Forum Discussion

Spidey_29396's avatar
Spidey_29396
Icon for Nimbostratus rankNimbostratus
Jun 07, 2017

STP and LACP best practices

We have a BIGIP to be connected to Nexus device. What are the scenarios that STP at LACP are needed to be disabled? What are the best practices for STP and LACP?

 

application delivery
BIG-IP
LTM
  • eben_259100's avatar
    eben_259100
    Icon for Cirrostratus rankCirrostratus
    Jun 07, 2017

    LACP is needed if you want to setup a PortChannel to the Nexus (Trunks in F5 terms), You can make it active or passive. I will suggest Active. Please leave the LACP LB as "Src/Dst IP and Port". It works in most scenarios. or you change to what suits for your network. For STP you can leave the default on the F5 box but manually Prune allowed vlans on the Nexus Portchannel to the F5.

     

    HTH

     

    • John_Heyer_1508's avatar
      John_Heyer_1508
      Icon for Cirrostratus rankCirrostratus
      Jun 08, 2017

      Generally speaking there is no need to change STP settings on the F5. This is because by default, the F5 BIGIP runs in "Pass Through" mode and doesn't send BPDUs to neighboring switches. That being said, I did notice starting with 11.6.0 they recommend using MST if the interfaces use VLAN tagging. I'd assume this would be considered best practice whether the Cisco is running MST or R-PVST+ (which would be the default)

       

      K7577: BIG-IP LTM spanning tree compatibility with tagged VLANs

       

      I agree with eben that to form the PortChannels (Trunks as F5 calls them) use LACP, passive on the Switch and active on the F5. Also, FWIW, I'd recommend enabling LLDP on both sides to help trace the physical cable connections.

       

  • eben's avatar
    eben
    Icon for Nimbostratus rankNimbostratus
    Jun 07, 2017

    LACP is needed if you want to setup a PortChannel to the Nexus (Trunks in F5 terms), You can make it active or passive. I will suggest Active. Please leave the LACP LB as "Src/Dst IP and Port". It works in most scenarios. or you change to what suits for your network. For STP you can leave the default on the F5 box but manually Prune allowed vlans on the Nexus Portchannel to the F5.

     

    HTH

     

    • John_Heyer_1508's avatar
      John_Heyer_1508
      Icon for Cirrostratus rankCirrostratus
      Jun 08, 2017

      Generally speaking there is no need to change STP settings on the F5. This is because by default, the F5 BIGIP runs in "Pass Through" mode and doesn't send BPDUs to neighboring switches. That being said, I did notice starting with 11.6.0 they recommend using MST if the interfaces use VLAN tagging. I'd assume this would be considered best practice whether the Cisco is running MST or R-PVST+ (which would be the default)

       

      K7577: BIG-IP LTM spanning tree compatibility with tagged VLANs

       

      I agree with eben that to form the PortChannels (Trunks as F5 calls them) use LACP, passive on the Switch and active on the F5. Also, FWIW, I'd recommend enabling LLDP on both sides to help trace the physical cable connections.