HP Switch(config)#: spanning-tree instance 1 vlan 1-10 On HP switches other than those covered by this guide, only the VLANs that are present will be included, that. Indeed, enable spanning-tree. The 2810 is standard MST by default. Depending on how you have your trunks configured (Trunk vs. LACP), the individual ports could still create a loop. Call it insurance. You may never need it, but the one time you do and it's not there, you'll regret it. (Other networking mistakes could also create a loop.). Multiple-Instance spanning tree operation (802.1s) ensures that only one active path exists between any two nodes in a spanning-tree instance. A spanning-tree instance comprises a unique set of VLANs, and belongs to a specific spanning-tree region. A region can comprise multiple spa nning-tree. HP-Switch (Config)#spanning-tree priority 0 (Makes this switch the root switch with a priority of 4096) HP-Switch (Config)#spanning-tree force-version rstp-operation (Operates spanning tree in Rapid Spanning Tree mode) HP-Switch (Config)#spanning-tree a1 bpdu-filter (Stops the port from transmitting or receiving bpdu’s.
5/5 (2) In this article we are going to explain what is the MSTP (Multiple Spanning Tree Protocol) procotolo, what are its benefits and how it is configured in HP switches.
What is the MSTP?
The MSTP protocol is an evolution of STP (Spanning Tree Protocol) used to prevent loops in networks where we want to give redundancy through a ring configuration. For those of you who do not know what STP is, you can consult the following link:this article.
Using the MSTP, we were able to improve the utilization of all links in the network. Basically it consists of blocking different links for VLAN groups.
Benefits of using MSTP
The main advantages of using MSTP are the following:
- Load balancing
- És a standardized protocol
- Minimize CPU usage compared to other STP protocols such as PVST.
- Compatible with other STP protocols.
Below is a graph with the diagram of a final MSTP configuration.
In this example, we see how the traffic of the 100-199 vlans will be blocked in one direction, while the vlans of the 200-299 will be allowed to pass through the blocked path. This improves network performance, since using STP or RSTP, one of these links would never be used.Design of the MSTP: Regions
An MST region is one that shares the spanning-tree configuration.
The switches will be in the same region if you have the maximum:
- Name of region
- Revision number
- Mapping of VLAN-to-instance
So if we want to have several switches in the same region, what we will do is configure these same parameters in all the switches.
How to configure MSTP in HP switches?
Steps to configure the MSTP in an HP-2530 switch:
- Configure the VLANS
Configure the VLANS
- Define the MST
region
- Define the revision number in the MST region
- Define VLAN-to-instance mapping.
- Define the priority for each
- Define the cost of the path (path-cost)
- Define point-to-point links
- Enable MSTP
Example: Configure MSTP on switch HP 2530
We will take as an example the same scheme as in the aforementioned article.
In this case all switches are HP2530 model.
Design conditions:
Switch A: Root for vlans 100-199
Switch B: Root for vlans 200-299
Switch C: You will have the ports blocked for each instance.
Switch A configuration:
![Procurve Procurve](https://community.hpe.com/hpeb/attachments/hpeb/switching-e-series-forum/9900/1/Diagram switch HP.png)
mstp name mstp-example
mstp revision 10 mstp revision 10
mstp instance 1 vlan 100 to 199
mstp instance 1 priority 0
mstp instance 2 vlan 200 to 299
mstp instance 2 priority 4096
mstp instance 2 ethe 3/3 path-cost 30000
mstp admin-pt2pt-mac ethe 3/1 to 3/3
mstp start
mstp revision 10 mstp revision 10
mstp instance 1 vlan 100 to 199
mstp instance 1 priority 0
mstp instance 2 vlan 200 to 299
mstp instance 2 priority 4096
mstp instance 2 ethe 3/3 path-cost 30000
mstp admin-pt2pt-mac ethe 3/1 to 3/3
mstp start
Switch B configuration:
mstp name mstp-example
mstp revision 10 mstp revision 10
mstp instance 1 vlan 100 to 199
mstp instance 1 priority 4096
mstp instance 2 vlan 200 to 299
mstp instance 2 priority 0
mstp instance 2 ethe 3/3 path-cost 30000
mstp admin-pt2pt-mac ethe 3/1 to 3/3
mstp start
mstp revision 10 mstp revision 10
mstp instance 1 vlan 100 to 199
mstp instance 1 priority 4096
mstp instance 2 vlan 200 to 299
mstp instance 2 priority 0
mstp instance 2 ethe 3/3 path-cost 30000
mstp admin-pt2pt-mac ethe 3/1 to 3/3
mstp start
Hp Procurve Spanning Tree Configuration
Swtich C configuration:
mstp name mstp-example
mstp revision 10
mstp instance 1 vlan 100 to 199
mstp instance 2 vlan 200 to 299
mstp start
mstp revision 10
mstp instance 1 vlan 100 to 199
mstp instance 2 vlan 200 to 299
mstp start
With these commands and bearing in mind that the cables are connected correctly, we will have our equipment configured correctly.
If you have any questions, do not hesitate to comment or send me your questions.
See you in the nets!
BPDU protection is a security feature designed to protect the active STP topology by preventing spoofed BPDU packets from entering the STP domain. In a typical implementation, BPDU protection would be applied to edge ports connected to end user devices that do not run STP. If STP BPDU packets are received on a protected port, the feature will disable that port and alert the network manager via an SNMP trap as shown in BPDU protection enabled at the network edge.
BPDU protection enabled at the network edge
The following commands allow you to configure BPDU protection on VLANs for which the port is a member.
Syntax:
[no]
spanning-tree <port-list>
bpdu-protection
Enables/disables the BPDU protection feature on a port.
Default: Disabled.
![Disable spanning tree hp switch Disable spanning tree hp switch](/uploads/1/1/8/9/118946661/852755196.png)
Syntax:
[no]
spanning-tree <port-list>
bpdu-protection-timeout <timeout>
Configures the duration of time when protected ports receiving unauthorized BPDUs will remain disabled. The default value of 0 (zero) sets an infinite timeout (that is, ports that are disabled by
bpdu-protection
are not, by default, re-enabled automatically).Default: 0
Range: 0 - 65535 seconds
For an example of using this command, see Re-enabling a port blocked by BPDU protection.
Syntax:
Enables/disables the sending of errant BPDU traps.
CAUTION: This command should only be used to guard edge ports that are not expected to participate in STP operations. Once BPDU protection is enabled, it will disable the port as soon as any BPDU packet is received on that interface. |
Syntax:
Disable Spanning Tree Hp Switch
show spanning-tree bpdu-protection <port-list>
Displays a summary listing of ports with BPDU protection enabled. To display detailed per-port status information, enter the specific port number(s). BPDU protected ports are displayed as separate entries of the spanning tree category within the configuration file.
Show Spanning-tree Hp Procurve
Displaying BPDU protection status for specific ports
Hp Procurve Switch Configuration Guide
Ports disabled by BPDU Protection remain disabled unless BPDU Protection is removed from the switch or by configuring a nonzero BPDU protection timeout. For example, if you want to re-enable protected ports 60 seconds after receiving a BPDU, you would use this command: