6

I have an issue related to some stp packet that being sent every 1 or 2 second on my server interface eth1. This interface is connected to my stack switch, and the port is in a public vlan. Here is the output I have from the server:

server-1:
user@server-1:~$ sudo tcpdump -vvv -p -n -i eth1 stp
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes

15:44:10.772423 STP 802.1d, Config, Flags [none], bridge-id  8000.MAC.8687, length 43
        message-age 0.00s, max-age 20.00s, hello-time 2.00s, forwarding-delay 15.00s
        root-id 8000.MAC, root-pathcost 0
15:44:12.768245 STP 802.1d, Config, Flags [none], bridge-id 8000.MAC8.8687, length 43
        message-age 0.00s, max-age 20.00s, hello-time 2.00s, forwarding-delay 15.00s
        root-id 8000.MAC, root-pathcost 0
15:44:14.766513 STP 802.1d, Config, Flags [none], bridge-id 8000.MAC.8687, length 43
        message-age 0.00s, max-age 20.00s, hello-time 2.00s, forwarding-delay 15.00s
        root-id 8000.MAC, root-pathcost 0
15:44:16.766478 STP 802.1d, Config, Flags [none], bridge-id 8000.MAC.8687, length 43
        message-age 0.00s, max-age 20.00s, hello-time 2.00s, forwarding-delay 15.00s
        root-id 8000.MAC, root-pathcost 0
15:44:18.767851 STP 802.1d, Config, Flags [none], bridge-id 8000.MAC.8687, length 43
        message-age 0.00s, max-age 20.00s, hello-time 2.00s, forwarding-delay 15.00s
        root-id 8000.MAC, root-pathcost 0
---------------------------------------------------------------------

Do anyone know what is the issue here!? I did a research over the Internet but all queries on this topic is never ended or there is no answer.

Any help is welcome.

Thank you for your time.

Ricky
  • 31,438
  • 2
  • 43
  • 84
upitnik
  • 117
  • 1
  • 2
  • 7
  • 3
    What real problems do you think spanning tree is causing; are you losing connectivity? – Mike Pennington Nov 03 '13 at 17:16
  • 1
    I'm with Mike. What exactly is your *problem*? The connecting switch is running spanning-tree, which most switches do, to detect and protect against loops. (BTW, with VMs, you can have single port loops.) – Ricky Nov 03 '13 at 22:47
  • Hello Mike, I do not lose connection. The server interface(on a server drops these packets). I do not see drops on a switch interface were the server is connected. – upitnik Nov 06 '13 at 15:37

2 Answers2

6

This are just spanning tree packets from your switch. Disable spanning tree on your switch on the interface towards your server if you don't need it and don't want to see these packets.

Teun Vink
  • 16,953
  • 6
  • 44
  • 70
  • Yes, but as I know is not recommended to disable stp, and this issue appears only to this new server on specific vlan/port. Thank you for your response :) – upitnik Nov 03 '13 at 15:49
  • 2
    Why is disabling STP on serverports not recommended? There's no benefit in enabling it. If you don't want to disable STP on this port you'll have to accept the fact that you'll see STP packets on that interface. – Teun Vink Nov 03 '13 at 16:37
  • 3
    Disabling STP is not recommended because either due to a cable change or some bridging configuration in a multihome device you can get an STP loop which is VERY bad. Basically if 1 packet every 2 seconds is an issue you have a different problem – fredpbaker Nov 03 '13 at 18:40
  • 2
    Unless your entire VLAN is losing connectivity when your server port flaps (either from a powercycle or a cable move) - there is no reason to disable spanning-tree entirely. If you ARE losing connectivity and you know only a server is going to be on this port, throw spanning-tree portfast on the interface and call it a day. If you're NOT seeing any network performance issues (or you have portfast enabled, these packets (STP BPDU's) are completely harmless. – Jordan Head Nov 03 '13 at 19:31
  • @upitnik What is this issue are you talking about ? If you have enabled spanning tree on the port connected to your server, you will see STP packets every 2 seconds - this is normal, nothing is wrong. If you disable spanning tree, you should not see them. – nos Nov 04 '13 at 12:23
  • Well I do not see any network issue, the network is operational. I see only these packet drops related to stp. After all these answeres it is more clear. Sorry for delay... – upitnik Nov 06 '13 at 10:31
  • I do not understand why this packets are dropped on this server and not on the other servers that have the same cisco port configuration ?! – upitnik Nov 14 '13 at 14:03
  • I think Teun Vink is right. He's talking about disabling STP on server ports. The messages following his are about disabling STP on all ports. Not what Teun said. –  Dec 12 '14 at 21:20
2

These are BPDUs sent from the switch to detect another device that's also transmitting BPDUs.

If you don't want your switch transmitting these and you have a cisco device, place this configuration on any applicable switchports.

interface GigabitEthernet1/0/1
 description NO_BPDU_PORT
 switchport mode access
 spanning-tree portfast
 spanning-tree bpdufilter enable
end

Just understand that if a device is plugged into one of those ports, your switch won't allow it to participate in STP and will likely wreak havoc on your network. Check out the Cisco docs for additional information.

Ryan Foley
  • 5,479
  • 4
  • 23
  • 43
  • Just want to note there are two modes for bpdufilter. You are describing the 'per-port' configuration. You can also turn on bpdufilter in 'default' mode so it applies only to access ports with portfast enabled and filters outbound BPDU's only until an incoming BPDU is received. – cpt_fink Mar 12 '14 at 02:02