How to use IP Fabric is basic end user introduction to IP Fabric with practical examples.
This guide assumes that initial network discovery is already done. For more details how to install, configure and run initial discovery please check First Start With The Platform article.
Diagrams (up to 3.8.x) and technology tables are described in detail in IP Fabric documentation.
Scenario described below can be reproduced on IP Fabric demo servers.
Working with diagrams and technology tables
Scenario: Site L41 experienced some spanning tree instability. IT manager asked you to check actual STP configuration and propose site configuration improvements.
Step 1 - Check site diagram
First let's check how site L41 looks like from L2 - STP perspective. Login to IP Fabric , go to Diagrams → Site Diagrams → Filter site to L41 → Show diagram.
For site filtering Show data for drop down menu in the top left corner can be also used. If this filter is used it's automatically applied to all tables in IP Fabric.
We are interested just in STP topology, change to view to STP only. On right site choose Protocols → Spanning tree (from drop down menu). Diagram now shows only STP connections.
Diagram can be reorganized using drag and drop for better clarity. Each icon/device can be moved independently or shift key can be used for bulk icon/devices movement. Do not forget to save your diagram look when done (floppy disk icon at the top left corner).
According to diagram there are multiple switching domains (contiguously interconnected STP instances representing single L2 failure domain).
Let's choose one switching domain for our scenario. Click on device and check Switching domain.
Step 2 - Technology tables
With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. All other decisions in the network, such as which port to block and which port to put in forwarding mode, are made from the perspective of this root bridge. A switched environment, which is different from a bridge environment, most likely deals with multiple VLANs. When you implement a root bridge in a switching network, you usually refer to the root bridge as the root switch.
Because we are interested only to site L41 it's recommended to show data only for it. Go to Technology → Spanning Tree → STP instances and filter Switching Domain to 10.
What we can see here is that there are multiple VLANs. For all VLANs except two is root bridge known. VLAN 5 and VLAN 15 has know root bridge ID but root host name is unknown. This usually means that root bridge is not reachable for IP Fabric (ACL settings, management access misconfiguration, etc.).
To troubleshoot VLAN 5 unknown root bridge host name click to VLAN number Vl5. It shows on which switches is this VLAN available. There is only one switch (discovered by IP Fabric) where this VLAN is active L41SD75. To find out more details about root bridge connect to switch L41SD75. Using CDP we found out that there is switch L41AC5 with unconfigured management access. This switch is not accessible from the network which is wrong and must be fixed.
To troubleshoot VLAN 15 unknown root bridge host name click to VLAN number Vl15. It shows on which switches is this VLAN available. There is only one switch (discovered by IP Fabric) where this VLAN is active L41SD85. To find out more details about root bridge connect to switch L41SD85. Using CDP we found out that there is switch L41AC6 with unconfigured management access. This switch is not accessible from the network which is wrong and must be fixed.
So far we discovered two misconfigured switched L41AC5 and L41AC6.
You can find more information about devices in Inventory → Devices. Enter host name or device IP address.
Move back to STP instances list and check root for the rest of our VLANs: Technology → Spanning Tree → STP instances and filter Switching Domain to 10.
For all other VLANs there is the only one root L41ACC105. Click on Switching domain number for Diagram.
You can visualize STP root as well as L2 path with blocked STP ports:
- Click on Protocols
- Select Spanning tree
- Disable Link Grouping if enabled
- Click on any STP link between switches
- Select VLAN to vizualize
- See STP root
In our topology root bridge should be active HSRP distribution switch. According to IP Fabric diagram it's not the case. There are two distribution switches L41SD75 and L41SD85. To check which one is HSRP active follow these steps:
- Click on one distribution switch (L41SD75 in our case)
- Click on FHRP technology table
- Check Active column
Local device (L41SD75 in our case) is active for all VLANs which we are interested in.
Step 3 - Conclusion
Using IP Fabric we found out that Switching domain 10 has two unreachable devices L41AC5 and L41AC6 which are roots for VLAN 5 and 15.
The rest of VLANs in this domain has configured wrong switch as a root bridge. STP must be reconfigured that active HSRP distribution switch (L41SD75) will be root and standby HSRP distribution switch (L41SD85) will be root in case of failure primary root.