Expand all | Collapse all

Cisco to Juniper STP Configuration

  • 1.  Cisco to Juniper STP Configuration

    Posted 05-01-2018 13:56

    The consulting company I work for does a fair number of projects where we remove older Cisco switches and replace them with Juniper switches.  I'm labbing with physical switches and am running into some interesting STP behavior that I am trying to fully understand.  


    With default STP configs (rapid pvst+ on the 3750 & RSTP on the EX2300), nothing unusual happens.  However, add a second EX2300, and give it a redundant connection to the other EX2300 (see the attached image), and suddenly the switch labeled 3750-01 goes into STP blocking mode for all vlans on the trunk (fa0/0/47) to the EX2300s.  Apart from removing the redundant link, I can resolve the issue by converting the EX switches to VSTP.  I believe switching to MSTP will also do the trick, but I've yet to lab that out.


    I know how to fix the problem, but I want to know why the Cisco switch blocks the uplink to the Juniper switches.  The Cisco is the root bridge for all vlans.  I've run several debugs on the Cisco switch, but I have been unable to determine exactly why this happens.  Perhaps that is the point.  Mix STP protocols and expect unexpected results.

  • 2.  RE: Cisco to Juniper STP Configuration

    Posted 05-01-2018 14:09

    Here's the output on the Cisco side:


    3750-01#show spanning-tree vlan 110

    Spanning tree enabled protocol rstp
    Root ID Priority 4206
    Address 5006.0436.8400
    This bridge is the root
    Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

    Bridge ID Priority 4206 (priority 4096 sys-id-ext 110)
    Address 5006.0436.8400
    Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
    Aging Time 300 sec

    Interface Role Sts Cost Prio.Nbr Type
    ------------------- ---- --- --------- -------- --------------------------------
    Fa3/0/46 Desg FWD 200000 128.162 P2p
    Fa3/0/47 Back BLK 200000 128.163 P2p


    I have highlighted the interface that trunks to the Juniper switches.  The Juniper switch shows the port is forwarding and is a root port.


    root@EX-01> show spanning-tree interface

    Spanning tree interface parameters for instance 0

    Interface Port ID Designated Designated Port State Role
    port ID bridge ID Cost
    ... [output removed as unecessary]
    ge-0/0/10 128:500 128:500 32768.9ccc83ac7a71 20000 FWD DESG
    ge-0/0/11 128:501 128:163 4097.500604368400 200000 FWD ROOT

    ge-0/1/0                   128:502      128:502  32768.9ccc83ac7a71        20000    FWD    DESG


    Ports ge-0/0/10 & ge-0/1/0 are the redundant uplinks to the other EX switch.

  • 3.  RE: Cisco to Juniper STP Configuration

    Posted 05-01-2018 14:20



    Converting the 3750 to MST and putting all VLANs in region0 is also a workable solution.  

  • 4.  RE: Cisco to Juniper STP Configuration

    Posted 05-09-2018 13:13

    Look for this dod "Spanning Tree Protocol in Layer 2-Layer 3 Environments"

    It may help to explain why that happens. It may have to do with the multicast address that CISCO use in in PVST+, vlan 1 and how Juniper handles that kind of traffic. I am taking it that you have configured rstp on Juniper.

  • 5.  RE: Cisco to Juniper STP Configuration

    Posted 05-10-2018 06:59

    procopius560 for Juniper interoperability with Cisco R-PVST+ on Juniper side you need to enable both RSTP and VSTP for any interface that connects to Cisco.  By Juniper default you are missing the VSTP part, which I believe is why Cisco blocks.


    Going with MSTP is one solution, but better solution is a design with no STP period -:)

  • 6.  RE: Cisco to Juniper STP Configuration

    Posted 09-19-2019 08:33

    VSTP worked great with our RPVST+ switches.  Thanks for this tip!  

  • 7.  RE: Cisco to Juniper STP Configuration

    Posted 09-19-2019 09:04



    Since Cisco switches are running on PVST+.


    The suggested changes on EX2300 device is enable "VSTP" on data VLANs and "RSTP" for untagged/native VLAN.


    This will resolve the STP convergence issue.


    The possible reason why Cisco port is going into blocking state is because the BPDUs from Cisco (Cisco properitary) is sent out with multicast mac "01:00:cc:cc:cc:cd" will not be processed properly by Juniper switch and flooded across the VLAN ports.

    Please check KB article --> https://kb.juniper.net/InfoCenter/index?page=content&id=KB15138