Community discussions

MikroTik App
 
ssn
just joined
Topic Author
Posts: 2
Joined: Sat Sep 25, 2021 11:20 am

Howto disable STP on a Port (without Guard)

Wed Sep 29, 2021 1:12 pm

We have a Mikrotik environment with one bridge mstp, 5 regions with multiple redundant links
All devices either CRS326-24S+2Q+ or CRS354-48G-4S+2Q+

In one region, we have a backup isp provider whoms device does stp

When hooking this provider to our Mikrotik environment, this port became root port
We set “restricted-role=yes” which resulted in a complete network shutdown. We hat to reboot the switches manually (but the setting stayed)
Now, the port was still alternate root

We just want to disable stp on that particular port

With other setups (DELL/Huawei), we can just disable stp on that particular port // (the formar setup at this site was dell and disabling stp on that link worked without issues)

We tried to set edge=yes, for stp to disable, but when setting this option, the device “ignores” the setting.

[admin@VHQA01] > /interface bridge port monitor 32
;;; PROBLEM
interface: sfp-sfpplus24
status: in-bridge
port-number: 25
role: alternate-port
edge-port: no
edge-port-discovery: no
point-to-point-port: no
external-fdb: no
sending-rstp: yes
learning: no
forwarding: no
root-path-cost: 1000
designated-bridge: 0.2C:FA:A2:24:F0:34
designated-cost: 0
designated-port-number: 1091
hw-offload-group: switch1


We cannot set edge=yes bpdu-guard=yes because then, the Switch disables the port completely because of bpdu guard


What is the proper config for that port in mikrotik world ?

many thanks for your input !
Marco



---
I copied the /export from that particular switch, im talking about port 24

# xxx RouterOS 6.48.4
# software id = ZUVT-UC4D
#
# model = CRS326-24S+2Q+
#
/interface bridge
add admin-mac=2C:C8:1B:69:56:A8 auto-mac=no comment=defconf name=bridge priority=0x6000 protocol-mode=mstp region-name=VHQ vlan-filtering=yes
/interface vlan
add interface=bridge name=vlan2255 vlan-id=2255
/interface ethernet switch port
set 1 storm-rate=1
set 2 storm-rate=1
set 3 storm-rate=1
set 4 storm-rate=1
set 25 storm-rate=1
set 29 storm-rate=1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/snmp community
set xxx
/system logging action
set 3 remote=xxx.xxx.0.145
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment="xxx" interface=qsfpplus1-1
add bridge=bridge comment=defconf interface=qsfpplus1-2
add bridge=bridge comment=defconf interface=qsfpplus1-3
add bridge=bridge comment=defconf interface=qsfpplus1-4
add bridge=bridge comment="xxx" interface=qsfpplus2-1
add bridge=bridge comment=defconf interface=qsfpplus2-2
add bridge=bridge comment=defconf interface=qsfpplus2-3
add bridge=bridge comment=defconf interface=qsfpplus2-4
add bridge=bridge comment="xxx" interface=sfp-sfpplus1
add bridge=bridge comment=defconf interface=sfp-sfpplus2
add bridge=bridge comment=defconf interface=sfp-sfpplus3
add bridge=bridge comment=defconf interface=sfp-sfpplus4
add bridge=bridge comment=defconf interface=sfp-sfpplus5
add bridge=bridge comment=defconf interface=sfp-sfpplus6
add bridge=bridge comment=defconf interface=sfp-sfpplus7
add bridge=bridge comment=defconf interface=sfp-sfpplus8
add bridge=bridge comment="Uplink xxx" interface=sfp-sfpplus9 pvid=3002
add bridge=bridge comment="Uplink xxx" interface=sfp-sfpplus10 pvid=3002
add bridge=bridge comment="Uplink xxx" interface=sfp-sfpplus11 pvid=3002
add bridge=bridge comment="Uplink xxx" interface=sfp-sfpplus12 pvid=3002
add bridge=bridge comment="Uplink xxx" interface=sfp-sfpplus13 pvid=3002
add bridge=bridge comment=defconf interface=sfp-sfpplus14
add bridge=bridge comment=defconf interface=sfp-sfpplus15
add bridge=bridge comment=defconf interface=sfp-sfpplus16
add bridge=bridge comment=defconf interface=sfp-sfpplus17
add bridge=bridge comment=defconf interface=sfp-sfpplus18
add bridge=bridge comment=defconf interface=sfp-sfpplus19
add bridge=bridge comment=defconf interface=sfp-sfpplus20
add bridge=bridge comment=defconf interface=sfp-sfpplus21
add bridge=bridge comment=defconf interface=sfp-sfpplus22
add bridge=bridge comment=defconf interface=sfp-sfpplus23
add bridge=bridge comment="PROBLEM" edge=yes interface=sfp-sfpplus24 internal-path-cost=1000 path-cost=1000 point-to-point=no pvid=1002 restricted-role=yes restricted-tcn=yes
/interface bridge vlan
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=1000
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=1001
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2000
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2001
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2100
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2200
add bridge=bridge comment=xxx tagged=bridge,qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2255
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2501
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=2550
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 untagged=sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13 vlan-ids=3002
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=3003
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=3004
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=3100
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13 vlan-ids=3200
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=3300
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=3400
add bridge=bridge comment=xxx tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=3500
add bridge=bridge comment=UPLINK_xxx_1 tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 untagged=sfp-sfpplus24 vlan-ids=1002
add bridge=bridge comment=UPLINK_xxx_2 tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=1003
add bridge=bridge comment=UPLINK_xxx_3 tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=1004
add bridge=bridge comment=UPLINK_xxx_4 tagged=qsfpplus1-1,qsfpplus2-1,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4 vlan-ids=1005
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0
add address=xxx.xxx.255.163/24 interface=vlan2255 network=xxx.xxx.255.0
/ip route
add distance=2 gateway=xxx.xxx.255.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
/system clock
set time-zone-name=xxx
/system identity
set name=xxx
/system logging
add action=remote topics=info
add action=remote topics=critical
add action=remote topics=error
add action=remote topics=warning
/system ntp client
set enabled=yes primary-ntp=xxx
/system routerboard settings
set boot-os=router-os

Who is online

Users browsing this forum: Bing [Bot] and 11 guests