STP?

  • Thread starter Thread starter Invisible
  • Start date Start date
I

Invisible

OK, can anyone explain to me
1) what STP is, and
2) why my network is suddenly swimming with it?

I removed IPX and Netware services from our BDC server on friday, don't know
if that has anything to do with it...

Thanks.
 
Spanning Tree Protocolhttp://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/sw_ntman/cwsimain/cw
si2/cwsiug2/vlan2/stpapp.htm

If I understand this right, STP is how switches decide amoungst themselves
how to route packets to the correct destination.

So why was there no STP traffic last friday, but loads of it now?

I just turned on my packet sniffer, and in approximately 229 seconds (~4
mins) it captured 221 packets; 111 of these were STP packets (=49%), and
they ALL appear to be identical:

0000: 01 80 C2 00 00 00 00 02 3F 32 E7 30 00 26 42 42 ........ ?2.0.&BB
0010: 03 00 00 00 00 00 80 00 02 02 3F 32 E7 30 00 00 ........ ..?2.0..
0020: 00 00 80 00 02 02 3F 32 E7 30 80 00 00 00 08 00 ......?2 .0......
0030: 02 00 05 00 00 00 00 00 00 00 00 00 ........ ........

Every STP packet seems to be identical to this down to the last bit. (OK, so
I haven't checked all 111 packets individually, but every one I look at is
just like this.) That averages 1 STP packet every 2 seconds... whereas I run
the packet sniffer for hours last week without ever seeing a single STP
packet.

I don't know what that MAC address (00:02:3F:32:E7:30) is for. (We have a
laptop with MAC address 02:02:3F:32:E7:30, but I can't find anything to
match 00:02:3F:32:E7:30.)

I presume the destination address is some sort of broadcast address specific
to STP. (?)

Does anyone have any ideas what's going on? Admittedly 60 bytes every 0.96
seconds doesn't sound like a huge load, but it is presumably broadcast
traffic (since otherwise presumably I wouldn't be receiving it), so I'd like
to eliminate it. (Besides, it's kinda hard to see all the other packets
inbetween this shower of STP traffic.)

Thanks.
 
are you doing anything with redundant paths between switches?

If not, disable spanning tree, because you wont be able to use it.

NuTs
 
are you doing anything with redundant paths between switches?

Is a simple daisy chain redendant? I didn't think so ;-)
If not, disable spanning tree, because you wont be able to use it.
Click to expand...

Didn't know I had it enabled... I wonder how you turn it off...
 
Who makes the switch(s)? There is likely some management software that came
with it from the vendor, or you can usually telnet into the switch to
configure it. But before you can do that, you may have to connect to it via
a null-modem cable, and hyperterm into it and assign it an IP from your LAN,
and enable the device for telnet management.

If there is something on your network that is spewing STP... its likely to
be a switch. There is one other remote possibility here... do you have
adapter teaming on any of your servers? Intel, broadcom, compaq, etc.. that
might be configured for "switch redundancy" or adapter failuer.. .something
like that?

btw... you hadnt mentioned how your devices are configured.. uplinks, port
trunking, etc....

NuTs
 
Back
Top