Configuring VLAN Spanning Tree Protocol (VSTP)

Learn what it takes to get Cisco and Juniper to play nice together when it comes to configuring spanning-tree for layer 2 networks. This lab will discuss and demonstrate the configuration and verification of VLAN Spanning Tree Protocol (VSTP) on the Juniper EX Series switches.






  • Core Knowledge

  • Lab Topology

  • Initial Configs

  • Lab Objectives

  • Lab Instruction




Core Knowledge and Real World Scenarios


Unfortunately Cisco and Juniper do not tend to play nice together and this is due to Cisco having a bad habit of not following RFC standards. Cisco Switches including both Catalyst and Nexus, run a “Per-VLAN” Spanning-Tree protocol meaning that each VLAN has its own spanning-tree instance. This of course has benefits and detriments.

You can gain granular control over your layer 2 spanning-tree domain using Per VLAN STP where each VLAN has its own root bridge based on a specific layer 2 architecture however you can also loose performance and increase complexity when using PVST as each instance of spanning-tree requires processing and memory resources.

Juniper however follows the standard and has a common rapid spanning tree where all VLAN’s share a single spanning tree. This type of configuration simplifies the spanning-tree domain as well as reduces the amount of required resources on any given switch. By common design, most networks will use the same switch as the root bridge for all VLAN’s so using multi-instance per vlan spanning-tree is typically a waste of resources.

When you have an existing Cisco network and you’re wanting to add Juniper switches because the cost of Cisco is insanely expensive and most CEO’s will always bitch about cutting cost you will run into some problems with the default configuration of Spanning-Tree.

Juniper however does offer a compatibility feature to work with Cisco known as “VLAN Spanning-Tree” where each VLAN will have its own spanning-tree instance. VSTP is based on RSTP and can also be configured in a purely Juniper network if you have a need to use different switches as the spanning-tree root bridge for specific VLAN’s.

If you are deploying a Juniper switch in a Cisco environment it is best to remove the RSTP configuration from the Juniper switch and just use VSTP configuration so that you do not have a common STP instance running for VLAN’s not added to the VSTP process.

Do delete the default common RSTP you’ll use the delete protocols rstp command in configuration mode.

After you remove the common RSTP configuration you need to configure VSTP for all VLAN’s using the set protocols vstp vlan all command in configuration mode.

Regardless of spanning-tree architecture you have the ability to set the bridge-priority on a per vlan basis using the set protocols vstp vlan [name/id] bridge-priority [priority]

If you are deploying a Juniper switch in a mixed environment where it will be connecting to other Juniper switches and also Cisco switches, you may need to architect your layer 2 spanning-tree so that all the VLAN’s on Juniper switches run a common spanning-tree if possible whereas all the VLAN’s between Juniper and Cisco Switches will participate in VSTP instance.

You can configure specific VLAN’s to participate in VSTP using the set protocols vstp vlan [name/id] command.

When verifying spanning tree configurations you will use the same commands as verifying a common spanning tree. The major difference is that show spanning-tree bridge will now show you ALL of the VLAN instances instead of the common spanning tree as demonstrated below;

root@SW4> show spanning-tree bridge 


STP bridge parameters for VLAN 11
  Root ID                           : 4107.28:c0:da:37:54:81
  Root cost                         : 20000
  Root port                         : ge-0/0/18.0
  Hello time                        : 2 seconds
  Maximum age                       : 20 seconds
  Forward delay                     : 15 seconds
  Message age                       : 1 
  Number of topology changes        : 3
  Time since last topology change   : 7652 seconds
  Topology change initiator         : ge-0/0/18.0
  Topology change last recvd. from  : 00:23:9c:1a:a3:57
  Local parameters 
    Bridge ID                       : 32779.00:23:9c:1a:af:c1
    Extended system ID              : 1
    Internal instance ID            : 0

STP bridge parameters 
Context ID                          : 2 
Enabled protocol                    : RSTP

STP bridge parameters for VLAN 10
  Root ID                           : 4106.00:23:9c:1a:a3:41
  Root cost                         : 20000
  Root port                         : ge-0/0/20.0
  Hello time                        : 2 seconds
  Maximum age                       : 20 seconds
  Forward delay                     : 15 seconds
  Message age                       : 1 
  Number of topology changes        : 8
  Time since last topology change   : 7602 seconds
  Topology change initiator         : ge-0/0/20.0
  Topology change last recvd. from  : 00:23:9c:1a:a3:57
  Local parameters 
    Bridge ID                       : 32778.00:23:9c:1a:af:c1
    Extended system ID              : 2
    Internal instance ID            : 0

root@SW4>



Lab Logical Topology


The following logical topology is used in all labs found through out Section 4 of the Junos Workbook;

To view the physical cabling topology please visit the Topology page.




Lab Device Initial Configurations


Prior to starting this lab please zeroize all switches. Afterwards log in using the root account and start a CLI session and load the following initial configurations by copying and pasting them into the device console.





Before you Start


This lab requires that you have access to real Juniper EX Series Switches and cannot be completed using the vSRX platform. If you do not have Juniper switches or you cannot

afford to purchase them than you can rent lab time on the Juno Lab provided by Junos Workbook where you have access to four EX3200-24 Switches and four J2320 routers which can

be used to complete this lab.


Lab Objectives


In this lab you will complete the following objectives.


  • Remove the common RSTP on SW1, SW2, SW3 and SW4 and configure them to run VLAN Spanning-Tree on all VLAN’s

  • Configure SW1 to be the root bridge for the Sales VLAN with a bridge priority of 4k.

  • Configure SW2 to be the root bridge for the Marketing VLAN with a bridge priority of 4k.

  • Verify the root bridge for the Sales and Marketing VLAN using SW4.


One More Thing…


It is recommended that you attempt to complete these lab objectives the first time without looking at the Lab Instruction section.

If you are a student preparing for the Juniper JNCIA Certification Exam than you are more likely to remember how to complete these objectives if you attempt to complete them the

first time on your own with the use of the core knowledge section found in this lab. You should only resort to the Lab Instruction section to verify your work.




Lab Instruction


The follow lab instruction is performed on the Juno Lab provided by Junos Workbook which use real Juniper EX3200-24T switches. This lab cannot be performed on vSRX due to the lack of switching support.

  • Remove the common RSTP on SW1, SW2, SW3 and SW4 and configure them to run VLAN Spanning-Tree on all VLAN’s
root@SW1> configure
Entering configuration mode

[edit]
root@SW1# delete protocols rstp

[edit]
root@SW1# set protocols vstp vlan all

[edit]
root@SW1# commit and-quit
commit complete
Exiting configuration mode

root@SW1>
root@SW2> configure
Entering configuration mode

[edit]
root@SW2# delete protocols rstp

[edit]
root@SW2# set protocols vstp vlan all

[edit]
root@SW2# commit and-quit
commit complete
Exiting configuration mode

root@SW2>
root@SW3> configure
Entering configuration mode

[edit]
root@SW3# delete protocols rstp

[edit]
root@SW3# set protocols vstp vlan all

[edit]
root@SW3# commit and-quit
commit complete
Exiting configuration mode

root@SW3> 
root@SW4> configure
Entering configuration mode

[edit]
root@SW4# delete protocols rstp

[edit]
root@SW4# set protocols vstp vlan all

[edit]
root@SW4# commit and-quit
commit complete
Exiting configuration mode

root@SW4>
  • Configure SW1 to be the root bridge for the Sales VLAN with a bridge priority of 4k.
root@SW1> configure
Entering configuration mode

[edit]
root@SW1# set protocols vstp vlan Sales bridge-priority 4k

[edit]
root@SW1# commit and-quit
commit complete
Exiting configuration mode

root@SW1>
  • Configure SW2 to be the root bridge for the Marketing VLAN with a bridge priority of 4k.
root@SW2> configure
Entering configuration mode

[edit]
root@SW2# set protocols vstp vlan Marketing bridge-priority 4k

[edit]
root@SW2# commit and-quit
commit complete
Exiting configuration mode

root@SW2>
  • Verify the root bridge for the Sales and Marketing VLAN using SW4.
root@SW4> show spanning-tree bridge

STP bridge parameters 
Context ID                          : 1
Enabled protocol                    : RSTP

STP bridge parameters for VLAN 11
  Root ID                           : 4107.28:c0:da:37:54:81
  Root cost                         : 20000
  Root port                         : ge-0/0/18.0
  Hello time                        : 2 seconds
  Maximum age                       : 20 seconds
  Forward delay                     : 15 seconds
  Message age                       : 1 
  Number of topology changes        : 3
  Time since last topology change   : 80 seconds
  Topology change initiator         : ge-0/0/18.0
  Topology change last recvd. from  : 00:23:9c:1a:a3:57
  Local parameters 
    Bridge ID                       : 32779.00:23:9c:1a:af:c1
    Extended system ID              : 1
    Internal instance ID            : 0

STP bridge parameters 
Context ID                          : 2 
Enabled protocol                    : RSTP

STP bridge parameters for VLAN 10
  Root ID                           : 4106.00:23:9c:1a:a3:41
  Root cost                         : 20000
  Root port                         : ge-0/0/20.0
  Hello time                        : 2 seconds
  Maximum age                       : 20 seconds
  Forward delay                     : 15 seconds
  Message age                       : 1 
  Number of topology changes        : 8
  Time since last topology change   : 30 seconds
  Topology change initiator         : ge-0/0/20.0
  Topology change last recvd. from  : 00:23:9c:1a:a3:57
  Local parameters 
    Bridge ID                       : 32778.00:23:9c:1a:af:c1
    Extended system ID              : 2
    Internal instance ID            : 0
                                        
root@SW4> show spanning-tree interface

Spanning tree interface parameters for VLAN 11

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/18.0    128:531      128:531   4107.28c0da375481     20000  FWD    ROOT 
ge-0/0/19.0    128:532      128:532   4107.28c0da375481     20000  BLK    ALT  
ge-0/0/20.0    128:533      128:533  32779.00239c1aa341     20000  BLK    ALT  
ge-0/0/21.0    128:534      128:534  32779.00239c1aa341     20000  BLK    ALT  
ge-0/0/22.0    128:535      128:535  32779.00239c1aafc1     20000  FWD    DESG 
ge-0/0/23.0    128:536      128:536  32779.00239c1aafc1     20000  FWD    DESG 

Spanning tree interface parameters for VLAN 10

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/18.0    128:531      128:531  32778.00239c1aafc1     20000  FWD    DESG 
ge-0/0/19.0    128:532      128:532  32778.00239c1aafc1     20000  FWD    DESG 
ge-0/0/20.0    128:533      128:533   4106.00239c1aa341     20000  FWD    ROOT 
ge-0/0/21.0    128:534      128:534   4106.00239c1aa341     20000  BLK    ALT  
ge-0/0/22.0    128:535      128:535  32778.00239c1aafc1     20000  FWD    DESG 
ge-0/0/23.0    128:536      128:536  32778.00239c1aafc1     20000  FWD    DESG 

root@SW4>



◄ Previous Lab
Next Lab ►