Spanning Tree Protocol on the Overlay Network

Overview

Airwall Gateways can emit and participate in Spanning Tree Protocol (STP), helping reduce network loops and allowing for link redundancy.

How an Airwall Gateway interacts with existing STP infrastructure varies depending on the installed firmware version.

1.12.4 - 1.12.6

Airwall Gateways/HIPswitches running versions 1.12.4 through 1.12.6 have STP enabled on the overlay network interface by default. It is not configurable or able to be disabled.

STP bridge priority is 32768

2.0.x

Airwall Gateways/HIPswitches running versions 2.0.x provide an option to disable STP if not needed. The feature is enabled by default.

STP bridge priority is 32767.

2.1.x

Airwall Gateways/HIPswitches running versions 2.1.x or greater will not enable STP if there is only one network interface configured for the overlay network. By default, -100 and -200 series Airwall Gateway/HIPswitches enable the feature.

Note: Conductor provides a setting to enable or disable STP for these platforms; however, this has no affect to the running unit, as it will not enable.

STP bridge priority is 61440.

Recommendations

If multiple network interfaces are configured with the Underlay role, they are put into a bridge, and STP is enabled. STP on this bridge does is not configurable, nor can it be disabled.