Create a Post
Showing results for 
Search instead for 
Did you mean: 

BDPU/Spanning Tree issue


We are running into an issue where our Cisco switch port goes into err-disable due to BPDU guard.  It only happens on this one port which is a trunk.  This is a VSX FW cluster running multiple VSs.  It only happens to one particular VS instance.  We also are running VMACs as well on the cluster.  This seems to occur at random times and between the active and standby nodes.    eth1-04 is the interface in questions.  It is a 10gb connection.

Sync UP sync(secured), broadcast
eth1-03 UP non sync(non secured), multicast
eth2-08 UP non sync(non secured), multicast
eth1-04 UP non sync(non secured), multicast (eth1-04.112)

Any ideas/help on trying to troubleshoot this from a FW perspective?



0 Kudos
3 Replies

Is there a virtual switch between the VS and the cisco switch or is it just a virtual firewall connected to that vlan interface? I'm a bit rusty on VSX FYI.

0 Kudos

There is no virtual switch involved.  This is just a single 10gb connection assigned to the VS setup as a trunk.  It is directly hooked up to a Cisco 9K.

0 Kudos

Hi Bill,

Did you manage to solve this issue, i was wondering if you did because we have this problem also and are a bit in the dark why this is happening. :S

0 Kudos