Dec 28, 2023 7 min read Implementing VLANs and STP

CCNA | P3: Implementing VLANs and STP | C3: Mastering Spanning Tree and L2 EtherChannel for a More Efficient Network

Welcome to our latest networking blog post! In this article, we’ll explore the ins and outs of Per-VLAN Spanning Tree and L2 EtherChannel configuration. These two technologies can help you build a more efficient network by optimizing load balancing, providing redundancy, and more. We’ll cover everything from the basics to advanced configuration options, so whether you’re a beginner or an experienced network administrator, you’ll find something useful here. Let’s get started!

Lesson Contents

Spanning Tree for Multiple VLANs
Per-VLAN Spanning Tree (PVST)
Rapid Per-VLAN Spanning Tree (RPVST+)
The Multiple Spanning Tree Protocol (MSTP)
Configuring L2 EtherChannel
Auto-Negotiation for EtherChannels
Manual Configuration For EtherChannels
Troubleshooting EtherChannel
Conclusion

Spanning Tree for Multiple VLANs

Original STP and RSTP do not optimize for multiple VLANs. Without any extensions to the protocol, the BDPUs travel in the native VLAN and there is just one spanning tree (CST Common Spanning Tree) for all VLANs.
This can lead to suboptimal load balancing and network congestion.
Per-VLAN spanning trees make load balancing possible.
An administrator can configure different spanning trees to take different paths through the campus network by configuring different Root Bridges (and Port Priorities if desired) for different trees. All trees will still take the same paths without manual configuration.

There are three multiple spanning tree protocols available:

PVST+
RPVST+
MST

Per-VLAN Spanning Tree (PVST)

It is a Cisco-proprietary extension to classic STP. PVST operates a separate instance of STP for each individual VLAN. This allows VLANs to be configured independently and can perform better.
PVST+ is an extension of PVST that provides support for IEEE 802.1Q VLANs.PVST+ is the default on Cisco switches since IOS version 15.21.
PVST+ creates a separate spanning tree for each enabled VLAN. If used, the administrator will typically configure one Root Bridge for half the VLANs and a different Root Bridge for the other half.
Multiple VLANs can be configured to use the same Root Bridge with a single command. This results in half the VLANs taking one path through the campus and the other half taking a different path.
This approach can help optimize load balancing and reduce network congestion.

Rapid Per-VLAN Spanning Tree (RPVST+)

It is a Cisco-proprietary extension to RSTP that allows you to create one separate spanning tree for each enabled VLAN. RPVST+ works similarly to PVST+.
RPVST+ is the default mode since IOS version 15.2. RPVST+ is an improvement over PVST+ in terms of convergence time.
RPVST+ uses a proposal/agreement handshake protocol to reduce the convergence time. RPVST+ also uses a synchronization mechanism to ensure that all switches in the network have the same view of the network topology.
RPVST+ is backward-compatible with PVST+ and STP.RPVST+ can interoperate with switches that run legacy IEEE 802.1D STP.

Example To Configure RPVST+:

Sw1(config)# spanning-tree mode pvst

Make Sw1 the Root Bridge for VLANs 10 – 13:

Sw1(config)#spanning-tree vlan 10-13 priority 4096
Sw2(config)# spanning-tree mode pvst

Make Sw2 the Root Bridge for VLANs 20 – 23:

Sw2(config)#spanning-tree vlan 20-23 priority 4096

The Multiple Spanning Tree Protocol (MSTP)

It is an IEEE standard defined in 802.1Q amendment 802.1s. MSTP allows an administrator to create separate spanning trees for different VLANs.
An administrator can group multiple VLANs into a single spanning tree instance, which can help reduce the number of spanning trees for the switches to calculate.
This can result in less CPU overhead than PVST+ and RPVST+. With PVST+ and RPVST+, there will be two Root Bridges used, two paths, and 200 spanning trees if there are 200 VLANs in use.
One hundred VLANs will use one path, and the other 100 will use the other path, but they are each calculated separately. With MST, there will be two Root Bridges used, two paths, and two spanning trees.
MST can be more efficient than PVST+ and RPVST+ in terms of CPU usage and network performance.

Example To Configure MST:

Sw1(config)#spanning-tree mode mst
Sw1(config)#spanning-tree mst configuration
Sw1(config-mst)#name study-ccna
Sw1(config-mst)#revision 1
Sw1(config-mst)#instance 2 vlan 10,11,12,13
Sw1(config-mst)#instance 3 vlan 20,21,22,23

Make Sw1 the Root Bridge for instance 2 VLANs 10 – 13:

Sw1(config)#spanning-tree mst 2 priority 4096
Sw2(config)#spanning-tree mode mst
Sw2(config)#spanning-tree mst configuration
Sw2(config-mst)#name study-ccna
Sw2(config-mst)#revision 1
Sw2(config-mst)#instance 2 vlan 10,11,12,13
Sw2(config-mst)#instance 3 vlan 20,21,22,23

Make Sw1 the Root Bridge for instance 3 VLANs 20 – 23:

Sw2(config)#spanning-tree mst 3 priority 4096

All three protocols embed the VLAN number in the priority part of Bridge ID.
Two bytes originally reserved for priority are divided into 4-bits of priority and 12 bits System ID Extension.
As a result:

newpriority = floor(oldpriority/4096)
System ID Extension = oldpriority%4096

They also VLAN-tag the BPDUs, whereas the bare STP/RSTP sends them in native VLAN.

To select the protocol in use, you can use the following commands:

spanning-tree mode mst use MSTP
spanning-tree mode rapid-pvst use RPVST+
spanning-tree mode pvst use PVST+

To set priority, you can use the following commands:

spanning-tree vlan n priority m where m is 0 or a multiple of 4096
spanning-tree vlan n root primary set priority to 24576 or to a value 4096 less than the current lowest priority setting in the network.
spanning-tree vlan n root secondary set priority to 28672, which in ordinary circumstances would be higher than root but lower than other switches.

To set port cost, you can use the following command:

spanning-tree [vlan n] cost x manually set port cost for a given port. The vlan parameter is optional. If given, set the cost only for a particular VLAN’s spanning tree, if not, for all spanning trees.

Configuring L2 EtherChannel

An EtherChannel is a technology that allows you to bundle multiple physical links into a single logical link.
From the point of view of STP, the EtherChannel acts as a single virtual link, so each link in the bundle can forward traffic.
This can help optimize load balancing and reduce network congestion. EtherChannel also provides redundancy. Should one of the bundled physical links fail, the remaining links will remain available, and the EtherChannel as a whole will continue functioning.
This can help ensure network availability and minimize downtime.

To manually configure an EtherChannel, use the following command:

(config-if)# channel-group n mode on assign a port to the EtherChannel with ID n

To show EtherChannel status, use the following commands:

# show etherchannel n summary show summary status – state, ports bundled – of the EtherChannel with ID n
# show etherchannel n port-channel show detailed info – including auto-negotiation – on the EtherChannel with ID n

EtherChannel virtual interfaces are named Port-channeln (usually shortened to Pon), where n is the ID, eg. Po1 for ID 1.

Auto-Negotiation for EtherChannels

Auto-negotiation can be achieved with two protocols:

Cisco-proprietary Port Aggregation Protocol (PAgP)

2.IEEE standard Link Aggregation Control Protocol (LACP)

PAgP and LACP are mostly analogous except the fact that LACP is more commonly used. At least one side of the link must be set to initiate auto-negotiation, and the other can be set to wait for the other to begin.

This is done with:

(config-if)# channel-group n mode active Use LACP, initiate auto-negotiation
(config-if)# channel-group n mode passive Use LACP, wait for the other side to initiate auto-negotiation
(config-if)# channel-group n mode desirable Use PAgP, initiate auto-negotiation
(config-if)# channel-group n mode auto Use PAgP, wait for the other side to initiate auto-negotiation

Manual Configuration For EtherChannels

When configuring EtherChannel, it’s important to note that manual configuration (mode on) disables auto-negotiation and cannot be used with auto-negotiation enabled on the other side of the link.
If you want to use auto-negotiation, you can use active-active or desirable-desirable modes. However, passive-passive and auto-auto modes will not work.
It’s important to ensure that both sides of the link are configured correctly to avoid any issues with auto-negotiation.

Here is an example of how to configure LACP (also configure the same settings on the switch on the other side of the link):

Sw1(config)#interface range f0/23 - 24
Sw1(config-if-range)#channel-group 1 mode active
Sw1(config-if-range)#exit
Sw1(config)#interface port-channel 1
Sw1(config-if)#switchport mode trunk
Sw1(config-if)#switchport trunk native vlan 199

Troubleshooting EtherChannel

Regardless of whether auto-negotiation was used or not, the following parameters must match across all bundled ports:

Ports are not shut down
Speed
Duplex setting
VLAN mode: all must be trunk or all must be access
Access VLAN, if port set as an access port
Allowed VLANs and native VLAN, if port set as trunk port
STP settings (port cost)

If there is a mismatch, the PortChannel virtual interface will be put in an err-disabled state. To recover, fix the underlying mismatch and then do:

(config-if)# shutdown
(config-if)# no shutdown

Sidenote: shutdown and no shutdown command automatically apply to the associated physical interfaces when the command is run at the PortChannel level.

Load distribution:

EtherChannel can distribute its load between all links based on a number of criteria. This is set by:

(config)# port-channel load-balance method where method is one of the following:
◦ src-mac (default on most switches)
◦ dst-mac
◦ src-dst-mac
◦ src-ip
◦ dst-ip
◦ src-dst-ip
◦ src-port
◦ dst-port
◦ src-dst-port
# show etherchannel load-balance shows the enabled method
# test etherchannel load-balance interface PoN pol {mac|ip|port} src dst simulate which link would be used to carry traffic between given source and destination

Conclusion

I hope the information I provided on Per-VLAN Spanning Tree and L2 EtherChannel was helpful.
In summary, Per-VLAN spanning trees make load balancing possible and can be configured to take different paths through the campus network by configuring different Root Bridges for different trees. There are three multiple spanning tree protocols available: PVST+, RPVST+, and MST.
L2 EtherChannel is a bundle of physical links that act as a single virtual link from the point of view of STP so each link in the bundle can forward traffic. It also provides redundancy.
You can manually configure an EtherChannel or use LACP. Regardless of whether auto-negotiation was used or not, the parameters must match across all bundled ports.
Load distribution can be achieved based on a number of criteria.

I hope this information is helpful. Please let me know if you have any further suggestions or feedback. I look forward to working with you!

Kunal Patel | Contact me

description

Contact me

Kunal Patel

Working as Assistant Manager IT my curiosity led me to learn technologies beyond networking, including cloud computing, Python, APIs, Rust, Dart/Flutter, Linux, and Virtualization.

Mumbai, India