Cisco NX-OS/IOS STP Comparison

From DocWiki

(Difference between revisions)
Jump to: navigation, search
 
(5 intermediate revisions not shown)
Line 12: Line 12:
In Cisco NX-OS:
In Cisco NX-OS:
 +
* STP supports stateful process restarts and In-Service-Software-Upgrades (ISSU) if two supervisors are present in a chassis.
* Rapid-PVST+ and the MST protocols are supported.
* Rapid-PVST+ and the MST protocols are supported.
* Rapid-PVST+ is enabled by default.
* Rapid-PVST+ is enabled by default.
-
* High availability is achieved with stateful switchover when two supervisors are installed in a chassis.
+
* VLANs 3968-4047,4094 are reserved for internal use.  Cisco IOS Software reserves VLANs 1002-1005,4095 for internal use by default.
 +
* VLAN ranges can be configured in ascending or descending order (IE. vlan 10-20 or vlan 20-10), whereas Cisco IOS Software only supports configuring VLAN ranges in ascending order.
 +
* The STP '''spanning-tree''' global configuration commands with VLAN ranges can be configured in ascending or descending order (IE. '''spanning-tree vlan 10-20 root primary''' or '''spanning-tree vlan 20-10 root primary'''), whereas the Cisco IOS software only supports configuring spanning-tree ranges in ascending order.
 +
* The STP extended system-id is always enabled.  Cisco IOS software requires the global <b>spanning-tree extend system-id</b> configuration command.
* The STP port types are identified with the '''port type''' designation as opposed to the '''portfast''' designation in Cisco IOS Software.
* The STP port types are identified with the '''port type''' designation as opposed to the '''portfast''' designation in Cisco IOS Software.
Line 25: Line 29:
* Rapid-PVST+ is interoperable with the 802.1d STP.
* Rapid-PVST+ is interoperable with the 802.1d STP.
-
* Rapid-PVST+ is interoperable with MST. (This is enabled by default)
+
* Rapid-PVST+ is interoperable with MST. (Enabled by default)
* Only one STP can be enabled per VDC.
* Only one STP can be enabled per VDC.
* Bridge Assurance is enabled globally by default, but is disabled on an interface by default.
* Bridge Assurance is enabled globally by default, but is disabled on an interface by default.
Line 35: Line 39:
* Changing the STP mode can disrupt traffic.
* Changing the STP mode can disrupt traffic.
* Enabling Bridge Assurance is recommended.  However, only enable Bridge Assurance on layer-2 links if both devices on each end of the link support it.
* Enabling Bridge Assurance is recommended.  However, only enable Bridge Assurance on layer-2 links if both devices on each end of the link support it.
 +
* Bridge Assurance should only be configured on the vPC peer-link (configured by default) and not on any other vPC interfaces in a vPC domain.
* Typically the core/backbone devices should be configured as the primary and secondary root bridges.
* Typically the core/backbone devices should be configured as the primary and secondary root bridges.
* The default bridge priority is 32,768 (plus the VLAN #).  The lower the value, the more likely it will become the root bridge.
* The default bridge priority is 32,768 (plus the VLAN #).  The lower the value, the more likely it will become the root bridge.
-
* Configure 802.1q trunk ports as '''edge trunk''' port type when connecting to L3 hosts such as firewalls, load-balancers, or servers for faster convergence.
+
* Configure 802.1q trunk ports as '''edge trunk''' port type when connecting to layer-3 hosts such as firewalls, load-balancers, or servers for faster convergence.
Line 62: Line 67:
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''spanning-tree mode rapid-pvst'''
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''spanning-tree mode rapid-pvst'''
!width="475" align="left" style="background:#99CCFF;" |'''Rapid-PVST is enabled by default.
!width="475" align="left" style="background:#99CCFF;" |'''Rapid-PVST is enabled by default.
 +
 +
spanning-tree mode rapid-pvst'''
spanning-tree mode rapid-pvst'''
|-
|-
Line 121: Line 128:
|-
|-
{| border="0" cellpadding="2" cellspacing="6"
{| border="0" cellpadding="2" cellspacing="6"
-
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''interface GigabitEthernet1/1
+
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''interface gigabitethernet1/1
switchport
switchport
Line 151: Line 158:
|-
|-
{| border="0" cellpadding="2" cellspacing="6"
{| border="0" cellpadding="2" cellspacing="6"
-
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''interface GigabitEthernet1/1
+
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''interface gigabitethernet1/1
switchport
switchport
Line 171: Line 178:
|-
|-
{| border="0" cellpadding="2" cellspacing="6"
{| border="0" cellpadding="2" cellspacing="6"
-
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''interface GigabitEthernet1/1
+
!width="475" align="left" style="background:#ED9121;" |<font color="white">'''interface gigabitethernet1/1
switchport
switchport
Line 187: Line 194:
<font size = "3">'''Verification Command Comparison'''</font>
<font size = "3">'''Verification Command Comparison'''</font>
-
The following table lists some useful '''show''' commands for verifying and troubleshooting a STP network configuration.  The show commands are identical for Cisco IOS and Cisco NX-OS Software.
+
The following table lists some useful '''show''' commands for verifying and troubleshooting a STP network configuration.  The show commands are almost identical for Cisco IOS and Cisco NX-OS Software.
Line 195: Line 202:
!width="450" align="left" style="background:#99CCFF;" |'''Command Description'''
!width="450" align="left" style="background:#99CCFF;" |'''Command Description'''
|-
|-
-
|'''show spanning-tree'''|| show spanning-tree || Displays high level STP process information
+
|'''show spanning-tree'''|| show spanning-tree || Displays high level process information for all STP enabled VLANs
|-
|-
-
|'''show spanning-tree active'''|| show spanning-tree active || Displays all ports in the '''active''' state
+
|'''show spanning-tree active'''|| show spanning-tree active || Displays all ports in an active state
|-
|-
-
|'''show spanning-tree blockedports'''|| show spanning-tree blockedports || Displays all ports in the '''blocked''' state
+
|'''show spanning-tree blockedports'''|| show spanning-tree blockedports || Displays all ports in a blocked state
|-
|-
|'''show spanning-tree detail'''|| show spanning-tree detail || Displays detailed information per STP instance
|'''show spanning-tree detail'''|| show spanning-tree detail || Displays detailed information per STP instance
|-
|-
-
|'''show spanning-tree interface'''|| show spanning-tree interface || Displays detailed STP information for a specific interface
+
|'''show spanning-tree inconsistentports'''|| show spanning-tree inconsistentports || Displays inconsistent port status
 +
|-
 +
|'''show spanning-tree interface <i><type></i>'''|| show spanning-tree interface <i><type></i> || Displays detailed STP information for a specific interface (many sub-options)
|-
|-
|'''show spanning-tree mst'''|| show spanning-tree mst || Displays high-level MST configuration
|'''show spanning-tree mst'''|| show spanning-tree mst || Displays high-level MST configuration
Line 210: Line 219:
|-
|-
|'''show spanning-tree mst detail'''|| show spanning-tree mst detail || Displays detailed MST information
|'''show spanning-tree mst detail'''|| show spanning-tree mst detail || Displays detailed MST information
 +
|-
 +
|'''show spanning-tree mst interface'''|| show spanning-tree mst interface || Displays MST interface information
 +
|-
 +
|'''show spanning-tree pathcost method'''|| - || Displays STP path cost method
|-
|-
|'''show spanning-tree root'''|| show spanning-tree root || Displays STP root information
|'''show spanning-tree root'''|| show spanning-tree root || Displays STP root information
Line 215: Line 228:
|'''show spanning-tree summary'''|| show spanning-tree summary || Displays STP summary information
|'''show spanning-tree summary'''|| show spanning-tree summary || Displays STP summary information
|-
|-
-
|'''show spanning-tree vlan'''|| show spanning-tree vlan || Displays per VLAN STP information
+
|'''show spanning-tree vlan <i><#></i>'''|| show spanning-tree vlan <i><#></i> || Displays per VLAN STP information
|-
|-
|}
|}

Latest revision as of 21:05, 1 June 2012

Objective

This tech note outlines the main differences in Spanning-Tree Protocol (STP) support between Cisco® NX-OS Software and Cisco IOS® Software. Sample configurations are included for Cisco NX-OS and Cisco IOS Software for some common features to demonstrate the similarities and differences. Please refer to the NX-OS documentation on Cisco.com for a complete list of supported features.


STP Overview

STP is a standards based link-layer protocol originally defined in IEEE 802.1d that runs on switches to prevent forwarding loops when using redundant layer-2 network topologies. Newer variants of STP have been developed called Rapid Spanning Tree protocol (RSTP) defined in IEEE 802.1w and Multiple Spanning Tree protocol (MST) defined in IEEE 802.1s that are enhanced for better scalability and converge faster than the original version.


Important Cisco NX-OS and Cisco IOS Software Differences

In Cisco NX-OS:

  • STP supports stateful process restarts and In-Service-Software-Upgrades (ISSU) if two supervisors are present in a chassis.
  • Rapid-PVST+ and the MST protocols are supported.
  • Rapid-PVST+ is enabled by default.
  • VLANs 3968-4047,4094 are reserved for internal use. Cisco IOS Software reserves VLANs 1002-1005,4095 for internal use by default.
  • VLAN ranges can be configured in ascending or descending order (IE. vlan 10-20 or vlan 20-10), whereas Cisco IOS Software only supports configuring VLAN ranges in ascending order.
  • The STP spanning-tree global configuration commands with VLAN ranges can be configured in ascending or descending order (IE. spanning-tree vlan 10-20 root primary or spanning-tree vlan 20-10 root primary), whereas the Cisco IOS software only supports configuring spanning-tree ranges in ascending order.
  • The STP extended system-id is always enabled. Cisco IOS software requires the global spanning-tree extend system-id configuration command.
  • The STP port types are identified with the port type designation as opposed to the portfast designation in Cisco IOS Software.


Things You Should Know

The following list provides some additional facts about the Cisco NX-OS that should be helpful when designing, configuring, and maintaining a network configured with the STP.


  • Rapid-PVST+ is interoperable with the 802.1d STP.
  • Rapid-PVST+ is interoperable with MST. (Enabled by default)
  • Only one STP can be enabled per VDC.
  • Bridge Assurance is enabled globally by default, but is disabled on an interface by default.
  • Bridge Assurance can be enabled for an interface using the spanning-tree port type network interface command.
  • The clear spanning-tree counters command clears the counters for an STP interface or a VLAN.
  • STP enhancements such as BPDU Guard, Loop Guard, Root Guard, and BPDU Filtering are supported.

Spanning-Tree best practices are applicable to both Cisco NX-OS and Cisco IOS Software

  • Do not disable STP. Even if the layer-2 topology does not require STP, it should always be enabled as a safeguard for configuration and/or cabling errors.
  • Changing the STP mode can disrupt traffic.
  • Enabling Bridge Assurance is recommended. However, only enable Bridge Assurance on layer-2 links if both devices on each end of the link support it.
  • Bridge Assurance should only be configured on the vPC peer-link (configured by default) and not on any other vPC interfaces in a vPC domain.
  • Typically the core/backbone devices should be configured as the primary and secondary root bridges.
  • The default bridge priority is 32,768 (plus the VLAN #). The lower the value, the more likely it will become the root bridge.
  • Configure 802.1q trunk ports as edge trunk port type when connecting to layer-3 hosts such as firewalls, load-balancers, or servers for faster convergence.


Configuration Comparison

The following sample code shows configuration similarities and differences between the Cisco NX-OS and Cisco IOS Software CLIs. The CLI is identical with the exception of the port type terminology. The Cisco IOS uses the portfast designation, whereas Cisco NX-OS uses the port type designation.


Cisco IOS CLI Cisco NX-OS CLI
Configuring VLANs
vlan 10,20 vlan 10,20
Configuring Rapid PVST+
spanning-tree mode rapid-pvst Rapid-PVST is enabled by default.


spanning-tree mode rapid-pvst

Configuring the Rapid-PVST+ Bridge Priority
spanning-tree vlan 10 root primary

spanning-tree vlan 20 root secondary

spanning-tree vlan 10 root primary

spanning-tree vlan 20 root secondary

Configuring MST
spanning-tree mode mst spanning-tree mode mst
Configuring a MST Instance
spanning-tree mst configuration

instance 1 vlan 10

instance 2 vlan 20

spanning-tree mst configuration

instance 1 vlan 10

instance 2 vlan 20

Configuring the MST Bridge Priority
spanning-tree mst 1 root primary

spanning-tree mst 2 root secondary

spanning-tree mst 1 root primary

spanning-tree mst 2 root secondary

Configuring STP Port Types Globally
spanning-tree portfast edge default

or

spanning-tree portfast network default

spanning-tree port type edge default

or

spanning-tree port type network default

Configuring STP Port Types per Interface
interface gigabitethernet1/1

switchport

spanning-tree portfast edge

or

spanning-tree portfast network

or

spanning-tree portfast disable

interface ethernet 1/1

switchport

spanning-tree port type edge

or

spanning-tree port type network

or

spanning-tree port type normal

Configuring a Trunk as an Edge Port Type
interface gigabitethernet1/1

switchport

spanning-tree portfast edge trunk

interface ethernet 1/1

switchport

spanning-tree port type edge trunk

Disabling PVST Simulation Globally
no spanning-tree mst simulate pvst global no spanning-tree mst simulate pvst global
Disabling PVST Simulation per Port
interface gigabitethernet1/1

switchport

spanning-tree mst simulate pvst disable

interface ethernet 1/1

switchport

spanning-tree mst simulate pvst disable



Verification Command Comparison

The following table lists some useful show commands for verifying and troubleshooting a STP network configuration. The show commands are almost identical for Cisco IOS and Cisco NX-OS Software.


Cisco NX-OS STP Cisco IOS Software STP Command Description
show spanning-tree show spanning-tree Displays high level process information for all STP enabled VLANs
show spanning-tree active show spanning-tree active Displays all ports in an active state
show spanning-tree blockedports show spanning-tree blockedports Displays all ports in a blocked state
show spanning-tree detail show spanning-tree detail Displays detailed information per STP instance
show spanning-tree inconsistentports show spanning-tree inconsistentports Displays inconsistent port status
show spanning-tree interface <type> show spanning-tree interface <type> Displays detailed STP information for a specific interface (many sub-options)
show spanning-tree mst show spanning-tree mst Displays high-level MST configuration
show spanning-tree mst configuration show spanning-tree mst configuration Displays the MST instance configuration
show spanning-tree mst detail show spanning-tree mst detail Displays detailed MST information
show spanning-tree mst interface show spanning-tree mst interface Displays MST interface information
show spanning-tree pathcost method - Displays STP path cost method
show spanning-tree root show spanning-tree root Displays STP root information
show spanning-tree summary show spanning-tree summary Displays STP summary information
show spanning-tree vlan <#> show spanning-tree vlan <#> Displays per VLAN STP information

Rating: 4.8/5 (12 votes cast)

Personal tools