The consulting company I work for does a fair number of projects where we remove older Cisco switches and replace them with Juniper switches. I'm labbing with physical switches and am running into some interesting STP behavior that I am trying to fully understand.
With default STP configs (rapid pvst+ on the 3750 & RSTP on the EX2300), nothing unusual happens. However, add a second EX2300, and give it a redundant connection to the other EX2300 (see the attached image), and suddenly the switch labeled 3750-01 goes into STP blocking mode for all vlans on the trunk (fa0/0/47) to the EX2300s. Apart from removing the redundant link, I can resolve the issue by converting the EX switches to VSTP. I believe switching to MSTP will also do the trick, but I've yet to lab that out.
I know how to fix the problem, but I want to know why the Cisco switch blocks the uplink to the Juniper switches. The Cisco is the root bridge for all vlans. I've run several debugs on the Cisco switch, but I have been unable to determine exactly why this happens. Perhaps that is the point. Mix STP protocols and expect unexpected results.
Here's the output on the Cisco side:
3750-01#show spanning-tree vlan 110
VLAN0110 Spanning tree enabled protocol rstp Root ID Priority 4206 Address 5006.0436.8400 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 4206 (priority 4096 sys-id-ext 110) Address 5006.0436.8400 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type------------------- ---- --- --------- -------- --------------------------------Fa3/0/46 Desg FWD 200000 128.162 P2pFa3/0/47 Back BLK 200000 128.163 P2p
I have highlighted the interface that trunks to the Juniper switches. The Juniper switch shows the port is forwarding and is a root port.
root@EX-01> show spanning-tree interface
Spanning tree interface parameters for instance 0
Interface Port ID Designated Designated Port State Role port ID bridge ID Cost... [output removed as unecessary]ge-0/0/10 128:500 128:500 32768.9ccc83ac7a71 20000 FWD DESGge-0/0/11 128:501 128:163 4097.500604368400 200000 FWD ROOT
ge-0/1/0 128:502 128:502 32768.9ccc83ac7a71 20000 FWD DESG
Ports ge-0/0/10 & ge-0/1/0 are the redundant uplinks to the other EX switch.
Converting the 3750 to MST and putting all VLANs in region0 is also a workable solution.
Look for this dod "Spanning Tree Protocol in Layer 2-Layer 3 Environments"
It may help to explain why that happens. It may have to do with the multicast address that CISCO use in in PVST+, vlan 1 and how Juniper handles that kind of traffic. I am taking it that you have configured rstp on Juniper.
@ procopius560 for Juniper interoperability with Cisco R-PVST+ on Juniper side you need to enable both RSTP and VSTP for any interface that connects to Cisco. By Juniper default you are missing the VSTP part, which I believe is why Cisco blocks.
Going with MSTP is one solution, but better solution is a design with no STP period -:)
VSTP worked great with our RPVST+ switches. Thanks for this tip!
Since Cisco switches are running on PVST+.
The suggested changes on EX2300 device is enable "VSTP" on data VLANs and "RSTP" for untagged/native VLAN.
This will resolve the STP convergence issue.
The possible reason why Cisco port is going into blocking state is because the BPDUs from Cisco (Cisco properitary) is sent out with multicast mac "01:00:cc:cc:cc:cd" will not be processed properly by Juniper switch and flooded across the VLAN ports.
Please check KB article --> https://kb.juniper.net/InfoCenter/index?page=content&id=KB15138