Disabling STP

Disabling STP

It might be necessary to disable Spanning Tree in some situations. For example, some network administrators disable STP in frustration after not being able to resolve STP bugs and design issues. Other people disable STP because they have loop-free topologies. Some shops resort to disabling STP because they are not aware of the PortFast feature (not to mention its interaction with PAgP as discussed earlier).

If you do need to disable STP, Catalysts offer the set spantree disable command. On most Catalyst systems, STP can be disabled on a per-VLAN basis. For example, set spantree disable 2 disables STP for VLAN 2. However, don’t forget that this disables STP for all ports in the specified VLAN—Layer 2 Catalyst switches such as the 4000s, 5000s, and 6000s currently do not offer the capability to disable STP on a per-port basis. Example 7-26 shows the use of the set spantree disable command to disable STP for VLAN 1 on Cat-A.

Example 7-26 Disabling STP for VLAN 1

If you are using certain Layer 3 switching technologies such as the NetFlow Feature Card, STP can only be disabled for an entire device (all VLANs).

  • Tip
    STP cannot be disabled per port on Layer 2-oriented Catalyst equipment such as the 4000s, 5000s, and 6000s. When these Catalysts are not using a NFFC, you are allowed to disable STP per VLAN, but this applies to all ports in the VLAN on the specified device. Because devices such as the Catalyst 8500 use the full router IOS, you have complete control over where Spanning Tree runs (through the use of bridge-group statements).

Disabling STP on an entire device can be accomplished with the set spantree disable all command.

However, it is generally better to use features such as PortFast, UplinkFast, Layer 3 switching, and a scalable design than it is to completely disable Spanning Tree. When Spanning Tree is disabled, your network is vulnerable to misconfigurations and other mistakes that might create bridging loops.

  • Tip
    Don’t take disabling STP lightly. If loops are formed by mistake, the entire network can collapse. In general, it is preferable to utilize features such as UplinkFast than to entirely disable STP.

One of the more common places where Spanning Tree can be disabled is when using an ATM campus core. Because LANE naturally provides a loop-free environment, some ATM-oriented vendors leave Spanning Tree disabled by default. However, for this to work, you must be very careful to avoid loops in the Ethernet portion of your network. Besides preventing loops between end-user ports, you generally must directly connect every IDF switch to the ATM core (in other words, redundant Ethernet links cannot be used from the MDF closets to the IDF closets because they would form loops).

Finally, notice that when STP is disabled on Layer 2 Catalyst equipment such as the 4000s, 5000s, and 6000s, BPDUs are flooded through the box. In other words, as soon as Spanning Tree is disabled, the 01-80-C2-00-00-00 multicast address is again treated as a normal multicast frame (rather than being directed to the Supervisor where the frames are absorbed and possibly regenerated).

The net effect of this is that Catalysts with Spanning Tree disabled are invisible to neighboring switches that are still running the protocol. To these switches, the Catalyst with STP disabled is indistinguishable from a Layer 1 hub (at least as far as STP goes).

About the author

Scott

Leave a Comment