ICX 7450 stack with ~100 access switches connected and ~250 VLANs

  • 1
  • Question
  • Updated 5 months ago
Hello to All,
I'm going to design and deploy network infrastructure in huge building based on Brocade ICX switches and other vendor switches (let's say "MS switches"). As I'm new at Brocade, I need to ask for an advice.
The topology will be the star with some redundant links between ICX 7150 (red links in the attached schema).
Core of the network will be the 3-unit stack, consists of ICX 7450-48F switches.
ICX 7150 and "MS switches" (in total, about 100) will act as access switches.
I intend to configure about 250 VLANs on ICX 7450-48F stack, but only a few chosen VLAN IDs will be passed through each trunk port (ranges given in the diagram).
ICX 7450 Stack will be RSTP root with the Root Bridge priority: 4096, ICX 7150 will have Bridge Priority: 16384.
All "MS switches" has RSTP/STP disabled, and only Loop protection enabled.

My questions are:
- Does the ICX 7450 stack handle the calculation of the STP in such large deployment?
- How to properly configure ICX 7450 trunk ports for all "MS Switches" to prevent them from participating in STP topology?
- How to properly configure access ports to prevent from loops on all access switches? Should I use 'stp-bpdu-guard' or 'stp-protect' or something else?
- Should I give up with redundant connections and give up at any kind of STP (clear star topology)?



Photo of Dawid Krawczak

Dawid Krawczak

  • 11 Posts
  • 0 Reply Likes

Posted 5 months ago

  • 1
Photo of Dawid Krawczak

Dawid Krawczak

  • 11 Posts
  • 0 Reply Likes
According to the information contained in "RSTP scaling recommendations and best practices" document, my proposal of use of R-PVST+ or even RSTP in not good due to the large number of VLANs configured (~250). The only option seems to be MSTP.
Does anybody has a experience with that in such complex deployment?
Photo of David Ellis

David Ellis, Employee

  • 20 Posts
  • 2 Reply Likes
The switches will support RPVST, but you may see some CPU overhead based on the number of VLANs. Loop-detection would be the correct answer on the MS-Switches to stop a loop from killing the network. I would suggest MSTP for the network and also pose the question on why you want to disable Spanning-tree on the MS-Switches. It would be a better design to choose a version of STP that will go end-to-end in your network. MSTP is supported by most real switch vendors.
Photo of Dawid Krawczak

Dawid Krawczak

  • 11 Posts
  • 0 Reply Likes
Hi David,
Thank you for your answer. I decided to use MSTP only on Brocade switches (core/access) with stp-bpdu-guard enabled for ports dedicated for MS-Switches. I have also decided to configure errdisable for each port. I would like to avoid recalculation of STP tree each time when all the MS-switches will be restarted.
Do you see any threats related to the lack of MSTP on MS-switches ?
Photo of David Ellis

David Ellis, Employee

  • 20 Posts
  • 2 Reply Likes
If you use BPDU-guard on the ports that connect to other switches, the port will be error-disabled. You just need to use theĀ mstp disable ethernet x/x/x command on the ports to the MS-Switches to disable MSTP going to those devices.