Disabling PVST

[jkaftan]

Hello:

I inherited a network that had PVST enabled. At one time they were thinking about a dual core network with multiple fiber links to each closet. I am guessing that they wanted to load balance to the separate cores.

That model has been abandoned due to cost and also we are just not a five 9s shop so it is not needed (KISS).

We have a collapsed core and only one closet has 2 links that is configure with Etherchannel.

The other thing that is happening is that our VLAN count is growing. We are up to 62 VLANs now. I don’t really have a feel for the load that 62 instances of STP could cause but why have it if it is not needed?

I am also planning on setting up pruning.

I am thinking these changes should have no negative effect on our network.

Am I missing something?

Thanks

 

[vipergg]

Bad idea . Turning off spanning tree in any size network is not a good idea. All it takes is one user to loop a user port and it will take your whole network down . Spanning tree does not add that much load to the network. I wouldn't turn off pvst it is a major protection against layer 2 loops in your network.

 

[jkaftan]

Oh I agree. I would never turn off STP altogether. I was thinking I could just have one STP instance rather then 62 with PVST. I just want to disable PVST.

 

[ADB100]

Single core? With 62 VLANs? What if it breaks? Anyway, that's not what you asked....

Cisco switches by default run PVST+. There isn't an option for 'standard' 802.1d STP as PVST+ is compatible with it. If you want a single STP instance to handle all your VLANs then you are looking at MST. By default all VLANs are mapped to MST Instance 0 so simply switching STP modes is enough to get you going. However check your switches are capable of MST, plus there is likely to be some disruption so perform the change in a maintenance window.

I loathe big layer-2 networks as they are such a pain to troubleshoot, plus any network problems are always network wide. I would take a step back and look at how the network could be better setup. But that is my opinion...

Andy

 

[jkaftan]

I am pretty happy with the setup in general. If it breaks well then it breaks. I do have a 4 hour maintenance window on the core plus I have a spare now so I am not too worried. We are a small college and things are pretty laid back.

As for building out a dual core? Perhaps I should but that adds more complexity for troubleshooting as well.

I don't see the problem with having 62 VLANs in terms of troubleshooting. Why is that a problem?

We have a VLAN for each building and then we also have a VLAN for each computer lab. It is all working fine.

Perhaps if it ain't broke I should not mess with it. I was just trying to cut down on the overhead that I imagnine having 62 STP instances might add.

 

[unclerico]

If you have each building on its own subnet as well as each lab on its own subnet and you have no need for end-to-end VLAN's then you could look at using Layer 3 interfaces instead. 62 VLAN's in a straight layer 2 network can be a PITA without question. I'm basically rehashing what ADB has already said, but if you're worried about maintainging 62 separate STP instances definitely look into MST. It uses Rapid STP at its core so STP convergence is less of an issue. It can be a little tricky to set up properly if you have a lot of links and you want to maximize their usage. Again, as ADB said, make sure your switch firmware/IOS supports MST.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[VinceWhirlwind]

Surely the first step in this kind of decision-making process would be to document precisely where your switches are all at in terms of memory and CPU utilisation?
If they are not struggling, why bother?

Additionally, what you should be doing regardless is to prune VLANs on the uplink trunks, and prune VTP updates, so none of the edges have any visibility of the other VLANs and each edge switch only deals with the one (or so) VLAN.

 

[jkaftan]

I do have high memory utilization on my 2950 access layer switches. Their memory is 70-80% utilized according to our network monitoring server. When I do a "sh proc mem" I typically get 60-65%.

It does not look like spanning tree is the culprit but 60+% utilized does seem fishy when our network is absolutely idle at night.

The trunks are not at all utilized bandwidth wise. I am mostly under 3Mb to each building on 1Gb links. 10 Mb would be crazy.

 

[VinceWhirlwind]

Get one of your 2950s, not attached to the network and with no VLANs configured on it and do a show mem on it to get a baseline.

From memory, the 2950s I've used show high mem utilisation "at rest" anyway.
What about CPU utilisation?

In any case - get on with all the pruning you can do, it should tidy things up a lot.

 

[jkaftan]

Will do thanks. CPU is around 25%.

I have been meaning to do that test. I will give that a try too.

I have posted before about the high mem utilization and folks generally thought it was not a problem so I let it go.

It will be interesting to see if mem utilization goes down once I prune.

If I prune campus wide and I have a 2950 with only 2 VLANs defined it stands to reason that the 2950 will not have to be managing 62 instances of STP.

Since Cisco's default is to have PVST turned on and folks have said that MST and Rapid STP can be tricky to get right I am thinking that pruning is all I will need.

Thanks for the input.

 

[vipergg]

That is correct just "manually" prune off the trunk links with "switchport trunk allowed vlan XX " command .