Arista Switches support the leading spanning tree protocols: RSTP, MSTP, and Rapid-PVST. Multiple Spanning Tree Protocol (MSTP/802.1s) is used by default. However, Rapid Spanning Tree Protocol (RSTP/802.1w), as well as Rapid Per-VLAN Spanning Tree (Rapid-PVST) are configurable.
This article is to provide an understanding of how PVST BPDUs are processed on Arista switches running MSTP.
PVST BPDUs in MST Region
In the case of Rapid PVST
- To interact properly with the Common Spanning Tree (CST), IEEE BPDUs are sent untagged to the reserved multicast MAC address of 0180.c200.0000. These BPDUs are generated and processed in VLAN 1 irrespective of the native VLAN configuration.
- For non-native VLANs, BPDU traffic is sent tagged with a special multicast MAC address of 0100.0ccc.cccd utilizing Shared Spanning Tree Protocol (SSTP) BPDU.
- For native VLAN, BPDUs are sent untagged. However, they are destined to the same special multicast MAC address like non-native VLANs i.e. 0100.0ccc.cccd.
In the case of MSTP
- IEEE BPDUs are destined to the reserved multicast MAC address of 0180.c200.0000 carrying the information about the MST Region and instances as an extension in the form of MRecords. Hence, a single BPDU is used for backward compatibility with RSTP as well as CST and MSTP convergence.
The above topology demonstrates the tunneling effect getting accomplished through the MST region. The SSTP BPDUs destined for 0100.0ccc.cccd generated by Arista 2 and Arista 3 switches would not be understood by the Arista 1 switch running MST, so they would then be flooded as regular multicast traffic. This allows Rapid PVST BPDUs to cross through an MST region and be received by another switch running Rapid PVST on the other side while still maintaining the ability to interact with the CST of an MST environment via IEEE standard BPDUs.
As a result, we have a common spanning tree topology converged with the help of IEEE BPDUs destined to 0180.c200.0000 multicast MAC address generated in VLAN 1.
Also, we have logical spanning-tree topology converged for the MST region as well as Rapid PVST region.
As Arista 1 is the only switch running MST, it will become the root bridge and understand that it is connected to switches running a different flavor of STP.
In case of Rapid PVST, the switches will logically have a direct connection and hence, the topology will get converged where Arista 3 will accept Arista 2 as it’s root bridge for VLAN 10, 20.
Note: For VLAN 1, the topology will be same as CST.
How to Prevent flooding of PVST BPDUs in the MST region
There can be network environments where we would like to avoid SSTP BPDUs tunneling through the MST region and achieve two disjoint Rapid PVST regions. Here are two solutions to achieve the same:
MAC Access List
Apply a MAC Access list on the ingress port where the PVST switch is connected and deny the SSTP BPDUs there.
For example :
Switch(config)#show mac access-lists abc MAC Access List abc statistics per-entry 10 deny any 01:00:0c:cc:cc:cd 00:00:00:00:00:00 20 permit any any
MSTP PVST Interoperability
This feature facilitates environments where multiple STP flavors are deployed. It allows MSTP and PVST to interact, i.e. PVST BPDUs are consumed and transmitted by MSTP at the border. This interaction involves bi-directional BPDU translation occurring at MSTP PVST border ports – outgoing CIST BPDU is extrapolated as PVST BPDUs across various VLANs and incoming PVST topology change BPDU is mapped onto corresponding MSTI based on incoming VLAN. This feature is disabled by default and can be enabled by explicitly configuring the following command:
Switch(config)#spanning-tree mst pvst border