Loopguard activating for seemingly no reason

[LingaringBell]

I have a 2950 and I got an error in the log the other day that said:

2w3d: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet0/1 on VLAN0014.

Now why I find this weird, other than the fact that there was no loop and loopguard unblocked the port a few seconds later, is that GigabitEthernet0/1 is not on VLAN0014. That port is doing trunking, and its native vlan is VLAN0011 So I'm guessing that I'm misunderstanding this error, could someone please explain to me what could cause this. No wiring had changed and the 2960 that is connected to port GigabitEthernet0/1 did not have any similar errors reported. Thanks.
-Bell

 

[Belushi]

If your link is a trunk, more than likely it is carrying vlan 14 on it in addition to multiple other vlans. This vlan (14) apparently according to the output above did have a temporary loop. Remember that depending on your spanning tree topology there may be many virtual instances of spanning tree on a single link (potentially 1 per vlan).

 

[LingaringBell]

You are correct that vlan14 is being carried on the trunk. I should have added that vlan14 is not really being used by the switch at all. I have an interface vlan14 but it is shutdown, and none of the ports are assigned to vlan14 (as you can see from the show vlan below).

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
2 VLAN0002 active
11 VLAN0011 active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12, Fa0/13, Fa0/14, Fa0/15, Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23, Fa0/24, Gi0/2
12 VLAN0012 active Fa0/16
14 VLAN0014 active
15 VLAN0015 active


Also, the switch is connected to only one other switch through the trunk port. I still do not understand how a loop could have occurred, could you please explain that to me?

 

[vipergg]

Port assignments in a vlan will not show up if it is a trunk port so if vlan 14 is carried across the trunk to another switch its possible that vlan 14 is assigned on that switch and someone caused a loop on that switch which would get carried over to the other switch id spanning tree cannot resolve the loop . I think you can see what the actual ports including trunks are for a vlan with "show vlan id <vlan#> or something close to that .

 

[VinceWhirlwind]

Personally, I like to decide which VLANs I need on each switch and I make sure each Trunk between switches only carries those VLANs I actually need.

eg
interface g0/1
sw mode trunk
sw trunk native vlan 100
sw trunk allow vlan 100,101,102

that sort of thing.

Back to your specific question though, that is weird - what does the log on the switch at the other end of that trunk show?

 

[LingaringBell]

Yea, I have done that in the past, but since I'm working with such a small amount of vlans, I could never really come up with a good reason to only allow (for example) 2 vlans on a trunk instead of 5. It just eliminates a step if I want to assign a new vlan to a port.

The switch on the other end of the trunk had no errors in the log.

 

[LingaringBell]

Ooops, I should add before anyone asks, none of the other switches in my network reported a loop, only this 2950.