Configuring RPVST+
Selecting RPVST+ as the spanning tree mode
Syntax:
[no] spanning-tree mode [ mstp | rapid-pvst ]
Specifies that spanning tree will run in MSTP (default) or RPVST+ mode.
To view Mode, use the
show run
command. This will eliminate confusion if there is an RPVST configuration but MSTP is running. This will lead to a change in the existing factory default setting.RPVST+ parameters can be configured even if the mode is MSTP and vice versa. This command does not enable/disable spanning tree. It sets the mode which is operational once spanning tree is enabled using
spanning-tree enable
.The
no
form of the command changes the spanning tree mode to the default mode (MSTP)
Configuring global spanning tree
Syntax:
spanning-tree
extend system-id
Creates a unique bridge identifier for each VLAN by adding the VLAN ID (vid) value to the priority field of the bridge identifier in every RPVST+ BPDU.
Syntax
[no]spanning-tree log state-transitions [ instance
<instance-id>
cst
]
Command enables/disables event logging for port-block events.
List of VLAN identifiers
Range: <instance-id> 1–16
[vlan <vid-list>]
Syntax:
[no] spanning-tree ignore-pvid-inconsistency
Causes the switch to ignore per-VLAN ID inconsistencies when the ports on both ends of a point-to-point link are untagged members of different VLANs, thus allowing RPVST+ to run on the mismatched links. On a given switch, affects all ports belonging to VLANs on which RPVST+ is enabled. See Allowing traffic on VLAN ID (PVID) mismatched links.
Default: Disabled
Syntax:
[no] spanning-tree bpdu-protection-timeout
<timeout>
Configures the duration of time when protected ports receiving unauthorized BPDUs will remain disabled. The default value of 0 (zero) sets an infinite timeout (that is, ports that are disabled by
bpdu-protection
are not, by default, re-enabled automatically).Default: 0
Range: 0 - 65535 seconds
Configuring per-VLAN spanning tree
Syntax:
spanning-tree
vlan
<vid-list>
hello-time <1...10>
Specifies the time in seconds between transmissions of BPDUs on the specified VLANs when the switch is root for those VLANs.
Default: 2
Range: 1 - 10
Syntax:
spanning-tree
vlan
<vid-list>
forward-delay <4...30>
Sets the time in seconds the switch waits before transitioning from listening to learning and from learning to forwarding states.
Default: 15
Range: 4 - 30
Syntax:
spanning-tree
vlan
<vid-list>
maximum age <6...40>
Sets the maximum age in seconds of received STP information before it is discarded for specified VLANs.
Default: 20
Range: 6 - 40
NOTE:
Maximum age
must be within the following bounds:
greater than or equal to 2x (
hello-time
+1)less than or equal to 2x (
forward-delay
- 1)
Syntax:
spanning-tree
vlan
<vid-list>
priority <0...15>
Sets the switch (bridge) priority for the designated VLAN. The switch compares this priority with the priorities of other switches on the same VLAN to determine the RPVST+ root switch for the VLAN. The lower the priority value, the higher the priority. The switch with the lowest Bridge Identifier on the VLAN is elected as the RPVST+ root switch for that VLAN.
The Bridge Identifier is composed of a configurable Priority (2 bytes) and the switch’s MAC address (6 bytes). The ability to change the Priority provides flexibility for determining which switch on the VLAN will be the root for RPVST+, regardless of its MAC address.
The priority range for an RPVST+ switch is 0-61440. However, this command specifies the priority as a multiplier (0 - 15) of 4096. That is, when you specify a priority multiplier value of 0 - 15, the actual priority assigned to the switch is: (priority-multiplier) x 4096.
For example, if you configure “2” as the priority-multiplier on a given RPVST+ switch, then the Switch Priority setting for the specified VLAN is 8,192.
NOTE: If multiple switches on the same VLAN have the same priority setting, then the switch with the lowest MAC address becomes the root switch for that VLAN.
Syntax:
[no] spanning-tree vlan
<vid-list>
root
[ primary | secondary ]
Specifies the switch as the primary or secondary root bridge for the specified VLANs. Otherwise, by default, the root bridge for each VLAN will be determined by the lowest MAC address in that topology.
The
no
form of the command returns the determination of root to the lowest MAC address criterion.
Configuring per-port per-VLAN spanning tree
Syntax
[no]spanning-tree pathcost
< rapid-pvst
| mstp >
[ 8021d | 8021t | proprietary ]
Specify a standard to use when calculating the default pathcost.
Default: 8021t
NOTE: All devices in the network should be configure to use same pathcost mode for proper functioning.
Syntax:
[no] spanning-tree port
<port-number>
vlan <vid-list>
path-cost
[ auto | <1...200000000>
]
Sets the path cost for a single port on the specified VLANs. If the port is a member of more than one VLAN, the
path-cost
applies only where the port has traffic for the VLANs specified.Default: auto
Range: 1 - 200000000
The
no
form of the command returnspath-cost
to its default setting.
Syntax:
[no] spanning-tree port
<port-number>
vlan <vid-list>
priority <0-15>
path-cost <auto>
| <Path-Cost>
Sets the port priority for the specified VLANs. The value is in the range of 0-240 divided into steps of 16 that are numbered 0 to 15. The default is step 16.
The per-port per-VLAN priority is used to help choose the root port for a switch on the specified VLAN if there are multiple links to the root switch.
Default: 8
Range 0 - 15
The
no
form of the command sets the priority to its default value.
Configuring per-port spanning tree
Syntax:
[no] spanning-tree
<port-list>
admin-edge-port
Enables
admin-edge-port
on ports connected to end nodes. During spanning tree establishment, ports withadmin-edge-port
enabled transition immediately to the forwarding state. If a bridge or switch is detected on the segment, the port automatically operates as non-edge, not enabled.If
admin-edge-port
is disabled on a port andauto-edge-port
has not been disabled, theauto-edge-port
setting controls the behavior of the port.Default: No - disabled
The
no
form of the command disables edge-port operation on the specified ports.
Syntax:
[no] spanning tree
<port-list>
auto-edge-port
Enables or disables the automatic identification of edge ports. The port will look for BPDUs for 3 seconds. If there are none, it begins forwarding packets. If
admin-edge-port
is enabled for a port, the setting for auto-edge-port is ignored whether set to yes or no. Ifadmin-edge-port
is set toNo
, andauto-edge-port
has not been disabled (set toNo
), then the auto-edge-port setting controls the behavior of the port.Default: Yes - enabled
The
no
form of the command disablesauto-edge-port operation
on the specified ports
Syntax:
[no] spanning tree
<port-list>
bpdu-filter
Enables or disables BPDU filtering on the specified ports. The
bpdu-filter
option forces a port to always stay in the forwarding state and be excluded from standard STP operation.Default: Disabled
Syntax:
[no] spanning tree
<port-list>
bpdu-protection
Enables or disables BPDU protection on the specified ports.
Syntax:
spanning tree
<port-list>
point-to-point-mac
[ true | false | auto ]
Informs the switch of the type of device to which a specific port connects.
true
(default)Indicates a point-to-point link to a device such as a switch, bridge, or end-node.
false
Indicates a connection to a hub (which is a shared LAN segment).
auto
Causes the switch to set Force-False on the port if it is not running at full duplex. (Connections to hubs are half-duplex.)
Syntax:
spanning tree
<port-list>
root-guard
This feature is available in RPVST+ only. When a port is enabled as
root-guard
, it cannot be selected as the root port even if it receives superior STP BPDUs. The port is assigned an “alternate” port role and enters a blocking state if it receives superior STP BPDUs. (A superior BPDU contains “better” information on the root bridge and/or path cost to the root bridge, which would normally replace the current root bridge selection.)The superior BPDUs received on a port enabled as
root-guard
are ignored. All other BPDUs are accepted and the external devices may belong to the spanning tree as long as they do not claim to be the Root device. Use the following command on RPVST+ switch ports that are connected to devices located in other administrative network domains to ensure the stability of the core RPVST+ network topology so that undesired or damaging influences external to the network do not enter.Default: Disabled.
Syntax:
spanning-tree
<port-list>
tcn-guard
When
tcn-guard
is enabled for a port, it causes the port to stop processing or propagating received topology change notifications and topology changes to other ports.Default: Disabled.
Enabling or disabling RPVST+ spanning tree
With the spanning tree mode set to RPVST+, you can do either of the following:
Enable or disable RPVST+ on all VLANs on the switch.
Enable or disable RPVST+ on specified VLANs that are RPVST+-enabled on the switch.
Syntax:
[no] spanning-tree [ enable | disable ]
To globally enable RPVST+ on all VLANs on the switch, use either of the following:
To globally disable RPVST+ on all VLANs on the switch, use any of the following:
NOTE: This status will always be shown in | |
NOTE: This command overrides the per-VLAN enable/disable command (below). | |
Syntax:
spanning-tree
vlan
<vid list>
[ enable | disable
]
To enable RPVST+ on one or more VLANs on the switch, use either of the following:
To disable RPVST+ on one or more VLANs on the switch, use any of the following: