    > Let me be more specific this does not mean you can only have a single
    > switch in your entrie network; it means that froma routed port, if you
    > only have a single switch then youy can safetly disable spanning tree.
    > If you have two or more switches connected togther then disabling
    > spanning tree is generally not a good idea...


    I'd disagree. Spanning tree's useful even on one switch for when some
    bozo manages to introduce a loop between two ports (yes, it does happen)
    somehow. Then again, you can turn spanning tree off even if you have
    loads of switches - you just have to make sure you don't have redundant
    links between switches, and no other loops in the network.

    If you get a loop, network meltdown general results, which is why
    spanning tree can be a good thing. If you're not running redundant
    links, and are pretty sure you won't be in the situation of someone
    accidentally looping something, it's fairly safe to turn off.

    It really is horses for courses - risk vs benefits - and every network
    is different wrt that.

    --


    Velvet
     
    Velvet, Oct 2, 2004
    #9
  10. On 02.10.2004 23:39 Andrey Tarasov wrote:

    > Hello, mh!
    > You wrote on 2 Oct 2004 14:31:30 -0700:
    >
    > m> if you have a single switch, then you can disable spanning tree.
    >
    > m> Let me be more specific this does not mean you can only have a
    > m> single switch in your entrie network; it means that froma routed
    > m> port, if you only have a single switch then youy can safetly
    > m> disable spanning tree. If you have two or more switches connected
    > m> togther then disabling spanning tree is generally not a good
    > m> idea...
    >
    > It's not a good idea even with a single switch.
    >


    It is ... you most likely don't need it. Hence turn it off but don't
    forget to have still BPDU guard turned on.



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Oct 3, 2004
    #10
  11. Hello, Arnold!
    You wrote on Sun, 03 Oct 2004 01:46:45 +0200:

    m>>> if you have a single switch, then you can disable spanning tree.

    m>>> If you have two or more switches connected togther then
    m>>> disabling spanning tree is generally not a good idea...
    ??>>
    ??>> It's not a good idea even with a single switch.
    ??>>
    AN> It is ... you most likely don't need it. Hence turn it off but
    AN> don't forget to have still BPDU guard turned on.

    Well, you can do a little experiment - plug a loopback and see what will happen
    with STP and without. Even if you have new IOS based switch with keepalives
    turned on by default it might be up to 10 seconds of downtime before port gets
    disabled.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Oct 3, 2004
    #11
  12. On 03.10.2004 02:19 Andrey Tarasov wrote:

    > Hello, Arnold!
    > You wrote on Sun, 03 Oct 2004 01:46:45 +0200:
    >
    > m>>> if you have a single switch, then you can disable spanning tree.
    >
    > m>>> If you have two or more switches connected togther then
    > m>>> disabling spanning tree is generally not a good idea...
    > ??>>
    > ??>> It's not a good idea even with a single switch.
    > ??>>
    > AN> It is ... you most likely don't need it. Hence turn it off but
    > AN> don't forget to have still BPDU guard turned on.
    >
    > Well, you can do a little experiment - plug a loopback and see what will happen
    > with STP and without. Even if you have new IOS based switch with keepalives
    > turned on by default it might be up to 10 seconds of downtime before port gets
    > disabled.
    >


    Well, why do you need STP when port security is turned on?



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Oct 3, 2004
    #12
  13. Hello, Arnold!
    You wrote on Sun, 03 Oct 2004 02:44:05 +0200:

    AN> Well, why do you need STP when port security is turned on?

    Don't you think it's a strange approach to do two things - 1) disable STP; 2)
    enable port security - to achieve behavior provided by default configuration?

    Even though port security is very useful thing it's not a direct replacement of
    functionality provided by STP in this case.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Oct 3, 2004
    #13
  14. Hi Andreay,

    On 03.10.2004 04:59 Andrey Tarasov wrote:

    > Hello, Arnold!
    > You wrote on Sun, 03 Oct 2004 02:44:05 +0200:
    >
    > AN> Well, why do you need STP when port security is turned on?
    >
    > Don't you think it's a strange approach to do two things - 1) disable STP; 2)
    > enable port security - to achieve behavior provided by default configuration?
    >


    No ... in nowadays switch configuration BPDU guard/filter and port
    security is a must.

    > Even though port security is very useful thing it's not a direct replacement of
    > functionality provided by STP in this case.
    >


    And turning off unneeded features as well. Hence if I don't need STP I
    will turn it off.

    As always ... YMMV


    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Oct 3, 2004
    #14
  15. S. Gione

    Hansang Bae Guest


    > On 02.10.2004 23:39 Andrey Tarasov wrote:

    [snip: killing STP]
    > > It's not a good idea even with a single switch.



    In article <cjnel6$bv0$>, says...
    > It is ... you most likely don't need it. Hence turn it off but don't
    > forget to have still BPDU guard turned on.


    It is not. Because you can't guarantee someone will not create a loop
    by accident. It's min sized frames every two seconds...what is the big
    deal???


    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Oct 5, 2004
    #15
  16. S. Gione

    Hansang Bae Guest

    In article <cjolfv$bv0$>, says...
    [snip]
    > And turning off unneeded features as well. Hence if I don't need STP I
    > will turn it off. As always ... YMMV


    Arnold...dollar to donuts I've got more experience than you. I've
    personally seen four sites melt down because some IDIOT, yes IDIOT,
    turned off STP. That's like saying I don't drive over 10M from my
    house, so I'll forgo the insurance.

    It's simply not worth it. Unless you can lock the switches, and never
    have to recable at 3AM after 15 hours of troubleshooting, leave STP on.


    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Oct 5, 2004
    #16
  17. On 05.10.2004 07:45 Hansang Bae wrote:

    >>On 02.10.2004 23:39 Andrey Tarasov wrote:

    >
    > [snip: killing STP]
    >
    >>>It's not a good idea even with a single switch.

    >
    >
    >
    > In article <cjnel6$bv0$>, says...
    >
    >>It is ... you most likely don't need it. Hence turn it off but don't
    >>forget to have still BPDU guard turned on.

    >
    >
    > It is not. Because you can't guarantee someone will not create a loop
    > by accident. It's min sized frames every two seconds...what is the big
    > deal???
    >
    >


    BPDU guard and port security is your friend ....



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Oct 5, 2004
    #17
  18. Hello, Arnold!
    You wrote on Tue, 05 Oct 2004 08:18:42 +0200:

    ??>> [snip: killing STP]
    ??>>
    ??>>>> It's not a good idea even with a single switch.
    ??>>
    ??>>> It is ... you most likely don't need it. Hence turn it off but
    ??>>> don't forget to have still BPDU guard turned on.
    ??>>
    ??>> It is not. Because you can't guarantee someone will not create
    ??>> a loop by accident. It's min sized frames every two
    ??>> seconds...what is the big deal???
    ??>>
    AN> BPDU guard and port security is your friend ....

    Tell us, how are you going to configure port security on ports where you can't
    predict number of MAC addresses? Like the ones where wireless access point
    connected to?

    With best regards,
    Andrey.
     
    Andrey Tarasov, Oct 5, 2004
    #18
  19. On 05.10.2004 18:34 Andrey Tarasov wrote:

    > AN> BPDU guard and port security is your friend ....
    >
    > Tell us, how are you going to configure port security on ports where you can't
    > predict number of MAC addresses? Like the ones where wireless access point
    > connected to?
    >


    quite easy ... just pick a reasonable number for number of clients for
    that acccess-point.



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Oct 5, 2004
    #19
  20. Hello, Arnold!
    You wrote on Tue, 05 Oct 2004 23:53:15 +0200:

    AN> quite easy ... just pick a reasonable number for number of
    AN> clients for that acccess-point.

    Hmm... We have about 15 access points and more than 300 NICs given out to users.
    At any day there is no more than 100 users active total. So how many MAC
    addresses should be configured in order to avoid support call saying "We can't
    get on a wireless network!" but at the same time to prevent network outage if
    loop is going to happen on this port?

    Guess what, if you wouldn't mess with STP you wouldn't be doing this exercise.

    With best regards,
    Andrey.
     
    Andrey Tarasov, Oct 6, 2004
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Amy L.
    Replies:
    0
    Views:
    2,417
    Amy L.
    Jul 24, 2003
  2. Sizwe Dumisani

    Spanning Tree

    Sizwe Dumisani, Nov 6, 2003, in forum: Cisco
    Replies:
    3
    Views:
    1,370
    username
    Nov 16, 2003
  3. teton67

    Spanning Tree issue

    teton67, Nov 19, 2003, in forum: Cisco
    Replies:
    10
    Views:
    4,460
    Andre Beck
    Dec 27, 2003
  4. Amy L.
    Replies:
    1
    Views:
    1,450
  5. wade
    Replies:
    0
    Views:
    1,122
Loading...

Share This Page