Ethernet Switches & Routers

Reply
Contributor
Posts: 30
Registered: ‎12-13-2010

Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

Hi,

 

it seems that the MLX is forwarding Layer2 VLAN1 BPDUs on all "route-only" Layer3 interfaces. This is breaking other Layer2-Systems behind the "route-only" port. Is this a bug or can the flooding of VLAN1 BPDUs to Layer3 ports be disabled in any way by configuration?

 

Gerald

External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

gerald,

 

->Is this a bug...

 

you can see in the Release Notes if any such Defect is listed.

TechHelp24
Contributor
Posts: 30
Registered: ‎12-13-2010

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

 

I've got some useful information through a other forum/community and it seems to work es designed.

 

This MLX has "spanning-tree" in the global config and together with the default "dual-mode-default-vlan" feature, route-only ports belong to the default VLAN untagged and unfortunately take part in STP.

 

The solution seems to be to disable STP in some way (e.g. put the "route-only" interfaces in to an unused VLAN and disable STP on this interface/VLAN), or maybe disable "dual-mode-default-vlan" in global mode.

 

I'm not sure what solution is the best for me but at least I have an idea now what the problem is and can go on to solve it.

 

Gerald

External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

Gerald,

 

-->>This MLX has "spanning-tree" in the global config and together with the default "dual-mode-default-vlan" feature, route-only ports belong to the default VLAN untagged and unfortunately take part in STP.

 

if I'm right, as per my opinion and accord the Guide, you can configure as descripted in the NOTE below: ( marked in red )

 

from Switching Configuration Guide

 

NOTE
When you configure a VLAN, the VLAN inherits the global STP settings. However, once you begin to
define a VLAN, you can no longer configure standard STP parameters globally using the CLI. From
that point on, you can configure STP only within individual VLANs.

TechHelp24
Contributor
Posts: 30
Registered: ‎12-13-2010

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

[ Edited ]

Yes Antonio, I think I can solve this on individual interface/VLAN level only on this MLX.

 

Current configuration:

!

int eth 1/2

  enable

  route-only

  ip address 10.0.0.1/24

!

 

Approach 1:

!

int eth 1/2

  enable

  route-only

  ip address 10.0.0.1/24

  no spanning-tree

!

 

Approach 2:

!

vlan 666 name dummy-layer3-vlan

  untag eth 1/2

  no spanning-tree

!

 

I'am going to check this on Monday.

 

Gerald

External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

Gerald,

 

let me know if the procedure work.

 

in such case:

 

->The solution seems to be to disable STP in some way

 

is not necessary to disable STP as you get suggested.

 

have a nice WE

 

 

TechHelp24
Contributor
Posts: 30
Registered: ‎12-13-2010

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

   " ... in such case:

   ->The solution seems to be to disable STP in some way

   is not necessary to disable STP as you get suggested...."

 

What other solution beside disabling STP do you see for such a case: "deny any STP BPDU forwarding on L3 interfaces" ? In this special situation I need a solution that do not disturb any other existing and working configuration on this MLX. 

 

Gerald

External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

I don't know the exact config in details, but for surely ( is my opinion ) is not a solution as you get to

 

"The solution seems to be to disable STP in some way"

 

honest, is this a solution you are looking for ? then you can disable STP.

 

I've my doubt.

TechHelp24
Contributor
Posts: 30
Registered: ‎12-13-2010

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

Maybe I was not specific enough - I meant "disable STP on Layer3 ports in some way" but not disabling STP globally for all ports and all VLANs. All the Layer2 ports should remain in the normal STP processing of course.

 

The underlaying problem in my situation is, that I have to connect 4 "route-only" MLX Layer3 ports to one customer Layer2 switch. The customer expect clean Layer3 links without any STP BPDUs from us. Or the other way around: I will provide clean Layer3 links to the customers, because not all can (or are willing to) configure BPDU blocking on their own systems.

 

Gerald

External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Netiron MLX Layer3 route-only port is forwarding Layer2-BPDUs

I'm not sure if this possible, I'll try to find more tomorrow and post here.

 

 

TechHelp24

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook