How STP works with VSX

Both VSX switches appear as a single common Spanning Tree Bridge ID to STP partner devices upstream and downstream that participate to the same Spanning Tree domain. STP can be enabled on VSX switches and any nonrouting ports. Both VSX lags and non-VSX lags can participate in STP topology and takes decision to avoid any loops.

STP on VSX uses the same bridge ID with the same MAC address on VSX LAGs and non-VSX LAGs, orphan ports. This MAC address is referred to as a common Bridge ID which consists of Spanning Tree priority and the switch MAC Address. The STP port state is the same for VSX LAG ports in VSX peer switches.

The Spanning Tree protocol runs independently on VSX nodes, which conforms to the dual-control plane VSX architecture. The primary VSX node is responsible to run the protocol for the VSX LAGs. In the normal state, the primary is "Operational Primary" and the secondary is "Operational Secondary". If a primary VSX node failure occurs, the secondary VSX node becomes the MSTP Operational Primary. When the Primary VSX node goes back up, it takes back ownership of the STP Operational Primary role.

On VSX LAG ports, STP runs only from the Operational Primary, shown in the following figure. The Operational Secondary, also shown in the following figure, holds precomputed STP information for ready-state switch over thanks to STP states synchronization. The Operation Primary does STP state synchronization to the Operational Secondary for links member of the VSX LAG. That happens as a part of the initial sync (LACP, MAC, ARP, MSTP). During the switch-over, the new Operational Primary sends the BPDU downstream or upstream within 6 seconds (the default) of the Spanning Tree BPDU failure detection timer: 3x hello-timer (2s per default).

ISL is always part of STP, nonblocking and it sends and receives BPDUs.

Sample STP on VSX configuration

This figure shows MSTP with a VSX configuration showing BID1 ports as blocking.