Reference a Network Diagram
Collect the following
network information before troubleshooting a bridging loop. Knowledge of the
following items in your environment is critical:
- The physical and logical topology of the bridged network
- Where the root bridge is located. (For all VLANs if PVST is in use)
- Where the redundant links and blocked ports are to be located
Identify Issues
This knowledge is essential at least for the
following two reasons:
- To identify a problem, you need to know how the STP network should be laid
out when it is operating correctly.
- The STP troubleshooting steps use show commands to
display error conditions. Knowledge of the network helps focus your attention
on the critical portions of these displays.
Identify a Bridge Loop
The best way to identify a bridge
loop is to capture the traffic on a saturated link and check whether identical
frames are traversing multiple links. Bridge loops often result in high port
utilization due to excessive frames. Check the port utilization on your devices
and look for abnormal values.
You can monitor STP operations using
debug spanning-tree command. This command is helpful in
verifying correct bridging operation as well as identifying loops.
Restore Connectivity vs. Resolve Issues
Bridge loops have severe
consequences in a switched network. When one occurs, administrators generally
do not have time to identify the reason for the loop during working hours and
will often take temporary measures to stabilize the network but never resolve
the actual problem that occurred. It is important to recreate and correct the
original problem at a planned network down time.
Break the Loop
Disabling Ports
A simple troubleshooting approach is to manually
disable ports providing Layer 2 redundancy. Begin by disabling ports that
should be blocking. Each time you disable a port, check to see if connectivity
is restored in the network. If you know which port stopped the loop after being
disabled, it is a good indication that the failure was located on a redundant
path where this port was located.
Log STP Events on Devices Hosting
Blocked Ports
If you cannot identify precisely the source of an STP
problem, or if the problem is only transient, enable logging of STP events on
the bridges and the switches of the network which are experiencing the failure.
At a minimum, enable logging on devices hosting blocked ports, because it is
typically the transition of a blocked port to forwarding that creates a
loop.
Use the command debug spanning-tree events to
enable STP debugging. Use the command logging buffered from
global configuration mode to capture this debug information into the buffers of
the device.
Check Ports
The ports to be investigated first are the blocking
ports. Here is a list of what to check for on the various ports, with a brief
description of the commands to enter.
Check That Blocked Ports Receive
BPDUs
Check that BPDUs are being received periodically, especially on
blocked and root ports.
If you are running Cisco IOS Release 12.0 or
later release, the command show spanning-tree
<bridge-group #> displays a field named
BPDU, which displays the number of BPDUs received on each interface. Issuing
the command several times will indicate if the device is receiving BPDUs.
Check for Duplex Mismatch
To look for a duplex mismatch, check
each side of a point-to-point link. Use the show interface
command to check the speed and duplex status of the specified ports.
Check Port Utilization
An overloaded interface can fail to
transmit vital BPDUs. An overloaded link is also an indication of a possible
bridging loop.
Use the command show interface to
determine interface utilization. Check the output for load and packet input and
output.
Check Frame Corruption
Look for increases in the input errors
field of the show interface command.
Look for
Resource Errors
A high CPU utilization can be dangerous for a system
running the STA. Use the show processes cpu command to
check whether the CPU utilization is approaching 100 percent.
Disable
Unneeded Features
Disabling as many features as possible helps simplify
the network structure and eases the troubleshooting process. EtherChannel, for
example, is an advanced feature that needs STP to logically bundle several
different links into a single logical port. It can be helpful to disable this
feature during troubleshooting. In general, simplifying the network
configuration reduces the troubleshooting effort.
The STP
debug Command 
The
command debug spanning-tree is very useful for
troubleshooting STP issues. It accepts a variety of arguments to limit output
to events that are specific to a certain STP feature. This example shows output
regarding all events while interface GigabitEthernet 0/1 went down.
 |
CAUTION:
As with all debug commands, be very careful
with debug spanning-tree. This command is extremely
resource-intensive and will interfere with normal network traffic
processing.
|
|
|
General Recommendations
In general, it is difficult to
troubleshoot spanning tree problems in a very large, flat, switched network. If
the network is being restructured, it is advisable to implement a hierarchical
network structure that is designed around the Campus Infrastructure module.
This would create manageable failure domains and reduce the overall network
complexity.