NetBrain in Action: Troubleshoot Spanning-Tree Protocol (STP)

by Mark Harris Oct 28, 2017

In this week’s “tips and tricks” blog, I’ll discuss issues which can arise with Spanning-Tree and how NetBrain can help.

The primary function of spanning-tree is to cut loops that redundant links create in a layer-2 network. But this can fail in some cases, causing a bridging loop (a port that should block traffic forwards it instead). Some design issues leading to bridging loops include hello-timer mismatch, improperly enabled PortFast, or even a duplex mismatch.

NetBrain can help you troubleshoot spanning-tree effectively by enabling you to identify bridging loops, find spanning-tree resource errors, detect duplex mismatches, and diagnose port utilization. You can use a dynamic network map to target the relevant LAN segment and then drill down with apps to automatically diagnose spanning-tree performance, levering NetBrain’s ‘Map+App’ troubleshooting methodology.

Map the Bridge Network

In order to know what to fix in the network, you need to know what the bridge network topology looks like, including the locations of redundant links. NetBrain can help you visualize the topology instantly. You can drill down into an existing map, or create a new targeted map from a simple keyword search. The resulting network map is your ‘single pane of glass’ for troubleshooting and analysis.

 

Automate STP Diagnoses

NetBrain provides a way for you to collect the spanning-tree data you’re looking for without having to log into a bunch of switches serially and type in a string of show commands. NetBrain has several built-in apps that can automate STP diagnoses. Most importantly, you can easily write your own automation – called NetBrain Qapps – without scripts. These Qapps leverage the map as the ‘canvas’ for your targeted data analysis.

Recommended App: Highlight STP

In order to troubleshoot spanning-tree, you first need to know what is the current state of the spanning-tree algorithm. NetBrain’s built-in Highlight STP app helps you immediately identify the following STP information:

• What is the location of the root bridge
• Where are the redundant links
• What is the location of the blocked ports

This app can be run on both the live and historic network. The benefit is that you can look back at a previous network state to see if the root bridge has changed, or to identify a previous spanning-tree converged state.

 

Recommended App: Monitor Network Health

An interface with traffic overload can fail to transmit vital BPDUs. A link overload also indicates a possible bridging loop. Therefore, a great way to identify a bridging loop is to check the port utilization on your devices and look for abnormal values. Additionally, a high CPU utilization can be dangerous for a system running spanning-tree.

The Monitor Network Health app will automatically look for both excessive port utilization and CPU utilization.

This app will generate alarms if the threshold is exceeded for maximum port or CPU utilization levels. So if there’s a broadcast storm, you can be alerted that the network is behaving symptomatically. Further, you’ll have the ability to plot this data over time, so you can see if any spikes are occurring.

 

Recommended App: Detect Speed/Duplex Mismatch

In some cases a bridge sending BPDUs may have the duplex mode set to half-duplex on one port, but the peer port on other end has the duplex mode set to full-duplex. This duplex mismatch on the link between the two bridges can easily lead to a bridging loop because bridge B would not perform carrier sense before link access.

This app will automatically detect if any duplex mismatches exist in the bridge network and annotate them on the map if they exist.

 

These are just a few ways you can diagnose your network if you suspect you’re having an issue with spanning tree. If you want to try this out for yourself, please checkout our technology labs – accessible inside NetBrain’s Instant Trial!