Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Monitoring and Troubleshooting Spanning Tree Protocols

 

Monitoring Spanning Tree Protocols on Switches

Purpose

Note

This topic applies only to the J-Web Application package.

Use the monitoring feature to view status and information about the spanning-tree protocol parameters on your EX Series switch.

Action

To display spanning-tree protocol parameter details in the J-Web interface, select Monitor > Switching > STP.

To display spanning-tree protocol parameter details in the CLI, enter the following commands:

  • show spanning-tree interface

  • show spanning-tree bridge

Meaning

Table 1 summarizes the spanning-tree protocol parameters.

Table 1: Summary of Spanning Tree Protocols Output Fields

FieldValues

Bridge Parameters

Routing instance name

Note: The option is supported only on EX4300 switches.

Displays bridge information for the specified routing instance.

Context ID

An internally generated identifier.

Enabled Protocol

Spanning-tree protocol type enabled.

Root ID

Bridge ID of the elected spanning-tree root bridge.

The bridge ID consists of a configurable bridge priority and the MAC address of the bridge.

Root cost

Calculated cost to reach the root bridge from the bridge where the command is entered.

Root port

Interface that is the current elected root port for this bridge.

Bridge ID

Locally configured bridge ID.

Hello time

The time for which the bridge interface remains in the listening or learning state.

Forward delay

The time for which the bridge interface remains in the listening or learning state before transitioning to the forwarding state.

Extended System ID

The system ID.

Inter Instance ID

An internally generated instance identifier.

Maximum age

Maximum age of received bridge protocol data units (BPDUs).

Number of topology changes

Total number of spanning-tree protocol topology changes detected since the switch last booted.

Time since last topology change

Note: This option is supported only on EX4300 switches.

Number of seconds elapsed since the last topology change.

Spanning Tree Interface Details

Interface Name

Interface configured to participate in the spanning-tree protocol instance.

Port ID

Logical interface identifier configured to participate in the spanning-tree protocol instance.

Designated Port ID

Port ID of the designated port for the LAN segment to which the interface is attached.

Designated Bridge ID

ID of the designated bridge to which the interface is attached.

Port Cost

Configured cost for the interface.

Port State

Spanning-tree protocol port state:

  • Forwarding (FWD)

  • Blocking (BLK)

  • Listening

  • Learning

  • Disabled

Role

MSTP or RSTP port role, Designated (DESG), backup (BKUP), alternate (ALT), or root.

Spanning Tree Statistics of Interface

Interface

Interface for which statistics is being displayed.

BPDUs Sent

Total number of BPDUs sent.

BPDUs Received

Total number of BPDUs received.

Next BPDU Transmission

Number of seconds until the next BPDU is scheduled to be sent.

Checking the Status of Spanning-Tree Instance Interfaces

On an MX Series router with a spanning-tree protocol enabled, the detection of a possible bridging loop from spanning-tree protocol operation can raise a bridge protocol data unit (BPDU) error condition on the affected spanning-tree instance interface.

To check whether a spanning-tree instance interface is blocked due to a BPDU error condition:

  1. To check the status of spanning-tree instance interface, use the show interfaces command:

  2. You can determine the status of the interface as follows:

    • If the BPDU Error field is none, the interface is enabled.

    • If the BPDU Error field is Detected and the link is down, the interface is blocked.

    Tip

    If an interface is blocked, see Troubleshooting section.

Understanding Spanning-Tree Protocol Trace Options

In order to trace spanning-tree protocol operations, you can set spanning-tree protocol-specific trace options in the spanning-tree protocol configuration.

For general information about tracing and global tracing options, see the statement summary for the global traceoptions statement in the Junos OS Routing Protocols Library for Routing Devices.

Configuring Tracing Spanning-Tree Operations

You can enable global routing protocol tracing options at the [edit routing-options] Hierarchy Level. For general information about tracing and global tracing options, see the statement summary for the global traceoptions statement in the Junos OS Routing Protocols Library.

In addition, you can enable STP-specific trace options at the following hierarchy levels:

The routing instance type can be either virtual-switch or layer2-control.

To enable tracing of spanning-tree protocol operations:

  1. Enable configuration of the spanning-tree protocol whose operations are to be traced:
    [edit]

    user@host# edit ... protocols (mstp | rstp | vstp)
  2. Enable configuration of spanning-tree protocol-specific trace options:
    [edit ... protocols (mstp | rstp | vstp)]

    user@host# edit traceoptions
  3. Configure the files that contain trace logging information:
    [edit ... protocols (mstp | rstp | vstp)]

    user@host# set file filename <files number> <size bytes> <world-readable | no-world-readable>
  4. Configure spanning-tree protocol-specific options.

    1. To enable a spanning-tree protocol-specific option, include the flag statement:
      [edit ... protocols (mstp | rstp | vstp)]

      user@host# set flag flag <flag-modifier> <disable>



      You can specify the following spanning-tree protocol-specific flag options:

      • all—Trace all operations.

      • all-failures—Trace all failure conditions.

      • bpdu—Trace BPDU reception and transmission.

      • bridge-detection-state-machine—Trace the bridge detection state machine.

      • events—Trace events of the protocol state machine.

      • port-information-state-machine—Trace the port information state machine.

      • port-migration-state-machine—Trace the port migration state machine.

      • port-receive-state-machine—Trace the port receive state machine.

      • port-role-transit-state-machine—Trace the port role transit state machine.

      • port-role-select-state-machine—Trace the port role selection state machine.

      • port-transmit-state-machine—Trace the port transmit state machine.

      • port-state-transit-state-machine—Trace the port state transit state machine.

      • ppmd—Trace the state and events for the ppmd process.

      • state-machine-variables—Trace when the state machine variables change.

      • timers—Trace protocol timers.

      • topology-change-state-machine—Trace the topology change state machine.

      Note

      Use the trace flag all with caution. This flag may cause the CPU to become very busy.

    2. To disable an individual spanning-tree protocol-specific option, include the disable option with the flag statement.
  5. Verify the spanning-tree protocol-specific trace options:

Example: Tracing Spanning-Tree Protocol Operations

Trace only unusual or abnormal operations to /var/log/stp-log:

Unblocking a Switch Interface That Receives BPDUs in Error (CLI Procedure)

EX Series and QFX Series switches use bridge protocol data unit (BPDU) protection on interfaces to prevent them from receiving BPDUs that could trigger a spanning-tree misconfiguration. If BPDUs are received on a BPDU-protected interface, the interface either shuts down or transitions to a blocking state and stops forwarding frames. In the latter scenario, after the misconfiguration that triggered the BPDUs being sent to an interface is fixed in the topology, the interface can be unblocked and returned to service.

Note

This topic applies to Junos OS for EX Series and QFX switches with support for the Enhanced Layer 2 Software (ELS) configuration style. For switches that do not support ELS, see Unblocking an Interface on non-ELS EX Series Switches That Receives BPDUs in Error (CLI Procedure). For ELS details, see Using the Enhanced Layer 2 Software CLI.

To unblock an interface and return it to service using the CLI:

  • Automatically unblock an interface by configuring a timer that expires:

    [edit protocol layer 2]

    user@switch# set protocols layer2-control bpdu-block disable-timeout 30

    All interfaces on the switch will be reenabled (unblocked) after the timer expires. However, once an interface on the switch receives a new spanning-tree protocol BPDU, the interface returns to the blocked state.

  • Manually unblock an interface using the operational mode command:

    user@switch> clear error bpdu interface ge-0/0/6

    This command will only reenable an interface but the BPDU configuration for the interface will continue to exist unless you remove the BPDU configuration explicitly.

Unblocking an Interface on non-ELS EX Series Switches That Receives BPDUs in Error (CLI Procedure)

EX Series switches use bridge protocol data unit (BPDU) protection on interfaces to prevent them from receiving BPDUs that could trigger a spanning-tree misconfiguration. If BPDUs are received on a BPDU-protected interface, the interface either shuts down or transitions to a blocking state and stops forwarding frames. In the latter scenario, after the misconfiguration that triggered the BPDUs being sent to an interface is fixed in the topology, the interface can be unblocked and returned to service.

To unblock an interface and return it to service using the CLI:

  • Automatically unblock an interface by configuring a timer that expires:

    [edit ethernet-switching-options]

    user@switch# set bpdu-block disable-timeout 30

    All interfaces on the switch will be re-enabled (unblocked) after the timer expires. However, once an interface on the switch receives a new spanning-tree protocol BPDU, the interface returns to the blocked state.

  • Manually unblock an interface using the operational mode command:

    This command will only re-enable an interface but the BPDU configuration for the interface will continue to exist unless you remove the BPDU configuration explicitly.

Clearing the Blocked Status of a Spanning-Tree Instance Interface

To clear the blocked status of a spanning-tree instance interface on routers or on switches running Junos OS with support for the Enhanced Layer 2 Software (ELS) configuration style:

Note

When you configure BPDU protection on individual interfaces (as opposed to on all the edge ports of the bridge), you can use the disable-timeout seconds option to specify that a blocked interface is automatically cleared after the specified time interval elapses (unless the interval is 0).

Checking for a MAC Rewrite Error Condition Blocking a Spanning-Tree Instance Interface

To check whether an interface or a spanning-tree instance interface is blocked due to a MAC rewrite error condition:

  1. Use the show interfaces operational mode command:

  2. You can determine the status of the interface as follows:

    • If the value in the Physical interface includes Enabled, Physical link is Up and the value of the BPDU Error field is None, the interface is enabled

    • If the value in the Physical interface field is Enabled, Physical link is Down and the value in the BPDU Error field is Detected, the interface is blocked.

Clearing a MAC Rewrite Error Condition Blocking a Spanning-Tree Instance Interface

To clear the blocked status of a spanning-tree instance interface:

  • Use the clear error bpdu operational mode command:

Clearing a MAC Rewrite Error on an Interface with Layer 2 Protocol Tunneling

On devices with Layer 2 protocol tunneling (L2PT) configured, customer-facing ports should not receive packets with the L2PT MAC address as the destination address unless you have a network topology or configuration error. Under these conditions, when an interface with L2PT enabled receives an L2PT packet, the interface state becomes disabled due to a MAC rewrite error, and you must subsequently re-enable it to continue operation.

  1. To check whether an interface with L2PT enabled has become disabled due to a MAC rewrite error condition, use the show interfaces operational command:

    If the interface status includes Disabled, Physical link is Down or Enabled, Physical link is Down and the MAC-REWRITE Error field is Detected, then the device detected a MAC rewrite error that contributed to the interface being down. When the device did not detect any MAC rewrite errors, the MAC-REWRITE Error field is None.

    For example, the following output shows the device detected a MAC rewrite error on the given interface:

    user@switch> show interfaces ge-0/0/2
  2. On routers, QFX Series switches, and EX Series switches that use the Enhanced Layer 2 Software configuration style, you can clear a MAC rewrite error from the Junos CLI.

    To clear a MAC rewrite error from an interface that has L2PT enabled, use the clear error mac-rewrite operational command:

Understanding Forward Delay Before Ports Transition to Forwarding State

The forwarding delay timer specifies the length of time a spanning-tree protocol bridge port remains in the listening and learning states before transitioning to the forwarding state. Setting the interval too short could cause unnecessary spanning-tree reconvergence. Before changing this parameter, you should have a thorough understanding of spanning-tree protocols.