Cisco ACI and MST Interaction

Note: The following posts consist of some notes from Cisco ACI White paper


How Does ACI Interact with MST

When Interacting with MST Switches ACI, Additional configuration is required to help ensure that Multiple Spanning Tree (MST) BPDUs flood properly. BPDU frames for Per-VLAN Spanning Tree (PVST) and Rapid Per-VLAN Spanning Tree (RPVST) have a VLAN tag. The Cisco ACI leaf can identify the EPG on which the BPDUs need to be flooded based on the VLAN tag in the frame.

However, for MST (IEEE 802.1s), BPDU frames do not carry a VLAN tag, and the BPDUs are sent over the native VLAN. Typically, the native VLAN is not used to carry data traffic, and the native VLAN may not be configured for data traffic on the Cisco ACI fabric. As a result, to help ensure that MST BPDUs are flooded to the desired ports, the user must create an EPG (an MST EPG) for VLAN 1 as native VLAN to carry the BPDUs. This EPG connects to the external switches that run MST.

In addition, the administrator must configure the mapping of MST instances to VLANs to define which MAC address table must be flushed when a Topology Change Notification (TCN) occurs. When a TCN event occurs on the external Layer 2 network, this TCN reaches the leafs to which it connects via the MST EPG, and flushes the local endpoint information associated with these VLANs on these leafs; as result, these entries are removed from the spine-proxy mapping database.


ACI Required Configuration for MST Interaction

I- Create an EPG for MST Native VLAN:

First, we need to create a dedicated EPG and map it to all ports facing non-ACI switches that run MST. This ensures that ACI will flood the MST BPDUs in the Encap VLAN VNID which is the native VLAN and therefore, the MST BPDU will reach the other MST switches connected to ACI. If, we don’t create static ports with native VLANs connected to MST switches, ACI will drop the MST BPDUs, because the flood is done on the EPG Encap VLAN.

1- Create a dedicated EPG for MST Native VLAN:

2- Add the correct Domain to the EPG which links the EPG to the Interface access policies for the MST switches connected to ACI.

3- Add static ports for the Interface of MST switches and choose untagged option or 802.1P and enter the native VLAN used in the MST topology.


II- Create an MST Spanning Tree Policy

  • Navigate to Fabric > Access Policies > Policies > Switch > Spanning-Tree > default

  • Create MST region policies specifying:
    – The MST region names.
    – The MST instance IDs, revision IDs, and relevant VLAN encapsulations.


  • This ensures that ACI knows:
    – Which EPGs to flush when it receives a TCN
    – Out of Which ports it should forward MST BPDUs.

Bilel Ameur

Enthusiastic Network Engineer specializing in Cisco ACI, passionate about solving challenges. A lifelong learner who loves gaining and sharing knowledge. Profile: https://www.linkedin.com/in/bilel-ameur-71116b2b5
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x