VLAN's in ring topology problems

[c5244714]

https://skydrive.live.com/redir?resid=8F38B87E1779DB5!1568&authkey=!ABdTM-otUO8zCz4c5244714@gmail.com

Hello all

I have a little complex network problem with switches layer two which install in ring topology

The sketch and the specific scenario is described in the link file
now each port is member and tagged to its VLAN
for example : switch 19- ports 11-12 tagged member of VLAN5 default: VLAN5, ports 9-10 tagged
,member of VLAN 4 , default VLAN 4 and so on.
I had suggested to add the link ports (9-12) to be a member of all VLAN configure in its switch
For example: switch 19:
Ports 9,10,11,12 will be a member of VLANs 4 and VLAN5,And so on for the rest of the switches
The problem for example is that in VLAN3 two ports (11 in switch 1 and 11 in switch 6) are both in DISCARDING
so it is not OK for ring topology when I expected to get only one DISCARDING port for each ring .
(communication is not possible between vlan6 to vlan 1 when i unplugged port 12 in switch 3)
What is the correct configuration per switch to make it works ?
please describe in details
many thanks for your comment

 

[bill001g]

So to avoid writing a book I will assume you understand at least basics of spanning tree.

I am going to assume this is not cisco and therefore is running the industry standard MSTP...ie 802.1s

By default you only have a single spanning tree instance. It does not matter what vlans you do or do not have on the ports between the switches. The switches think ALL vlans can pass over the same links. If you do not actually allow the vlans on the the paths then you get into conflicts like you have. Note the tagging means nothing to spanning tree...it always runs on untagged no matter what vlan number you assign.

You have 2 options to fix this. Put all vlans on all ports between all switches. You may not get optimum traffic flow doing this or there may be security issues. Option 2 is to create different spanning tree instances for the different vlans or at least for the ones causing you the most trouble. This way the spanning tree will block different ports at the vlan level...so it will be forwarding on some vlans but blocking on others.

Of course you could just buy all cisco switches and use their PVST which gives each vlan its own spanning tree instance and it all just magically works.

 

[c5244714]

hello ,
what do you say about using GVRP as a second option?

 

[bill001g]

Not sure if that alone would fix the issue. This is similar to cisco VTP. Mostly what it does it keep a constant vlan structure across the switches. So if vlan 10 is "accouting"on switch 5 it is "accounting" on switch 11. The other feature of controlling which vlans on the trunk ports I am not sure how is implemented on various platforms other than cisco. Cisco by default allows all vlans on all ports unlike almost every other switch in existence that you must manually add each vlan to the port. Cisco then filters the vlans but they also run PVST. Normally even on cisco if I am running MSTP I disable and do not use VTP.

Still in any case this is just a variant of my option 1 solution. Add all vlans to all ports. You still only have a single spanning tree instance which means ALL your vlans will still have the same combination of blocked and forwarding ports. It works but may not be optimal.

GVRP is mostly used to aid configuration it is not does not solve design issues with spanning tree.