STP Dispute

STP dispute is a mechanism that checks if the BPDUs that it receives on an interface match with the port role/state of the interface. This helps to detect unidirectional link failures and prevent bridging loops. When a designated port detects a problem, it will keep the port role but changes its state so that all traffic is dropped until the issue is fixed. Dropping all traffic isn’t nice, but it’s better than the alternative, a bridging loop.

Configuration

STP dispute is a mechanism that checks if the BPDUs that it receives on an interface match with the port role/state of the interface. This helps to detect unidirectional link failures and prevent bridging loops. When a designated port detects a problem, it will keep the port role but changes its sta


Let’s look at an example. I will use the following two switches:

sw1 sw2 two links

SW1 and SW2 are connected to each other with two links. Here’s the spanning-tree topology:

SW1#show spanning-tree 

VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    4097
             Address     fa16.3e4e.be24
             Cost        4
             Port        2 (GigabitEthernet0/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     fa16.3ef4.43e6
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Root FWD 4         128.2    P2p 
Gi0/2               Altn BLK 4         128.3    P2p 
SW2#show spanning-tree  

VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    4097
             Address     fa16.3e4e.be24
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4097   (priority 4096 sys-id-ext 1)
             Address     fa16.3e4e.be24
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg FWD 4         128.2    P2p 
Gi0/2               Desg FWD 4         128.3    P2p 

As you can see, SW2 is the root bridge, and all interfaces have the correct port state. Time to stir things up. I’m using Ethernet interfaces so I can’t pull the cable and cause a unidirectional link failure. What I can do, is create a mac access-list that denies all spanning-tree traffic.  Before I create and activate it, let’s enable debugging on SW1:

SW1#debug spanning-tree events 
Spanning Tree event debugging is on

Now let’s create that access-list that filters spanning-tree traffic:

SW2(config)#mac access-list extended NO_STP
SW2(config-ext-macl)#deny any host 0180.c200.0000
SW2(config-ext-macl)#permit any any

And activate it on the inbound interfaces of SW2:

SW2(config)#interface range GigabitEthernet 0/1 - 2
SW2(config-if-range)#mac access-group NO_STP in

This prevents SW2 from receiving any BPDUs from SW1. We can verify this by looking at the access-list:

SW2#show access-lists NO_STP
Extended MAC access list NO_STP 
    deny   any host 0180.c200.0000 (58 matches)
    permit any any (21 matches)

What I will do now, is make SW1 the new root bridge. This causes SW1 to change its interfaces to designated ports. SW2 should select a root and non-designated (alternate) port:

SW1(config)#spanning-tree vlan 1 priority 0

As soon as I do this, I get the following debug messages:

SW1#
setting bridge id (which=1) prio 1 prio cfg 0 sysid 1 (on) id 0001.fa16.3ef4.43e6
RSTP(1): updt roles, non-tracked event
RSTP(1): we become the root bridge
RSTP(1): Gi0/1 is now designated
RSTP(1): Gi0/2 is now designated
RSTP(1): transmitting a proposal on Gi0/2
RSTP(1): Gi0/1 Dispute!
RSTP(1): Gi0/2 Dispute!

SW1 is changing its interfaces to the STP dispute status. We can see it here too:

SW1#show spanning-tree 

VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    1
             Address     fa16.3ef4.43e6
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    1      (priority 0 sys-id-ext 1)
             Address     fa16.3ef4.43e6
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg BLK 4         128.2    P2p Dispute 
Gi0/2               Desg BLK 4         128.3    P2p Dispute

Both interfaces are still designated ports, but they are blocked and show up “dispute”.

So, why exactly did this happen? The answer lies in the BPDUs that SW2 transmits to SW1:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 654 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

540 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Forum Replies

  1. Hi,
    Cisco virl is must for this lab ?
    Which image you are using for this switch

    Thanks

  2. Hi,
    What is this mac ‘0180.c200.0000’
    Thanks

  3. Hello Sims

    All 802.1q traffic (spanning tree traffic) is destined for the 0180.c200.0000 multicast MAC address. If this is blocked, then STP traffic will be blocked.

    I hope this has been helpful!

    Laz

Ask a question or join the discussion by visiting our Community Forum