How to Configure RSTP (802.1w) and Implement Spanning Tree Best Practices on ICX Switches

Hello everyone, 

 Today, I'd like to delve into configuring Rapid Spanning Tree Protocol (RSTP) on ICX switches and share some best practices. By default, ICX switches operate using the standard 802.1d Spanning Tree Protocol (STP) on a per-VLAN basis. However, for faster network convergence, it's advantageous to switch to RSTP (802.1w). I'll guide you through general configuration steps and highlight some key practices that serve as a solid foundation for many network setups. While these configurations might not fit every scenario perfectly, they're a great starting point. 

 

 Enabling RSTP on VLANs 

 First, we'll enable RSTP on your desired VLANs. You can configure multiple VLANs simultaneously or handle them individually. Here's how to enable RSTP on VLANs 10, 20, and 30: 

 

 

 

 Copy code 

 

 

 ICX# configure terminal

ICX(config)# vlan 10 20 30

ICX(config-mvlan-10*30)# spanning-tree 802-1w

 

 

 

 Setting the Root Bridge Priority 

 Next, it's essential to set the root bridge priority. If you don't specify a priority, the switch uses the default value of 32768. To ensure your switch becomes the root bridge, assign it a lower priority number. Setting the priority to zero guarantees that this switch will be the root: 

 

 

 

 Copy code 

 

 

 ICX(config-mvlan-10*30)# spanning-tree 802-1w priority 0

 

 

   

 Your configuration should now resemble: 

 

 

 

 Copy code 

 

 

 vlan 10 by port

 tagged ethernet 1/1/1 to 1/1/48 ethernet 1/2/1 to 1/2/8

 spanning-tree 802-1w

 spanning-tree 802-1w priority 0

!

vlan 20 by port

 tagged ethernet 1/1/1 to 1/1/48 ethernet 1/2/1 to 1/2/8

 spanning-tree 802-1w

 spanning-tree 802-1w priority 0

!

vlan 30 by port

 tagged ethernet 1/1/1 to 1/1/48 ethernet 1/2/1 to 1/2/8

 spanning-tree 802-1w

 spanning-tree 802-1w priority 0

 

 

 

 Optimizing Switch-to-Switch Links 

 For optimal convergence times, define switch-to-switch connections as point-to-point links. Assuming ports 1/2/1 through 1/2/8 are your inter-switch links, configure them like this: 

 

 

 

 Copy code 

 

 

 ICX# configure terminal

ICX(config)# interface ethernet 1/2/1 to 1/2/8

ICX(config-if-1/2/1-1/2/8)# spanning-tree 802-1w admin-pt2pt-mac

 

 

   

 This updates your configuration to include: 

 

 

 

 Copy code 

 

 

 interface ethernet 1/2/1

 port-name Switch-to-Switch Connection

 spanning-tree 802-1w admin-pt2pt-mac

 

 

 

 Configuring Edge Ports 

 For ports connected to end devices (edge ports), define them as operational edge ports to expedite the transition to the forwarding state. If ports 1/1/1 through 1/1/48 are your edge ports, use the following commands: 

 

 

 

 Copy code 

 

 

 ICX# configure terminal

ICX(config)# interface ethernet 1/1/1 to 1/1/48

ICX(config-if-1/1/1-1/1/48)# spanning-tree 802-1w admin-edge-port

 

 

 You can also enable STP BPDU Guard on these ports to protect against accidental loops by shutting down the port if a BPDU is received: 

 

 

 

 Copy code 

 

 

 ICX(config-if-1/1/1-1/1/48)# stp-bpdu-guard

 

 

   

 This results in: 

 

 

 

 Copy code 

 

 

 interface ethernet 1/1/1

 port-name Client Port

 spanning-tree 802-1w admin-edge-port

 stp-bpdu-guard

 

 

 

 Monitoring RSTP Status 

 To view RSTP information, use the following commands: 

 

 

 

 Copy code 

 

 

 ICX# show 802-1w

ICX# show 802-1w detail

 

 

 Note: If you're using the standard 802.1d STP, the commands are show spanning-tree and show spanning-tree detail . For Multiple Spanning Tree Protocol (MSTP), use show mstp and show mstp detail . 

 

 For a comprehensive list of configuration options and further details, refer to the FastIron Layer 2 Switching Configuration Guide .