Contents

9 MSTP Configuration
9.1 MSTP Overview
9.1.1 MSTP Introduction
9.1.2 MSTP Features Supported by the S3700
9.2 Configuring Basic MSTP Functions
9.2.1 Establishing the Configuration Task
9.2.2 Configuring the MSTP Mode
9.2.3 Configuring and Activating an MST Region
9.2.4 (Optional) Setting a Priority for a Switching Device in an MSTI
9.2.5 (Optional) Setting a Path Cost of a Port in an MSTI
9.2.6 (Optional) Setting a Port Priority in an MSTI
9.2.7 Enabling MSTP
9.2.8 Checking the Configuration
9.3 Configuring MSTP Parameters on an Interface
9.3.1 Establishing the Configuration Task
9.3.2 Configuring System Parameters
9.3.3 Configuring Port Parameters
9.3.4 Checking the Configuration
9.4 Configuring MSTP Protection Functions
9.4.1 Establishing the Configuration Task
9.4.2 Configuring BPDU Protection on a Switching Device
9.4.3 Configuring TC Protection on a Switching Device
9.4.4 Configuring Root Protection on an Interface
9.4.5 Configuring Loop Protection on an Interface
9.4.6 Checking the Configuration
9.5 Configuring MSTP Interoperability Between Huawei Devices and Non-Huawei Devices
9.5.1 Establishing the Configuration Task
9.5.2 Configuring a Proposal/Agreement Mechanism
9.5.3 Configuring the MSTP Protocol Packet Format on an Interface
9.5.4 Enabling the Digest Snooping Function
9.5.5 Checking the Configuration
9.6 Maintaining MSTP
9.6.1 Clearing MSTP Statistics
9.7 Configuration Examples
9.7.1 Example for Configuring Basic MSTP Functions
9 MSTP Configuration

The Multiple Spanning Tree Protocol (MSTP) trims a ring network into a loop-free tree
network. It prevents replication and circular propagation of packets, provides multiple
redundant paths for Virtual LAN (VLAN) data traffic, and enables load balancing.

 9.1 MSTP Overview

MSTP enables multiple VLANs to be grouped into a spanning-tree instance, forming
a VLAN mapping table. Each instance has a spanning-tree topology independent of
other spanning-tree instances. This architecture provides multiple forwarding paths
for data traffic and enables load balancing.

 9.2 Configuring Basic MSTP Functions

MSTP based on the basic STP/RSTP function divides a switching network into
multiple regions, each of which has multiple spanning trees that are independent of
each other. MSTP isolates user traffic and service traffic, and load-balances VLAN
traffic.

 9.3 Configuring MSTP Parameters on an Interface

MSTP implements RSTP rapid convergence. To achieve rapid convergence, you need
to configure proper MSTP parameters.

 9.4 Configuring MSTP Protection Functions

MSTP protection functions are as follows, and you can configure one or more
functions as required.

 9.5 Configuring MSTP Interoperability Between Huawei Devices and Non-

Huawei Devices
To enable Huawei devices to interwork with non-Huawei devices, configure proper
parameters and functions, including the BPDU format, MSTP protocol packet format,
and digest snooping function, on the Huawei devices running MSTP.

 9.6 Maintaining MSTP

MSTP maintenance includes resetting MSTP statistics.

 9.7 Configuration Examples

This section provides an MSTP configuration example.

9.1 MSTP Overview

MSTP enables multiple VLANs to be grouped into a spanning-tree instance, forming a
VLAN mapping table. Each instance has a spanning-tree topology independent of other
spanning-tree instances. This architecture provides multiple forwarding paths for data
traffic and enables load balancing.
9.1.1 MSTP Introduction
The Multiple Spanning Tree Protocol (MSTP) incorporates the functions of the Spanning
Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP), and outperforms them. It
enables rapid convergence and provides load balancing across redundant paths.

Background
STP and RSTP are used in a LAN to prevent loops. The devices running STP/RSTP
discover loops on the network by exchanging information with each other and trim the ring
topology into a loop-free tree topology by blocking a certain interface. Replication and
circular propagation of packets are thus prevented on the network and the processing
performance of devices is improved by avoiding repeated packets on the network.
STP and RSTP both have a defect: All VLANs on a LAN use one spanning tree, and thus
inter-VLAN load balancing cannot be performed. Once a link is blocked, the link will no
longer transmit traffic, wasting bandwidth and causing a failure in forwarding certain
VLAN packets.
To fix the defect of STP and RSTP, the IEEE released the 802.1s standard in 2002, defining
MSTP. MSTP compatible with STP and RSTP implements rapid convergence and provides
multiple paths to load balance VLAN traffic.

Table 9-1 shows the comparison between STP, RSTP, and MSTP.
Table 9-1 Comparison between STP, RSTP, and MSTP

Spanning Characteristics Application Scenarios Precautions

Tree
Protocols

STP A loop-free tree is Irrespective of different NOTE:

generated. Thus, broadcast users or services, all  If the current switching
storms are prevented and VLANs share one spanning device supports only
redundancy is implemented. tree. STP, STP is
recommended. For
RSTP  A loop-free tree is details, see STP/RSTP
generated. Thus, Configuration.
broadcast storms are
 If the current switching
prevented and device supports both
redundancy is STP and RSTP, RSTP is
implemented. recommended. For
 A feedback mechanism details, see STP/RSTP
is provided to confirm Configuration.
topology convergence.  If the current switching
Thus, rapid convergence device supports STP or
is implemented. RSTP, and MSTP,
MSTP is recommended.
MSTP  A loop-free tree or some User or service-specific
loop-free trees are load balancing is required.
generated. Thus, Traffic for different VLANs
broadcast storms are is forwarded through
prevented and different spanning trees,
redundancy is which are independent of
implemented. each other.
 A feedback mechanism
 Spanning Characteristics Application Scenarios Precautions
Tree
Protocols

is provided to confirm
topology convergence.
Thus, rapid convergence
is implemented.
 MSTP implements load
balancing among
VLANs. Traffic in
different VLANs is
transmitted along
different paths.

Introduction
On a complex network, loops are inevitable. With the requirement for network redundancy
backup, network designers tend to deploy multiple physical links between two devices, one
of which is the master and the others are the backup. Loops are likely or bound to occur in
such a situation.
Loops will cause broadcast storms, thereby exhausting network resources and paralyzing
the network. Loops also cause flapping of MAC address tables and thus damages MAC
address entries.
MSTP, compatible with STP and RSTP, isolates service traffic and user traffic by using
multiple instances and provides multiple paths to load balance VLAN traffic.
If MSTP is deployed in the LAN shown in Figure 9-1, MSTIs are generated, as shown
in Figure 9-1.
Figure 9-1 Multiple spanning trees in an MST region

 MSTI 1 uses Switch D as the root switching device to forward packets of VLAN 2.
 MSTI 2 uses Switch F as the root switching device to forward packets of VLAN 3.
Devices within the same VLAN can communicate with each other and packets of different
VLANs are load-balanced along different paths.

Basic MSTP Concepts

 MST region
An MST region contains multiple switching devices and network segments
between them. The switching devices have the following characteristics:
 MSTP-enabled
 Same region name
 Same VLAN-to-instance mapping
 Same MSTP revision number
A LAN can comprise several MST regions that are directly or indirectly
connected. Multiple switching devices can be grouped into an MST region by
using MSTP configuration commands.
As shown in Figure 9-2, the MST region D0 contains the switching devices S1,
S2, S3, and S4, and has three MSTIs.
 Figure 9-2 MST region

 VLAN mapping table

The VLAN mapping table is an attribute of the MST region. It describes mappings
between VLANs and MSTIs.
Figure 9-2 shows the mappings in the VLAN mapping table of the MST region
D0:
 VLAN 1 is mapped to MSTI 1.
 VLAN 2 and VLAN 3 are mapped to MSTI 2.
 Other VLANs are mapped to MSTI 0.
 Regional root
Regional roots are classified into Internal Spanning Tree (IST) and MSTI regional
roots.
In the region B0, C0, and D0 on the network shown in Figure 9-4, the switching
devices closest to the Common and Internal Spanning Tree (CIST) root are IST
regional roots.
An MST region can contain multiple spanning trees, each called an MSTI. An
MSTI regional root is the root of the MSTI. On the network shown in Figure 9-3,
each MSTI has its own regional root.
 Figure 9-3 MSTI

MSTIs are independent of each other. An MSTI can correspond to one or more
VLANs, but a VLAN can be mapped to only one MSTI.
 CIST root
 Figure 9-4 MSTP network

On the network shown in Figure 9-4, the CIST root is the root bridge of a CIST.
The CIST root is a device in A0.
 CST
A Common Spanning Tree (CST) connects all the MST regions on a switching
network.
Each MST region can be considered a node. A CST is calculated by using STP or
RSTP based on all the nodes.
As shown in Figure 9-4, the MST regions are connected to form a CST.
 IST
An IST resides within an MST region.
An IST is a special MSTI with the MSTI ID of 0, called MSTI 0.
An IST is a segment of the CIST in an MST region.
As shown in Figure 9-4, the switching devices in an MST region are connected to
form an IST.
 CIST
A CIST, calculated by using STP or RSTP, connects all the switching devices on a
switching network.
As shown in Figure 9-4, the ISTs and the CST form a complete spanning tree, that
is, CIST.
 SST
A Single Spanning Tree (SST) is formed in either of the following situations:
  A switching device running STP or RSTP belongs to only one spanning tree.
 An MST region has only one switching device.
As shown in Figure 9-4, the switching device in B0 is an SST.
 Port roles
Compared with RSTP, MSTP has two additional port types. MSTP ports can be
root ports, designated ports, alternate ports, backup ports, edge ports, master ports,
and regional edge ports.

The functions of root ports, designated ports, alternate ports, backup ports, and
edge ports have been defined in RSTP. Table 9-2 lists all port roles in MSTP.

NOTE:
Except edge ports, all ports participate in MSTP calculation.
A port can play different roles in different MSTIs.

Table 9-2 Port roles

Port Roles Description

Root port A root port is the non-root bridge port closest to the root bridge. Root bridges do
not have root ports.
Root ports are responsible for sending data to root bridges.
As shown in Figure 9-5, S1 is the root; CP1 is the root port on S3; BP1 is the root
port on S2; DP1 is the root port on S4.

Designated The designated port on a switching device forwards bridge protocol data units
port (BPDUs) to the downstream switching device.
As shown in Figure 9-5, AP2 and AP3 are designated ports on S1; BP2 is a
designated port on S2; CP2 is a designated port on S3.

Alternate  From the perspective of sending BPDUs, an alternate port is blocked after a
port BPDU sent by another switching devices is received.
 From the perspective of user traffic, an alternate port provides an alternate path
to the root bridge. This path is different than using the root port.
As shown in Figure 9-5, BP2 and AP4 are alternate ports.

Backup  From the perspective of sending BPDUs, a backup port is blocked after a
port BPDU sent by itself is received.
 From the perspective of user traffic, a backup port provides a
backup/redundant path to a segment where a designated port already connects.
As shown in Figure 9-5, CP3 is a backup port.

Master A master port is on the shortest path connecting MST regions to the CIST root.
port BPDUs of an MST region are sent to the CIST root through the master port.
Master ports are special regional edge ports, functioning as root ports on ISTs or
CISTs and master ports in instances.
As shown in Figure 9-5, S1, S2, S3, and S4 form an MST region. AP1 on S1,
being the nearest port in the region to the CIST root, is the master port.
Port Roles Description

Regional A regional edge port is located at the edge of an MST region and connects to
edge port another MST region or an SST.
During MSTP calculation, the roles of a regional edge port in the MSTI and the
CIST instance are the same. If the regional edge port is the master port in the
CIST instance, it is the master port in all the MSTIs in the region.
As shown in Figure 9-5, AP1, DP2, and DP3 in an MST region are directly
connected to other regions, and therefore they are all regional edge ports of the
MST region.
As shown in Figure 9-5, AP1 is a regional edge port and also a master port in the
CIST. Therefore, AP1 is the master port in every MSTI in the MST region.

Edge port An edge port is located at the edge of an MST region and does not connect to any
switching device.
Generally, edge ports are directly connected to terminals.
As shown in Figure 9-5, BP3 is an edge port.

Figure 9-5 Port roles

 Port status
Table 9-3 lists the MSTP port status, which is the same as the RSTP port status.
Table 9-3 Port status

Port Status Description

Forwarding A port in the Forwarding state can send and receive BPDUs as well as forward
 Port Status Description

user traffic.

Learning This is a transition state. A port in the Learning state learns MAC addresses from
user traffic to construct a MAC address table.
In the Learning state, the port can send and receive BPDUs, but cannot forward
user traffic.

Discarding A port in the Discarding state can only receive BPDUs.

There is no necessary link between the port status and the port role. Table 9-4 lists
the relationships between port roles and port status.
Table 9-4 Relationships between port roles and port status

Port Status Root Designated Regional Edge Alternate Port Backup Port
Port/Master Port Port
Port

Forwarding Yes Yes Yes No No

Learning Yes Yes Yes No No

Discarding Yes Yes Yes Yes Yes

Yes: The port supports this status.

No: The port does not support this status.

9.1.2 MSTP Features Supported by the S3700

Before configuring MSTP, familiarize yourself with the concepts of basic MSTP functions,
topology convergence, MSTP protection, and MSTP interoperability between Huawei
devices and non-Huawei devices. This will help you complete the configuration task
quickly and accurately.
MSTP is used to block redundant links on the Layer 2 network and trim a network into a
loop-free tree. In MSTP, multiple MSTIs can be created and VLANs are mapped into
different instances to load-balance VLAN traffic. The basic configuration roadmap of
MSTP is as follows:
1. In a ring network, divide regions and create different instances for regions.
2. Select a switching device functioning as a root bridge from switching devices for
each instance.
3. In each instance, calculate the shortest paths from the other switching devices to
the root bridge, and select a root port for each non-root switching device.
4. In each instance, select a designated port for each connection according to port
IDs.
According to current networking, master ports and backup ports may be involved. For
details, see 9.1.1 MSTP Introduction.
MSTP also supports the following features to meet requirements of special applications and
extended functions:
  Supports the Proposal/Agreement mechanism to implement rapid convergence.
 Supports protection functions as listed in Table 9-5.
 Supports MSTP interoperability between Huawei devices and non-Huawei devices.
Proper parameters are required on Huawei devices running MSTP to ensure
nonstop communication.
Table 9-5 MSTP protection

MSTP Scenario Configuration Impact

Protection

BPDU An edge port changes to be a After BPDU protection is enabled on the

protection non-edge port after receiving a switching device, the switching device shuts
BPDU, which triggers down the edge port if the edge port receives an
spanning tree recalculation. If RST BPDU, and notifies the NMS of the
an attacker keeps sending shutdown event. The attributes of the edge port
bogus BPDUs to a switching are not changed.
device, network flapping
occurs.

TC protection Generally, after receiving TC TC protection is used to suppress TC-BPDUs.

BPDUs (packets for The number of times that TC-BPDUs are
advertising network topology processed by a switching device within a given
changes), a switching device time period is configurable. If the number of TC-
needs to delete MAC entries BPDUs that the switching device receives within
and ARP entries. Frequent the given time exceeds the specified threshold,
deletion operations will the switching device handles TC-BPDUs only
exhaust CPU resources. for the specified number of times. Excessive TC-
BPDUs are processed by the switching device as
a whole for once after the timeout period
expires. This protects the switching device from
frequently deleting MAC entries and ARP
entries, thus avoiding over-burden.

Root protection Due to incorrect To address this issue, the root protection
configurations or malicious function can be configured to protect the root
attacks on the network, a root bridge by preserving the role of the designated
bridge may receive BPDUs port. With this function, when the designated
with a higher priority. port receives RST BPDUs with a higher priority,
Consequently, the legitimate the port enters the Discarding state and does not
root bridge is no longer able to forward the BPDUs. If the port does not receive
serve as the root bridge, and any RST BPDUs with a higher priority for a
the network topology is certain period (double the Forward Delay), the
illegitimately changed, port transitions to the Forwarding state.
triggering spanning tree
recalculation. This may
transfer traffic from high-
speed links to low-speed links,
causing traffic congestion.

Loop A root port or an alternate port The loop protection function can be used to
protection will age if link congestion or a prevent such network loops. If the root port or
one-way link failure occurs. alternate port cannot receive RST BPDUs from
After the root port ages, a the upstream switching device, the root port is
switching device may re-select blocked and the switching device notifies the
a root port incorrectly and NMS that the port enters the Discarding state.
 MSTP Scenario Configuration Impact
Protection

after the alternate port ages, The blocked port remains in the Blocked state
the port enters the Forwarding and no longer forwards packets. This prevents
state. Loops may occur in such loops on the network. The root port restores the
a situation. Forwarding state after new RST BPDUs are
received.

NOTE:
The S3700 does not support the Per-VLAN Spanning Tree (PVST) protocol and cannot process PVST
packets. You can configure the S3700 to transparently transmit PVST packets. For details, see 11 Layer 2
Protocol Transparent Transmission Configuration.

9.2 Configuring Basic MSTP Functions

MSTP based on the basic STP/RSTP function divides a switching network into multiple
regions, each of which has multiple spanning trees that are independent of each other.
MSTP isolates user traffic and service traffic, and load-balances VLAN traffic.
MSTP is commonly configured on a switching device to trim a ring network to a loop-free
network. MSTP configurations on the switching device involve MSTP working mode
configuration and MST region configuration and activation. If you need to interfere in the
spanning tree calculation, the following methods are available:
 Setting a priority for a switching device in an MSTI: The lower the numerical value,
the higher the priority of the switching device and the more likely the switching
device becomes a root bridge; the higher the numerical value, the lower the
priority of the switching device and the less likely that the switching device
becomes a root bridge.
 Setting a path cost for a port in an MSTI: With the same calculation method, the
lower the numerical value, the smaller the cost of the path from the port to the root
bridge and the more likely the port becomes a root port; the higher the numerical
value, the larger the cost of the path from the port to the root bridge and the less
likely that the port becomes a root port.
 Setting a priority for a port in an MSTI: The lower the numerical value, the more
likely the port becomes a designated port; the higher the numerical value, the less
likely that the port becomes a designated port.

9.2.1 Establishing the Configuration Task

Before configuring basic MSTP functions, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This will
help you complete the configuration task quickly and accurately.
Applicable Environment
On a complex network, loops are inevitable. With the requirement for network redundancy
backup, network designers tend to deploy multiple physical links between two devices, one
of which is the master and the others are the backup. Loops are likely or bound to occur in
such a situation.
Loops will cause broadcast storms, thereby exhausting network resources and paralyzing
the network. Loops also cause flapping of MAC address tables and thus damages MAC
address entries.
MSTP can be deployed on a network to eliminate loops. If a loop is detected, MSTP blocks
one or more ports to eliminate the loop. In addition, MSTIs can be configured to load-
balance VLAN traffic.
As shown in Figure 9-6, Switches A, B, C, and D all support MSTP. It is required to create
MSTI 1 and MSTI 2, configure a root bridge for each MSTI, and set the ports to be blocked
to load-balance traffic of VLANs 1 to 10 and VLANs 11 to 20 among different paths.
Figure 9-6 Networking diagram of configuring basic MSTP functions

NOTE:
If the current device supports MSTP, configuring MSTP is recommended.

Pre-configuration Tasks
Before configuring basic MSTP functions, complete the following task:
 Connecting interfaces and setting physical parameters for the interfaces to ensure
that the physical status of the interfaces is Up
 Configuring VLAN features of the ports

Data Preparation
To configure basic MSTP functions, you need the following data.
 No. Data

1 MSTP working mode

2 MST region name, VLAN-to-instance mapping, and MSTP revision number

3 (Optional) ID of an MSTI

4 (Optional) Priority of a switching device in an MSTI

5 (Optional) Priority of a port in an MSTI

6 (Optional) Path cost of a port in an MSTI

9.2.2 Configuring the MSTP Mode

Before configuring basic MSTP functions, you need to configure the working mode of a
switching device to MSTP. MSTP is compatible with STP and RSTP.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp mode mstp

The working mode of the switching device is configured as MSTP. By default,

the working mode is MSTP.
STP and MSTP cannot recognize packets of each other but MSTP and RSTP can.
If a switching device is configured to work in MSTP mode and is connected to
some switching devices running STP, the switching device automatically transits
the working mode of the interfaces connected to the switching devices running
STP to STP and other interfaces still run MSTP. This enables devices running
different spanning tree protocols to interwork with each other.

9.2.3 Configuring and Activating an MST Region

MSTP divides a switching network into multiple MST regions. After an MST region name,
VLAN-to-instance mappings, and an MSTP revision number are configured, activating the
MST region is necessary. After this step is done, MST region configuration is complete.

Context
An MST region contains multiple switching devices and network segments between them.
These switching devices are directly connected and have the same region name, same
VLAN-to-instance mapping, same configuration revision number after MSTP is enabled.
One switching network can have multiple MST regions and multiple switching devices can
be grouped into one MST region by using MSTP configuration commands.

CAUTION:
Two switching devices belong to the same MST region when they have the same:
 Name of the MST region
 Mapping between VLANs and MSTIs
 Revision level of the MST region
Do as follows on a switching device that needs to join an MST region:

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp region-configuration

The MST region view is displayed.

3. Run:
region-name name

The name of an MST region is configured.

By default, the MST region name is the MAC address of the management
network interface on the MPU of the switching device.
4. Perform either of the following steps to configure VLAN-to-instance mappings.
 Run the instance instance-id vlan { vlan-id1 [ to vlan-id2 ] }&<1-10>
command to configure VLAN-to-instance mappings.
 Run the vlan-mapping modulo modulo command to enable VLAN-to-
instance mapping assignment based on a default algorithm.
By default, all VLANs in an MST region are mapped to MSTI 0.

NOTE:
 The instance instance-id vlan { vlan-id1 [ to vlan-id2 ] }&<1-10> command is recommended
because VLAN-to-instance mapping assignments cannot meet actual mapping requirements.
 In the command, vlan-mapping modulo indicates that the formula (VLAN ID-1)%modulo+1
is used. In the formula, (VLAN ID-1)%modulo means the remainder of (VLAN ID-1) divided
by the value of modulo. This formula is used to map a VLAN to the corresponding MSTI. The
calculation result of the formula is ID of the mapping MSTI.

5. (Optional) Run:
revision-level level

The MSTP revision number is set.

By default, the MSTP revision number is 0.
If the revision number of the MST region is not 0, this step is necessary.

NOTE:
The change of related MST region configurations (especially change of the VLAN mapping
table) causes the recalculation of spanning trees and the route flapping in a network. Therefore,
after an MST region name, VLAN-to-instance mappings, and an MSTP revision number is
configured, activating the MST region is necessary. You can run the check region-configuration
 command in the MST region view to check whether region configurations are correct. After
confirming that region configurations are correct, run the active region-configuration command to
activate MST region configurations.

6. Run:
active region-configuration

MST region configurations are activated so that the configured region name,
VLAN-to-instance mappings, and revision number can take effect.
If this step is not done, the preceding configurations cannot take effect.
If you have changed MST region configurations on the switching device after
MSTP starts, run the active region-configuration command to activate the MST
region so that the changed configurations can take effect.

9.2.4 (Optional) Setting a Priority for a Switching Device in

an MSTI
The lower the numerical value is, the higher priority a switching device has and the more
likely the switching device will be selected as a root bridge.

Context
In an MSTI, there is only one root bridge and it is the logic center of the MSTI. In root
bridge selection, the switching device with high performance and network hierarchy is
generally selected as a root bridge; however, the priority of such a device may be not that
high. Thus setting a high priority for the switching device is necessary so that the device
can function as a root bridge.
Other devices with low performance and network hierarchy are not fit to be a root bridge.
Therefore, set low priorities for these devices.

CAUTION:
If an S3700 is configured as the root switch or secondary root switch, the priority of
the S3700 cannot be set. If you want to set the priority of the S3700, you must disable the
root switch or secondary root switch.

Procedure
1. Run:
system-view

The system view is displayed.

 2. Run:
stp [ instance instance-id ] priority priority

A priority is set for the switching device in an MSTI.

The default priority value of the switching device is 32768.
If the instance is not designated, a priority is set for the switching device in
MSTI0.

NOTE:
 To configure a switching device as a primary root bridge, you can run the stp
[ instance instance-id ] root primary command directly. The priority value of this switching
device is 0.
 To configure a switching device as a secondary root bridge, run the stp [ instance instance-id ]
root secondary command. The priority value of this switching device is 4096.
In an MSTI, a switching device cannot act as a primary root bridge and a secondary root
bridge at the same time.

9.2.5 (Optional) Setting a Path Cost of a Port in an MSTI

The MSTP path cost determines root port selection in an MSTI. The port with the lowest
path cost to the root bridge is selected as a root port.

Context
A path cost is port-specific, which is used by MSTP as a reference to select a link.
Path costs of a port are an important basis for calculating spanning trees. If you set different
path costs for a port in different MSTIs, you can make VLAN traffic be transmitted along
different physical links and thus carry out VLAN load balancing.
On a network where loops occur, you are recommended to set a relatively large path cost
for the port at a low link rate. MSTP puts the port with the large path cost in the Blocking
state and blocks the link where this port resides.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp pathcost-standard { dot1d-1998 | dot1t | legacy }

A path cost calculation method is configured.

 By default, the IEEE 802.1t standard method is used to calculate the default path
cost.
All switching devices on a network must use the same path cost calculation
method.
3. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

4. Run:
stp instance instance-id cost cost

A path cost is set for the port in the current MSTI.

 When the Huawei proprietory calculation method is used, cost ranges from 1
to 200000.
 When the IEEE 802.1d standard method is used, cost ranges from 1 to 65535.
 When the IEEE 802.1t standard method is used, cost ranges from 1 to
200000000.

9.2.6 (Optional) Setting a Port Priority in an MSTI

The lower the numerical value, the more likely the port on a switching device becomes a
designated port; the higher the numerical value, the more likely the port is to be blocked.

Context
In spanning tree calculation, priorities of ports on switching devices in MSTIs determine
designated port selection.
If you expect to block a port on a switching device in an MSTI to eliminate loops, set the
port priority value to be larger than the default value. This port will be blocked in
designated port selection.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. Run:
stp instance instance-id port priority priority
 A port priority is set in an MSTI.
By default, the port priority is 128.
The value range of the priority is from 0 to 240, with the step 16. That is, the port
priority can be 0, 16, or 32.

9.2.7 Enabling MSTP

After basic MSTP functions are configured on a switching device, enabling the MSTP
function is required so that MSTP can work properly.

Context
After MSTP is enabled on a ring network, MSTP immediately calculates spanning trees on
the network. Configurations on the switching device, such as, the switching device priority
and port priority, will affect spanning tree calculation. Any change of the configurations
may cause network flapping. Therefore, to ensure rapid and stable spanning tree
calculation, perform basic configurations on the switching device and its ports and enable
MSTP.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp enable

MSTP is enabled on the switching device.

By default, the MSTP function is enabled on a S3700.

9.2.8 Checking the Configuration

After basic MSTP functions are configured, verify that the configurations take effect.

Prerequisites
All configurations of basic MSTP functions are complete.

Procedure
 Run the display stp [ instance instance-id ][ interface { interface-type interface-
number } ] [ brief ] command to view spanning-tree status and statistics.
 Run the display stp region-configuration command to view configurations of
activated MST regions.
 Run the display stp region-configuration [ digest ] command to view the digest
configurations of activated MST regions.

9.3 Configuring MSTP Parameters on an Interface

MSTP implements RSTP rapid convergence. To achieve rapid convergence, you need to
configure proper MSTP parameters.
9.3.1 Establishing the Configuration Task
Before configuring basic MSTP parameters, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This will
help you complete the configuration task quickly and accurately.

Applicable Environment
In some specific networks, MSTP parameters will affect the speed of network convergence.
Configuring proper MSTP parameters is required.

NOTE:
The default parameters also can be used to complete MSTP rapid convergence. Therefore, the configuration
procedures and steps in this command task are all optional.

Pre-configuration Tasks
Before configuring MSTP parameters, complete the following task:
 Configuring basic MSTP functions

Data Preparation
To configure MSTP parameters, you need the following data.

No. Data

1 Network diameter

2 Hello time, forwarding delay time, maximum aging time, and timeout period for waiting
for BPDUs from the upstream (3 x hello time x time factor)

3 Maximum hop count in an MST region

4 Link type of a port

5 Whether to Rapid transition mechanism

6 Whether to transition to the RSTP mode

7 Maximum number of sent BPDUs

8 Whether a port needs to be configured as an edge port

9 Whether auto recovery needs to be configured for an edge port being shut down

10 Whether a port needs to clear statistics of the spanning tree

11 Whether an edge port needs to be configured as a BPDU filter

9.3.2 Configuring System Parameters

MSTP parameters that may affect network convergence include the network diameter, hello
time, and timeout period for waiting for BPDUs from the upstream (3 x hello time x time
factor). Configure proper MSTP parameters to implement rapid network convergence.
Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp bridge-diameter diameter

The network diameter is configured.

By default, the network diameter is 7.
 RSTP uses a single spanning tree instance on the entire network, which cannot
prevent the performance from deteriorating when the network scale grows.
Therefore, the network diameter cannot be larger than 7.
 It is recommended that you run the stp bridge-diameter diameter command
to set the network diameter. Then, the switching device calculates the optimal
Forward Delay period, Hello time, and Max Age period based on the set
network diameter.
3. Run:
stp timer-factor factor

The timeout period for waiting for BPDUs from the upstream of a switching
device is set.
By default, the timeout period of a switching device is 9 times as long as the
Hello time.
4. (Optional) To set the Forward Delay period, Hello time, and Max Age period,
perform the following operations:
 Run the stp timer forward-delay forward-delay command to set the Forward
Delay period for a switching device.
The default Forward Delay period of a switching device is 1500, in
centiseconds.
 Run the stp timer hello hello-time command to set the Hello time for a
switching device.
The default Hello time of a switching device is 200, in centiseconds.
 Run the stp timer max-age max-age command to set the Max Age period for
a switching device.
The default Max Age period of a switching device is 2000, in centiseconds.

5. NOTE:
6. The values of the Hello time, Forward Delay period, and Max Age period must comply with the
following formulas. Otherwise, networking flapping occurs.
 2 × (Forward Delay - 1.0 second) >= Max Age
 Max Age >= 2 × (Hello Time + 1.0 second)

7. Run:
stp max-hops hop

The maximum hop count is set for the MST region.

 By default, the maximum hop count of the MST region is 20.
8. Run:
stp mcheck

MCheck is enabled.
On a switching device running MSTP, if an interface is connected to a device
running STP, the interface automatically transitions to the STP mode.
Enabling MCheck on the interface is required because the interface may fail to
automatically transition to the MSTP mode in the following situations:
 The switching device running STP is shut down or moved.
 The switching device running STP transitions to the MSTP mode.

NOTE:
If you run the stp mcheck command in the system view, the MCheck operation is performed on
all the interfaces.

9.3.3 Configuring Port Parameters

Port parameters that may affect MSTP topology convergence include the link type and
maximum number of sent BPDUs. Configure proper port parameters to implement rapid
topology convergence.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. (Optional) Run:
stp point-to-point { auto | force-false | force-true }

The link type is configured for a port.

By default, a port automatically determines whether to connect to a P2P link. The
P2P link supports rapid network convergence.
 If the Ethernet port works in full-duplex mode, the port is connected to a P2P
link. In this case, force-true can be configured to implement rapid network
convergence.
 If the Ethernet port works in half-duplex mode, you can configure stp point-
to-point force-true to forcibly set the link type to P2P to implement rapid
network convergence.
4. Run:
stp mcheck
 MCheck is enabled.
On a switching device running MSTP, if an interface is connected to a device
running STP, the interface automatically transitions to the STP mode.
Enabling MCheck on the interface is required because the interface may fail to
automatically transition to the MSTP mode in the following situations:
 The switching device running STP is shut down or moved.
 The switching device running STP transitions to the MSTP mode.
5. Run:
stp transmit-limit packet-number

The maximum number of BPDUs sent by a port within each Hello time is set.
By default, the maximum number of BPDUs that a port sends within each Hello
time is 147.
6. (Optional) Run:
stp edged-port enable

The port is configured as an edge port.

If a device port is connected to a terminal, you can run this command to

configure the port as an edge port.
By default, the port is a non-edge port.
7. Run:
quit

Return to the system view.

8. (Optional) Run:
error-down auto-recovery cause cause-item interval interval-value

The auto recovery function on an edge port is configured. That is, enable the port
in the error-down state to automatically go Up, and set the delay for the transition
from Down to Up.
There is no default value for the recovery time. Therefore, you must specify a
delay when configuring this command.

Follow-up Procedure
When the topology of a spanning tree changes, the forwarding paths to associated VLANs
are changed. Then, ARP entries corresponding to those VLANs on the switching device
need to be updated. MSTP processes ARP entries in either fast or normal mode.
 In fast mode, ARP entries to be updated are directly deleted.
 In normal mode, ARP entries to be updated are rapidly aged.
The remaining lifetime of ARP entries to be updated is set to 0. The switching
device rapidly processes these aged entries. If the number of ARP aging probe
attempts is not set to 0, ARP implements aging probe for these ARP entries.
In either fast or normal mode, MAC entries are directly deleted.
You can run the stp converge { fast | normal } command in the system view to configure
the MSTP convergence mode.
By default, the MSTP convergence is configured as normal.

NOTE:

The normal mode is recommended. If the fast mode is adopted, ARP entries will be frequently deleted,
causing the CPU usage on the MPU or LPU to reach 100%. As a result, network flapping frequently occurs.

9.3.4 Checking the Configuration

After MSTP parameters are configured, check whether the configurations take effect.

Prerequisites
The configurations of MSTP parameters are complete.

Procedure
 Run the display stp [ instance instance-id ] [ interface { interface-type interface-
number } ] [ brief ] command to view spanning-tree status and statistics.

9.4 Configuring MSTP Protection Functions

MSTP protection functions are as follows, and you can configure one or more functions as
required.

9.4.1 Establishing the Configuration Task

Before configuring MSTP protection functions, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This will
help you complete the configuration task quickly and accurately.

Applicable Environment
MSTP provides the following protection functions, as listed in Table 9-6.
Table 9-6 MSTP protection

MSTP Scenario Configuration Impact

Protection

BPDU An edge port changes to be a After BPDU protection is enabled on the

protection non-edge port after receiving a switching device, the switching device shuts
BPDU, which triggers down the edge port if the edge port receives an
spanning tree recalculation. If RST BPDU, and notifies the NMS of the
an attacker keeps sending shutdown event. The attributes of the edge port
bogus BPDUs to a switching are not changed.
device, network flapping
occurs.
 MSTP Scenario Configuration Impact
Protection

TC protection Generally, after receiving TC TC protection is used to suppress TC-BPDUs.

BPDUs (packets for The number of times that TC-BPDUs are
advertising network topology processed by a switching device within a given
changes), a switching device time period is configurable. If the number of TC-
needs to delete MAC entries BPDUs that the switching device receives within
and ARP entries. Frequent the given time exceeds the specified threshold,
deletion operations will the switching device handles TC-BPDUs only
exhaust CPU resources. for the specified number of times. Excessive TC-
BPDUs are processed by the switching device as
a whole for once after the timeout period
expires. This protects the switching device from
frequently deleting MAC entries and ARP
entries, thus avoiding over-burden.

Root protection Due to incorrect To address this issue, the root protection
configurations or malicious function can be configured to protect the root
attacks on the network, a root bridge by preserving the role of the designated
bridge may receive BPDUs port. With this function, when the designated
with a higher priority. port receives RST BPDUs with a higher priority,
Consequently, the legitimate the port enters the Discarding state and does not
root bridge is no longer able to forward the BPDUs. If the port does not receive
serve as the root bridge, and any RST BPDUs with a higher priority for a
the network topology is certain period (double the Forward Delay), the
illegitimately changed, port transitions to the Forwarding state.
triggering spanning tree
recalculation. This may
transfer traffic from high-
speed links to low-speed links,
causing traffic congestion.

Loop A root port or an alternate port The loop protection function can be used to
protection will age if link congestion or a prevent such network loops. If the root port or
one-way link failure occurs. alternate port cannot receive RST BPDUs from
After the root port ages, a the upstream switching device, the root port is
switching device may re-select blocked and the switching device notifies the
a root port incorrectly and NMS that the port enters the Discarding state.
after the alternate port ages, The blocked port remains in the Blocked state
the port enters the Forwarding and no longer forwards packets. This prevents
state. Loops may occur in such loops on the network. The root port restores the
a situation. Forwarding state after new RST BPDUs are
received.

Pre-configuration Tasks
Before configuring MSTP protection functions on a switching device, complete the
following task:
  Configuring basic MSTP functions

NOTE:
Configuring an edge port on the switching device before configuring BPDU protection.

Data Preparation
To configure MSTP protection functions on a switching device, you need the following
data.

No. Data

1 Number of the port on which root protection is to be enabled

2 Number of the port on which loop protection is to be enabled

9.4.2 Configuring BPDU Protection on a Switching Device

After BPDU protection is enabled on a switching device, the switching device shuts down
an edge port if the edge port receives a BPDU, and notifies the NMS of the shutdown
event.

Context
Edge ports are directly connected to user terminals and normally, the edge ports will not
receive BPDUs. Some attackers may send pseudo BPDUs to attach the switching device. If
the edge ports receive the BPDUs, the switching device automatically sets the edge ports as
non-edge ports and triggers new spanning tree calculation. Network flapping then occurs.
BPDU protection can be used to protect switching devices against network attacks.

NOTE:
Do as follows on a switching device having an edge port.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp bpdu-protection

BPDU protection is enabled on the switching device.

By default, BPDU protection is not enabled on the switching device.
9.4.3 Configuring TC Protection on a Switching Device
After TC protection is enabled, you can set the number of times for an MSTP process to
process TC-BPDUs within a given time. TC protection avoids frequent deletion of MAC
address entries and ARP entries, thereby protecting switching devices.

Context
An attacker may send pseudo TC-BPDUs to attack switching devices. Switching devices
receive a large number of TC BPDUs in a short time and delete entries frequently, which
burdens system processing and degrades network stability.
TC protection is used to suppress TC-BPDUs. The number of times that TC-BPDUs are
processed by a switching device within a given time period is configurable. If the number
of TC-BPDUs that the switching device receives within a given time exceeds the specified
threshold, the switching device handles TC-BPDUs only for the specified number of times.
Excessive TC-BPDUs are processed by the switching device as a whole for once after the
timer (that is, the specified time period) expires. This protects the switching device from
frequently deleting MAC entries and ARP entries, thus avoiding over-burdened.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
stp tc-protection

TC protection is enabled for the MSTP process.

By default, TC protection is enabled on the switching device.
3. Run:
stp tc-protection threshold threshold

The threshold of the number of times the MSTP process handles the received TC-
BPDUs and updates forwarding entries within a given time is set.

NOTE:
The value of the given time is consistent with the MSTP Hello time set by using the stp timer
hello hello-time command.

9.4.4 Configuring Root Protection on an Interface

The root protection function on a switching device protects a root bridge by preserving the
role of a designated port.
Context
Due to incorrect configurations or malicious attacks on the network, a root bridge may
receive BPDUs with a higher priority. Consequently, the legitimate root bridge is no longer
able to serve as the root bridge, and the network topology is illegitimately changed,
triggering spanning tree recalculation. This also may cause the traffic that should be
transmitted over high-speed links to be transmitted over low-speed links, leading to
network congestion. The root protection function on a switching device is used to protect
the root bridge by preserving the role of the designated port.

NOTE:
Root protection is configured on a designated port. It takes effect only when being configured on the port that
functions as a designated port on all MSTIs. If root protection is configured on other types of ports, it does not
take effect.

Do as follows on a root bridge in an MST region:

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. Run:
stp root-protection

Root protection is configured on the switching device.

By default, root protection is disabled.

9.4.5 Configuring Loop Protection on an Interface

The loop protection function suppresses the loops caused by link congestion.

Context
On a network running MSTP, a switching device maintains the root port status and status of
blocked ports by receiving BPDUs from an upstream switching device. If the switching
device cannot receive BPDUs from the upstream because of link congestion or
unidirectional-link failure, the switching device re-selects a root port. The original root port
becomes a designated port and the original blocked ports change to the Forwarding state.
This may cause network loops. To address such a problem, configure loop protection.
After loop protection is configured, if the root port or alternate port does not receive
BPDUs from the upstream switching device, the root port is blocked and the switching
device notifies the NMS that the port enters the Discarding state. The blocked port remains
in the Blocked state and no longer forwards packets. This prevents loops on the network.
The root port restores the Forwarding state after receiving new BPDUs.

NOTE:
An alternate port is a backup port of a root port. If a switching device has an alternate port, you need to
configure loop protection on both the root port and the alternate port.

Do as follows on a root port and an alternate port on a switching device in an MST region:

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. Run:
stp loop-protection

Loop protection for the root port is configured on the switching device.
By default, loop protection is disabled.

9.4.6 Checking the Configuration

After MSTP protection functions are configured, check whether the configurations take
effect.

Prerequisites
All configurations of MSTP protection functions are complete.

Procedure
 Run the display stp [ instance instance-id ] [ interface { interface-type interface-
number } ] [ brief ] command to view spanning-tree status and statistics.

9.5 Configuring MSTP Interoperability Between

Huawei Devices and Non-Huawei Devices
To enable Huawei devices to interwork with non-Huawei devices, configure proper
parameters and functions, including the BPDU format, MSTP protocol packet format, and
digest snooping function, on the Huawei devices running MSTP.

9.5.1 Establishing the Configuration Task

Before configuring MSTP interoperability between Huawei devices and non-Huawei
devices, familiarize yourself with the applicable environment, complete the pre-
configuration tasks, and obtain the data required for the configuration. This will help you
complete the configuration task quickly and accurately.

Applicable Environment
On an MSTP network, inconsistent protocol packet formats and BPDU keys may lead to a
communication failure. Configuring proper MSTP parameters on Huawei devices ensures
interoperability between Huawei devices and non-Huawei devices.

Pre-configuration Tasks
Before configuring MSTP interoperability between Huawei devices and non-Huawei
devices, complete the following task:
 Configuring basic MSTP functions

Data Preparation
To configure MSTP interoperability between Huawei devices and non-Huawei devices, you
need the following data.

No. Data

1 BPDU format

2 MSTP protocol packet format

9.5.2 Configuring a Proposal/Agreement Mechanism

To enable Huawei Datacom devices to communicate with non-Huawei devices, configure a
proper rapid transition mechanism on Huawei devices according to the Proposal/Agreement
mechanism on non-Huawei devices.

Context
The rapid transition mechanism is also called the Proposal/Agreement mechanism.
Switching devices currently support the following modes:
 Enhanced mode: The current interface counts a root port when it computes the
synchronization flag bit.
 An upstream device sends a Proposal message to a downstream device,
requesting rapid status transition. After receiving the message, the downstream
device sets the port connected to the upstream device as a root port and blocks
all non-edge ports.
 The upstream device then sends an Agreement message to the downstream
device. After the downstream device receives the message, the root port
transitions to the Forwarding state.
 The downstream device then responds to the Proposal message with an
Agreement message. After receiving the message, the upstream device sets the
port connected to the downstream device as a designated port, and the
designated port transitions to the Forwarding state.
 Common mode: The current interface ignores the root port when it computes the
synchronization flag bit.
  An upstream device sends a Proposal message to a downstream device,
requesting rapid status transition. After receiving the message, the downstream
device sets the port connected to the upstream device as a root port and blocks
all non-edge ports. The root port then transitions to the Forwarding state.
 The downstream device responds to the Proposal message with an Agreement
message. After receiving the message, the upstream device sets the port
connected to the downstream device as a designated port. The designated port
then transitions to the Forwarding state.
When Huawei Datacom devices are interworking with non-Huawei devices, select either
mode depending on the Proposal/Agreement mechanism on non-Huawei devices.

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. Run:
stp no-agreement-check

The common rapid transition mechanism is configured.

By default, the interface uses the enhanced rapid transition mechanism.

9.5.3 Configuring the MSTP Protocol Packet Format on an

Interface
MSTP protocol packets can be transmitted in auto, dot1s, or legacy mode. The default
mode is auto.

Context
MSTP protocol packets have two formats: dot1s (IEEE 802.1s standard packets) and legacy
(proprietary protocol packets). The auto mode is introduced to allow an interface to
automatically use the format of MSTP protocol packets sent from the remote interface. In
this manner, the two interfaces use the same MSTP protocol packet format.
Do as follows on a switching device in an MST region:

Procedure
1. Run:
system-view
 The system view is displayed.
2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. Run:
stp compliance { auto | dot1s | legacy }

The MSTP protocol packet format is configured on the interface.

The auto mode is used by default.

NOTE:
If the format of MSTP packets is set to dot1s on one end and legacy on the other end, the
negotiation fails.

9.5.4 Enabling the Digest Snooping Function

When a Huawei device is connected to a non-Huawei device, if the region names, revision
numbers, and VLAN-to-instance mappings configured on the two devices are consistent but
the BPDU keys are different, the two devices cannot communicate. To address this
problem, enable the digest snooping function on the Huawei device.

Context
Do as follows on a switching device in an MST region:

Procedure
1. Run:
system-view

The system view is displayed.

2. Run:
interface interface-type interface-number

The Ethernet interface view is displayed.

3. Run:
stp config-digest-snoop

The digest snooping function is enabled.

9.5.5 Checking the Configuration

After MSTP parameters are configured for the interoperability between Huawei devices
and non-Huawei devices, check whether the configurations take effect.

Prerequisites
All the configurations for the interoperability between Huawei devices and non-Huawei
devices are complete.

Procedure
 Run the display stp [ instance instance-id ] [ interface { interface-type interface-
number } ] [ brief ] command to view spanning-tree status and statistics.

9.6 Maintaining MSTP

MSTP maintenance includes resetting MSTP statistics.

9.6.1 Clearing MSTP Statistics

You can run the reset commands to reset MSTP statistics to 0.

Context

CAUTION:
MSTP statistics cannot be restored after you clear them. Therefore, exercise caution when
using the reset commands.
After you confirm that MSTP statistics need to be cleared, run the following command in
the user view.

Procedure
1. Run the reset stp [ interface interface-type interface-
number ] statistics command to clear spanning-tree statistics.

9.7 Configuration Examples

This section provides an MSTP configuration example.

9.7.1 Example for Configuring Basic MSTP Functions

Networking Requirements
SwitchA, SwitchB, SwitchC, and SwitchD run MSTP. In this example, MSTP runs on
Layer 2 interfaces of the Switches.
Figure 9-7 Networking diagram of basic MSTP configurations

Configuration Roadmap
The configuration roadmap is as follows:
1. Add SwitchA and SwitchC to MST region RG1, and create MSTI1.
2. Add SwitchB and SwitchD to MST region RG2, and create MSTI1.
3. Configure SwitchA as the CIST root.
4. In RG1, configure SwitchA as the CIST regional root and regional root of
MSTI1. Configure the root protection function on Eth 0/0/2 and the Eth 0/0/1
on SwitchA.
5. In RG2, configure SwitchB as the CIST regional root and SwitchD as the
regional root of MSTI1.
6. On SwitchC and SwitchD, connect Eth 0/0/1 to a PC and configure Eth 0/0/1 as
an edge port. Enable BPDU protection on SwitchC and SwitchD.
7. Configure the Switches to calculate the path cost by using the Huawei-
proprietary algorithm.

Data Preparation
To complete the configuration, you need the following data:
 Region that SwitchA and SwitchC belong to: RG1
 Region that SwitchB and SwitchD belong to: RG2
 Numbers of the Eth interfaces, as shown in Figure 9-7
 VLAN IDs: 1-20

Procedure
1. Configure SwitchA.
# Configure the MST region on SwitchA.
<SwitchA> system-view
[SwitchA] stp region-configuration
[SwitchA-mst-region] region-name RG1
[SwitchA-mst-region] instance 1 vlan 1 to 10
 # Activate the configuration of the MST region.
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit

# Set the priority of SwitchA in MSTI0 to 0 to ensure that SwitchA functions as

the CIST root.
[SwitchA] stp instance 0 priority 0

# Set the priority of SwitchA in MSTI1 to 1 to ensure that SwitchA functions as

the regional root of MSTI1.
[SwitchA] stp instance 1 priority 0

# Configure SwitchA to use the Huawei-proprietary algorithm to calculate the

path cost.
[SwitchA] stp pathcost-standard legacy

# Create VLANs 2 to 20.

[SwitchA] vlan batch 2 to 20

# Add Eth 0/0/2 to the VLANs.

[SwitchA] interface Ethernet 0/0/2
[SwitchA-Ethernet0/0/2] port link-type trunk
[SwitchA-Ethernet0/0/2] port trunk allow-pass vlan 1 to 20
[SwitchA-Ethernet0/0/2] bpdu enable
[SwitchA-Ethernet0/0/2] quit

# Add Eth 0/0/1 to the VLANs.

[SwitchA] interface Ethernet 0/0/1
[SwitchA-Ethernet0/0/1] port link-type trunk
[SwitchA-Ethernet0/0/1] port trunk allow-pass vlan 1 to 20
[SwitchA-Ethernet0/0/1] bpdu enable
[SwitchA-Ethernet0/0/1] quit

# Enable root protection on the Eth 0/0/1.

[SwitchA] interface Ethernet 0/0/1
[SwitchA-Ethernet0/0/1] stp root-protection
[SwitchA-Ethernet0/0/1] quit

# Enable root protection on the Eth 0/0/2.

[SwitchA] interface Ethernet 0/0/2
[SwitchA-Ethernet0/0/2] stp root-protection
[SwitchA-Ethernet0/0/2] quit

# Enable MSTP.
[SwitchA] stp enable

2. Configure SwitchB.
# Configure the MST region on SwitchB.
[SwitchB] stp region-configuration
[SwitchB-mst-region] region-name RG2
[SwitchB-mst-region] instance 1 vlan 1 to 10

# Activate the configuration of the MST region.

[SwitchB-mst-region] active region-configuration
[SwitchB-mst-region] quit
 # Set the priority of SwitchB in MSTI0 to 4096 to ensure that SwitchB functions
as the CIST root.
[SwitchB] stp instance 0 priority 4096

# Configure SwitchB to use the Huawei-proprietary algorithm to calculate the

path cost.
[SwitchB] stp pathcost-standard legacy

# Create VLANs 2 to 20.

[SwitchB] vlan batch 2 to 20

# Add Eth 0/0/1 to the VLANs.

[SwitchB] interface Ethernet 0/0/1
[SwitchB-Ethernet0/0/1] port link-type trunk
[SwitchB-Ethernet0/0/1] port trunk allow-pass vlan 1 to 20
[SwitchB-Ethernet0/0/1] bpdu enable
[SwitchB-Ethernet0/0/1] quit

# Add Eth 0/0/2 to the VLANs.

[SwitchB] interface Ethernet 0/0/2
[SwitchB-Ethernet0/0/2] port link-type trunk
[SwitchB-Ethernet0/0/2] port trunk allow-pass vlan 1 to 20
[SwitchB-Ethernet0/0/2] bpdu enable
[SwitchB-Ethernet0/0/2] quit

# Enable MSTP.
[SwitchB] stp enable

3. Configure SwitchC.
# Configure the MST region on SwitchC.
[SwitchC] stp region-configuration
[SwitchC-mst-region] region-name RG1
[SwitchC-mst-region] instance 1 vlan 1 to 10

# Activate the configuration of the MST region.

[SwitchC-mst-region] active region-configuration
[SwitchC-mst-region] quit

# Configure SwitchC to use the Huawei-proprietary algorithm to calculate the

path cost.
[SwitchC] stp pathcost-standard legacy

# Enable BPDU protection.

[SwitchC] stp bpdu-protection

# Create VLANs 2 to 20.

[SwitchC] vlan batch 2 to 20

# Add Eth 0/0/2 to the VLANs.

[SwitchC] interface Ethernet 0/0/2
[SwitchC-Ethernet0/0/2] port link-type trunk
[SwitchC-Ethernet0/0/2] port trunk allow-pass vlan 1 to 20
[SwitchC-Ethernet0/0/2] bpdu enable
[SwitchC-Ethernet0/0/2] quit

# Add Eth 0/0/3 to the VLANs.

[SwitchC] interface Ethernet 0/0/3
 [SwitchC-Ethernet0/0/3] port link-type trunk
[SwitchC-Ethernet0/0/3] port trunk allow-pass vlan 1 to 20
[SwitchC-Ethernet0/0/3] bpdu enable
[SwitchC-Ethernet0/0/3] quit

# Configure Eth 0/0/1 as an edge port.

[SwitchC] interface Ethernet 0/0/1
[SwitchC-Ethernet0/0/1] stp edged-port enable
[SwitchC-Ethernet0/0/1] port hybrid pvid vlan 20
[SwitchC-Ethernet0/0/1] port hybrid untagged vlan 20
[SwitchC-Ethernet0/0/1] quit

# Enable MSTP.
[SwitchC] stp enable

4. Configure SwitchD.
# Configure the MST region on SwitchD.
[SwitchD] stp region-configuration
[SwitchD-mst-region] region-name RG2
[SwitchD-mst-region] instance 1 vlan 1 to 10

# Activate the configuration of the MST region.

[SwitchD-mst-region] active region-configuration
[SwitchD-mst-region] quit

# Set the priority of SwitchD in MSTI1 to 0 to ensure that SwitchD functions as

the regional root of MSTI1.
[SwitchD] stp instance 1 priority 0

# Configure SwitchD to use the Huawei-proprietary algorithm to calculate the

path cost.
[SwitchD] stp pathcost-standard legacy

# Enable BPDU protection.

[SwitchD] stp bpdu-protection

# Create VLANs 2 to 20.

[SwitchD] vlan batch 2 to 20

# Add Eth 0/0/2 to the VLANs.

[SwitchD] interface Ethernet 0/0/2
[SwitchD-Ethernet0/0/2] port link-type trunk
[SwitchD-Ethernet0/0/2] port trunk allow-pass vlan 1 to 20
[SwitchD-Ethernet0/0/2] bpdu enable
[SwitchD-Ethernet0/0/2] quit

# Add Eth 0/0/3 to the VLANs.

[SwitchD] interface Ethernet 0/0/3
[SwitchD-Ethernet0/0/3] port link-type trunk
[SwitchD-Ethernet0/0/3] port trunk allow-pass vlan 1 to 20
[SwitchD-Ethernet0/0/3] bpdu enable
[SwitchD-Ethernet0/0/3] quit

# Configure Eth 0/0/1 as an edge port.

[SwitchD] interface Ethernet 0/0/1
[SwitchD-Ethernet0/0/1] stp edged-port enable
[SwitchD-Ethernet0/0/1] port hybrid pvid vlan 10
 [SwitchD-Ethernet0/0/1] port hybrid untagged vlan 10
[SwitchD-Ethernet0/0/1] quit

# Enable MSTP.
[SwitchD] stp enable

5. Verify the configuration.

After the preceding configurations are complete and the network topology
becomes stable, perform the following operations to verify the configuration.
# Run the display stp brief command on SwitchA to view the status and
protection type on the interfaces. The displayed information is as follows:
<SwitchA> display stp brief
MSTID Port Role STP State Protection
0 Ethernet0/0/1 DESI FORWARDING ROOT
0 Ethernet0/0/2 DESI FORWARDING ROOT
1 Ethernet0/0/1 DESI FORWARDING ROOT
1 Ethernet0/0/2 DESI FORWARDING ROOT

The priority of SwitchA is the highest in the CIST; therefore, SwitchA is elected
as the CIST root and regional root of RG1. Eth 0/0/2 and Eth 0/0/1 of SwitchA
are designated ports in the CIST.
The priority of SwitchA in MSTI1 is the highest in RG1; therefore, SwitchA is
elected as the regional root of SwitchA. Eth 0/0/2 and Eth 0/0/1 of SwitchA are
designated ports in MSTI1.
# Run the display stp interface brief commands on SwitchC. The displayed
information is as follows:
<SwitchC> display stp interface Ethernet 0/0/3 brief
MSTID Port Role STP State Protection
0 Ethernet0/0/3 ROOT FORWARDING NONE
1 Ethernet0/0/3 ROOT FORWARDING NONE
<SwitchC> display stp interface Ethernet 0/0/2 brief
MSTID Port Role STP State Protection
0 Ethernet0/0/2 DESI FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE

Eth 0/0/3 of SwitchC is the root port in the CIST and MSTI1. Eth 0/0/2
of SwitchC is a designated port in the CIST and MSTI1.
# Run the display stp brief command on SwitchB. The displayed information is
as follows:

<SwitchB> display stp brief

MSTID Port Role STP State Protection
0 Ethernet0/0/1 DESI FORWARDING NONE
0 Ethernet0/0/2 ROOT FORWARDING NONE
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 MAST FORWARDING NONE

The priority of SwitchB in the CIST is lower than that of SwitchA; therefore, Eth
0/0/2 of SwitchB functions as the root port in the CIST. SwitchA and SwitchB
belong to different regions; therefore, Eth 0/0/2 of SwitchB functions as the
master port in MSTI1. In MSTI1, the priority of SwitchB is lower than that
of SwitchD; therefore, Eth 0/0/1 of SwitchB functions as the root port. The
 priority of SwitchB in the CIST is higher than that of SwitchB; therefore, Eth
0/0/1 of SwitchB functions as the designated port in the CIST.
# Run the display stp interface brief commands on SwitchD. The displayed
information is as follows:
<SwitchD> display stp interface Ethernet 0/0/3 brief
MSTID Port Role STP State Protection
0 Ethernet0/0/3 ROOT FORWARDING NONE
1 Ethernet0/0/3 DESI FORWARDING NONE
<SwitchD> display stp interface Ethernet 0/0/2 brief
MSTID Port Role STP State Protection
0 Ethernet0/0/2 ALTE DISCARDING NONE
1 Ethernet0/0/2 ALTE DISCARDING NONE

On SwitchD, Eth 0/0/2 functions as the alternate port in the CIST. SwitchD
and SwitchC are in different regions; therefore, Eth 0/0/2 of SwitchD also
functions as the alternate port in MSTI1.
Eth 0/0/3 of SwitchD is the root port in the CIST. The priority of SwitchD is
higher than that of SwitchB in MSTI1; therefore, Eth 0/0/3 also functions as the
designated port in MSTI1.

Configuration Files
 Configuration file of SwitchA
#
sysname SwitchA
#
vlan batch 2 to 20
#
stp instance 0 priority 0
stp instance 1 priority 0
stp pathcost-standard legacy
stp region-configuration
region-name RG1
instance 1 vlan 1 to 10
active region-configuration
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 1 to 20
stp root-protection
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 1 to 20
stp root-protection
#
return

 Configuration file of SwitchB

#
sysname SwitchB
#
vlan batch 2 to 20
#
stp instance 0 priority 4096
 stp pathcost-standard legacy
stp region-configuration
region-name RG2
instance 1 vlan 1 to 10
active region-configuration
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 1 to 20
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 1 to 20
#
return

 Configuration file of SwitchC

#
sysname SwitchC
#
vlan batch 2 to 20
#
stp bpdu-protection
stp pathcost-standard legacy
stp region-configuration
region-name RG1
instance 1 vlan 1 to 10
active region-configuration
#
interface Ethernet0/0/1
port hybrid pvid vlan 20
port hybrid untagged vlan 20
stp edged-port enable
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 1 to 20
#
interface Ethernet0/0/3
port link-type trunk
port trunk allow-pass vlan 1 to 20
#
return

 Configuration file of SwitchD

#
sysname SwitchD
#
vlan batch 2 to 20
#
stp instance 1 priority 0
stp bpdu-protection
stp pathcost-standard legacy
stp region-configuration
region-name RG2
instance 1 vlan 1 to 10
active region-configuration
#
interface Ethernet0/0/1
port hybrid pvid vlan 10
port hybrid untagged vlan 10
stp edged-port enable
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 1 to 20
#
interface Ethernet0/0/3
port link-type trunk
port trunk allow-pass vlan 1 to 20
#
return