04-14-2015 04:23 AM
Understand that when enable single STP, all the ports that are in port-based VLANs with STP enabled become members of a single spanning tree domain, it is useful for connecting a Brocade device to third-party devices that run a single spanning tree in accordance with the 802.1Q specification.
How if the brocade device is connected to multi-vlan network devices which is non-single STP, is it suggest to enable the SSTP or don't enable SSTP ? what is the advantage of the practice?
Appreciate your advice.
04-21-2015 12:23 AM
This is a very broadly asked question.
When we try and design networks for our clients, we try to ensure that our design is in such a way that Spanning Tree could be avoided as much as possible, also including while attaching the newer network with older networks.
When the number of VLANs will increase, configuring and keeping a track of Spanning Tree for all the VLANs could become a headache. This also goes for RSTP. Instead of Spanning tree, we prefer to give "Link Aggregation" , if it is between two switches or between two stacks.
This is the best practise that can be suggested from my side. Rest, it all depends on the current scale of the network and future scalability possibilites.
04-29-2015 10:09 AM - edited 04-29-2015 10:12 AM
I gotta admit too that the question was very vague. Which is why I recommended you to read a bit. Got your architecture drawn in visio or a scan of a piece of paper? Are you planning to grow a lot in the upcoming months?
SSTP can be used if you have a very simple, low amount of vlans. It's not optimal. There's a lot of limitations to SSTP. The most problematic one (which in turn is solved by MSTP), is the inability to use blocked links for traffic forwarding due to single STP instance present.
I personally would advise against using SSTP. Let multiple trees run, but be careful how much vlans you end up with. You will require to sanitize thhings after a while. Make sure you keep an eye on your system-max values when deploying RTSP or MSTP.
I recommend MSTP if you deal with fairly large volumes of vlans. It ensures that you can scale properly based on your stp region design. You absolutely want L2 stability in your switching-routing core. MSTP can safely interact with SSTP/RSTP. I come from the carrier world, we live by MSTP - where loops will screw your day in ways you will not enjoy. Limiting your instances keeps your CPU/ASICs from spiking with a ton of BPDU from so much instances tagged to the BPDU...
We typically split all the vlans into 5 instances on our architectures.
If you connect to older networks or networks you do not want to receive BPDUs from, block bpdu/enable root guard on the port to protect your new network segments.
If turn off STP, you are immediately vulnerable to loops and you need to be extremely careful on how you scale/deploy routers/switches. Only in some rare cases you would want to disable it for lets say hopping through another switch to do vlan translation when an NNI facing equipment doesn't support it.
Proper network design requires you have a root bridge configured as this is the most common STP problem. Each manufacturer set their own "defaults" that are not sane. Second worst mistake is to make use of plain 802.1D and not RSTP/MSTP. Third worst mistake is to think your network doesn't need STP... turning off STP is a recipe for a total network meltdown / disaster... the moment someone connects the wrong wire at the wrong port, you got a total meltdown.