1 of 1 people found this helpful
Peel back the onion to the OSI model.
Spanning-tree and BPDU are layer 2, and that as well as the underlying physical layer need to be stable before IP routing at layer 3 can work.
So, fix spanning-tree and BPDU first.
If you have a scenario where more than one physical switch port and/or a trunk port carrying a VLAN will be members of the same IP subnet and broadcast domain, then you will need to use a VLAN interface for the IP. Otherwise you can use a physical interface and not have a VLAN interface at all.
I wouldn't expect to see "blocking" on the VLAN, but on one or more of the physical interfaces. First examine your network topology on the layer-3 switch that will be running OSPF. If there is only one physical port for each IP subnet, then create an ethernet interface, put the IP address on it, and you can enable BPDU filtering on that port as a single routed port by itself can't be part of a layer 2 bridge loop.
If you have a situation where one subnet will be distributed amongst multiple physical ports, either access or trunk, then you'll need to configure a VLAN interface with the IP and OSPF on it. Before doing so, verify that you have a loop-free topology at layer 2 amongst all of the switches in the network. I wouldn't filter BPDU in this case if there's a possibility of a loop.
Thanks for your response.
This network design is basically a large loop. There are about six 3448 routers in the loop each with a similar configuration. LAN traffic on eth0/1. Each router has 2 VLAN interfaces, each connected to a wireless bridge which in turn connects to the VLAN interface on the next router.
OSPF handles the routing decisions. When one of the wireless bridges goes down, ospf kicks in and rerouts the traffic.
When the ring was initially completed, it seemed to work for a short period of time, but we stated seeing vlan interface ports shutting down. The solution, based on help with Adtran support, was to use the "spanning-tree bpdufilter enable" command on each of the VLAN interfaces on one router in the ring.
This seems to have resolved the issue, but I am now wondering if there was another way that I could have done this....specifically, I am questioning my choice of using the Ethernet port for local traffic and the VLAN interfaces for inter-router communications.
If I had designed the network with the LAN traffic on switch port 1 as a VLAN interface and used the Ethernet ports, would I have had to use the "spanning-tree bpdufilter enable" command at all?
What if I had put all traffic on vlan interfaces rather than Ethernet ports?
In this case, what is the difference between the Ethernet ports and Switch ports configured as VLAN interfaces?
I went ahead and flagged this post as "Assumed Answered." If any of the responses on this thread assisted you, please mark them as Correct or Helpful as the case may be with the applicable buttons. This will make them visible and help other members of the community find solutions more easily. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.
I'm working on an Adtran design right now leveraging Netvanta 1638 (and other 15xx/16xx) switches; however, I seem to be unable to configure physical interfaces with IP addresses. I have to run OSPF in this environment to support their redundant paths but I'm not quite sure how to implement OSPF without being able to configure point-to-point /32 networks as transit links between devices. Am I left to configuring OSPF only on the VLAN interfaces or am I just not understanding how to configure IP addresses on physical interfaces on a switch? In the Cisco world you just issue the command "no switchport" on a multilayer switch and you're off and running but I'm having problems figuring this out on the Netvanta switches.
phil_denton - On the layer 3 switches, you will need to create VLAN interfaces that will have IP addresses assigned to them. Then you will want to assign those VLANs to the switchports.
In the CLI, you would simply enter the commands below from config mode:
int vlan <VLAN ID>
ip address <IP address> <Subnet Mask>
int switchport 0/<port ID>
switchport access vlan <VLAN ID>
Please keep in mind that VLAN interfaces will always be in an up state unless administratively shutdown.
Let us know if you have any questions.
Thanks noor. This sounds like a pretty poor way to implement Layer 3 interfaces though. If the VLAN interfaces are always up then it'll take forever for OSPF to reconverge (since it'll have to wait for timers to expire)!