Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
9
Archived

Cisco edge with Meraki at core, spanning tree questions.

Currently have Cisco edge switches and have to replace core switching with Meraki. Meraki switch will need to be STP root but the Cisco equipment is configured with rapid-pvst. Meraki cannot be root in this scenario, it doesn't seem to support per vlan spanning tree. The Cisco side doesn't seem to support just standard RSTP. The only option I see is to use MSTP on Cisco and put all vlans in instance 0. If I use anything other than instance 0 the Meraki won't become root. Is this the only way to do this?

37 comments
74% Upvoted
This thread is archived
New comments cannot be posted and votes cannot be cast
level 1
LESS ANGRY AND HAS A NEW JOB3 points · 6 months ago

Rapid-PVST is interoperable with RSTP. You should be fine as is.

Adjust your bridge priority on your Meraki and it should act as the root bridge

level 2
Original Poster1 point · 6 months ago

I have a 3750 trunked to an MS425. The 425 has priority 4096 and the 3750 is at default priority. On the trunk between them I allow vlan 2,210,and 211. This is the result when the 3750 is in rapid-pvst.

MerakiTrunkTest#sh spanning-tree root detail
VLAN0002         
  Root ID    Priority    32770
             Address     001d.e504.0c00
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
VLAN0210         
  Root ID    Priority    32978
             Address     001d.e504.0c00
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
VLAN0211         
  Root ID    Priority    32979
             Address     001d.e504.0c00
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
level 3

Can you output a sh span sum and a sh span vlan 210?

level 4
Original Poster1 point · 6 months ago
MerakiTrunkTest#sh span sum
Switch is in rapid-pvst mode
Root bridge for: VLAN0002, VLAN0210-VLAN0211
Extended system ID           is enabled
Portfast Default             is disabled
PortFast BPDU Guard Default  is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default            is disabled
EtherChannel misconfig guard is enabled
UplinkFast                   is disabled
BackboneFast                 is enabled but inactive in rapid-pvst mode
Configured Pathcost method used is short

Name                   Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0002                     0         0        0          1          1
VLAN0210                     0         0        0          1          1
VLAN0211                     0         0        0          1          1
---------------------- -------- --------- -------- ---------- ----------
3 vlans                      0         0        0          3          3


MerakiTrunkTest#sh span vlan 210

VLAN0210
  Spanning tree enabled protocol rstp
  Root ID    Priority    32978
             Address     001d.e504.0c00
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32978  (priority 32768 sys-id-ext 210)
             Address     001d.e504.0c00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Po1                 Desg FWD 3         128.488  P2p
level 5

I'm not a meraki guy, but are the vlans and spanning tree even defined on it? I assume the Po1 is towards the core. Since it's a different STP type, I'd expect to see P2P-peer.

Are you learning macs over it?

level 6
Original Poster1 point · 6 months ago

Yes the vlans are defined on the Meraki side. Po1 is the port channel going to the core. The only STP options on the Meraki are a choice between STP and RSTP and the ability to set the priority. I have it set for RSTP and priority 4096.

level 7
CCIE1 point · 6 months ago

if your 3750 is winning root its either 2 issues:

the vlans arent allowed on the other side of the trunk, and therefore isolated

priority isnt configured right on the meraki

level 8

I could be wrong here, but don't you need VLAN1 on that trunk to be able to pass the STP packets between the two switches? My understanding was when interfacing to RSTP all STP traffic happened on VLAN1

level 9
CCIE1 point · 6 months ago

doesn't have to be vlan 1. as long as native vlan is configured correctly on both sides then there's a couple different scenarios

level 10
Original Poster1 point · 6 months ago

I am allowing all vlans on the Meraki side but I was not allowing vlan 1 (native) on the Cisco side. I just changed the Cisco side to allow all vlans. After that, vlan 1 shows the Meraki as root but all other vlans still show the 3750 as root.

level 8
Original Poster1 point · 6 months ago

The Meraki is allowing all vlans on the trunk and it's priority is set to 4096.

level 7

Are you learning macs from the meraki side?

level 8
Original Poster1 point · 6 months ago

There are no clients connected to the 3750 but the MAC table on the Meraki side does show the MAC of the 3750.

level 9

What about the 3750? Assign an svi to the meraki and see if you see it’s Mac on the Cisco

level 10
Original Poster1 point · 6 months ago

I see the mac address of the Meraki on the 3750 on vlan 1.

level 1
esteemed fruit-loop6 points · 6 months ago

oh fucking god why would you replace your core with meraki.

Access switches, ok, sure...

Meraki are not core switches.

level 2
Lord of the STPs1 point · 6 months ago

Maybe his definition of "core" differs from yours.

Just saying.

level 2

They make good WAPs, that's about it.

level 1

have to replace core switching with Meraki

Why? It sounds like it doesn't meet your needs.

level 2
Original Poster1 point · 6 months ago

I know of the issues, it's the organizations plan to replace all the switching with Meraki but the core has to come first due to some upcoming projects.

level 3

To be clear, I like Meraki. I use their MX gateways and a bunch of their MR APs. I've got a couple MS switches but am not thrilled with those.

What I was saying was that the Meraki switches at the core, those switches by themselves, do not meet your needs assuming your post is accurate (and I don't have enough experience with the MS switches to say either way). You really need to talk to support about it, they're really good, and if it's accurate, go back to management and say that it's not a good idea to do JUST this replacement.

level 1
Original Poster1 point · 6 months ago

Here is the output of "show spanning-tree mst" after switching stp modes from rapid-pvst to mst on the 3750.

MerakiTrunkTest#sh spanning-tree mst 

##### MST0    vlans mapped:   1-4094
Bridge        address 001d.e504.0c00  priority      32768 (32768 sysid 0)
Root          address e055.3dd4.af28  priority      4096  (4096 sysid 0)
              port    Gi2/0/1         path cost     20000    
Regional Root this switch
Operational   hello time 2 , forward delay 15, max age 20, txholdcount 6 
Configured    hello time 2 , forward delay 15, max age 20, max hops    20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi2/0/1          Root FWD 20000     128.55   P2p Bound(RSTP)

Meraki is connected to gi2/0/1.

level 1
Smarty-pants1 point · 6 months ago · edited 6 months ago

avoid instance 0, use instance 0

Edit use instance 1

level 2
Original Poster1 point · 6 months ago

Seems like solid advice.

level 3
Smarty-pants1 point · 6 months ago

Haha I meant 1

level 1
Comment deleted6 months ago
level 2
esteemed fruit-loop0 points · 6 months ago

No way man. They support the exact same "on" or "off" feature that an electrical light switch supports!!!

What's your problem? why you hatin on meraki ?

but seriously, fuck meraki .

level 3
Comment deleted6 months ago
level 4

yeah but 3850's don't give you nice colours and pingy tests

Community Details

131k

Subscribers

853

Online

###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post
r/networking Rules
1.
Rule #1: No Home Networking.
2.
Rule #2: No Certification Brain Dumps / Cheating.
3.
Rule #3: No BlogSpam / Traffic re-direction.
4.
Rule #4: No Low Quality Posts.
5.
Rule #5: No Early Career Advice.
6.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.