Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
ASR920 with EFP configured under interface and STP globally enabled will be sending STP BPDUs towards remote device even WITHOUT l2protocol peer stp command this can cause remote device to elect ASR920 as root bridge if bridge priority is lower on ASR920 than on remote device spanning-tree mode rapid-pvst spanning-tree pathcost method long spanning-tree vlan 999 priority 24576 ! interface GigabitEthernet0/0/1 mtu 9216 no ip address load-interval 30 negotiation auto cdp enable service instance 999 ethernet encapsulation dot1q 999 rewrite ingress tag pop 1 symmetric bridge-domain 999 ! ! with this config on ASR920 side it will be transmitting RPVST+ BPDU in VLAN999 and if the remote device has higher bridge id it will elect this ASR920 as root bridge for VLAN999 which is undersired
seen in all latest software [16.6.4 // 16.7.2 // 16.8.1c // 16.9.2] seen in all STP modes [PVST+ // RPVST+ // MST]
global: disable STP instance for a particular vlan globally no spanning-tree vlan XXX per-interface: enable BPDU Filter for a particular interface interface GigabitEthernet X/Y/Z spanning-tree bpdufilter enable
without l2protocol peer stp the default action L2CP action is DROP ASR920-2#show ethernet service instance id 999 interface GigabitEthernet0/0/1 detail Service Instance ID: 999 Service Instance Type: Static Associated Interface: GigabitEthernet0/0/1 Associated EVC: L2protocol drop <========================================================================= default L2CP action is drop, so BPDUs are dropped on ingress CE-Vlans: Encapsulation: dot1q 999 vlan protocol type 0x8100 Rewrite: ingress tag pop 1 symmetric Interface Dot1q Tunnel Ethertype: 0x8100 State: Up EFP Statistics: Pkts In Bytes In Pkts Out Bytes Out 27 1944 0 0 EFP Microblocks: ^^^^^^^^ ^^^^^^^^^ <============================================= packets output shows 0 packets even though BPDUs are transmitted **************** Microblock type: Bridge-domain Bridge-domain: 999 Microblock type: L2Mcast L2 Multicast GID: 1 Microblock type: dhcp_snoop L2 Multicast GID: 1 Microblock type: PPPoE IA UBLOCK PPPoE IA info Enable: 0 Format Type: 0 cricuit id: remote id: ASR920-2# ASR920-2#show ethernet service instance id 999 interface GigabitEthernet0/0/1 platform Service Instance (EFP) L2 PDU Handing Info EFP CDP STP VTP DTP PAGP LLDP LACP UDLD LOAM ESMC ELMI PTPPD RES4 RES5 RES6 RES8 RES9 RESA RESB RESC RESD RESF MMRP MVRP CFG NH --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Gi0/0/1.Efp999 DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP DROP N N ^^^^ <============================================= STP handling says DROP however ASR920 is transmitting BPDUs nonetheless EFP L2PT Tunnel statistics ---------------------------------------- L2protocol Encapped Decapped ---------------------------------------- CDP: 0 0 STP: 0 0 VTP: 0 0 DTP: 0 0 PAGP: 0 0 LLDP: 0 0 LACP: 0 0 UDLD: 0 0 LOAM: 0 0 ESMC: 0 0 ELMI: 0 0 PTPPD: 0 0 MMRP: 0 0 MVRP: 0 0