I see a lot of issues in with spanning tree in a mixed cisco/meraki environment (majority being cisco). The meraki switches use RSTP and when cisco switches use PVST. Can Meraki switches be downgraded to PVST? WEcannot upgrade to PVST on the cisco switches. What is recommended in this scenario?
The recommendations are on this page:
https://documentation.meraki.com/MS/Deployment_Guides/Advanced_MS_Setup_Guide#PVST.2FPVST.2B
This is a Cisco proprietary protocol on Catalyst/Nexus switches that is compatible with Spanning tree (802.1D). It is important to note however that because PVST/PVST+ is a multi-VLAN spanning tree protocol, in order for the MS series switches to participate in spanning tree a spanning tree instance must be running on VLAN 1 of all switches and VLAN 1 is allowed on all trunk ports running PVST+ so that BPDUs are seen by the Meraki switches in the topology. Connecting an MS series to an existing switch fabric running PVST+ will force the MS series switch(es) to run in legacy mode (STP) which can increase convergence time. In this configuration, the MS series switches should never be the STP Root Bridge.
@BrechtSchamp wrote:
In this configuration, the MS series switches should never be the STP Root Bridge.
I suspect this is what you are running into.
No, Meraki only runs RSTP.
What issues are you seeing? They should be able to coexist...
Spanning tree on the cisco L3 switch keeps blocking the port. There is only only one link between the switches (no redundancy). However I have the switches connected like this
CiscoL3_Switch -------- MErakiL3_Switch--------CiscoL2_Switch
They all have vlan 1 and another vlan on the trunk ports.
I have had much grief in the past with having Cisco Enterprise switches either side of a Meraki switch.
Fortunately the solution is simple - put the Cisco Enterprise switches into single instance MST mode with "spanning-tree mode mst" and all your problems will go away.
Good to know, thank you.
Yep, I wish Meraki would implement MSTP so they are fully interoperable with Catalyst and other vendor switches.
“And all your problems go away” - famous last words there! We’ve had no ends of trouble implementing MST on Catalyst switches. We’re now seeing Simulation PVST errors. We’re using the default MST instance.
How are you getting PVST errors if you are using MST? Something in your environment must still be using PVST.
Thank you gents. Very long day and tired eyes! We had missed a few edge switches which were still running PVST. Disabled those conx and were currently looking good.
Not sure if I should create a new discussion but is HSRP between 2 routers connected to a Meraki switch supported? The ports connected to the Cisco routers get unstable perhaps because of RSTP. When we connect a cisco switch in between the Meraki switch and the routers all seems to be fine.
HSRP between two routers should be fine.
If they are layer 3 router ports then the Meraki switch ports should be access ports.
If they are switched ports on the routing and you can single connecting them to a Meraki switch and their is a single VLAN on the router switch module I would probably use an access port on the Meraki switch.
Otherwise I would use a trunk port on the Meraki switc port.
The cisco router ports have only vlan 1 configured and are L3 ports. The Meraki switch ports are also access ports with native vlan 1. Has this been tested or confirmed to work by anyone?
It definately works. Used it several times.
That's because if you implement MST in a phased manner you have to make sure to start from the root bridge (your distri switch) and make sure it is root bridge. Then you won't get the PVST simulation errors.
Fun fact is. If a non MST switch is running PVST or RPVST and it is the root bridge. Then all VLANs need a lower bridge ID than VLAN 1. So VLAN 1 needs a bridge prio of 4096 and the rest 0 then you also won't get that error. If you don't do that each instance of PVST will use the VLAN number as it's ext-sys-id and cause the priority to be higher. In that case MST will be confused that there might be an instance with a higher BID than itself while the same link has a lower BID due to your config.
Long story short: make sure the MST region has the CIST root bridge!!