We have a LAN with Cisco switches, redundant cabling and spanning tree. If I understand it correctly, when I pull out a redundant cable (that is currently "used" by the spanning tree) it takes several seconds until the spanning tree converges in reaction. How can I prevent this packet loss (assuming of course I know beforehand that the cable will be pulled)? That is, how can I make the spanning tree adapt "proactively"?
I would have guessed that an interface shutdown
plus waiting a couple of seconds should suffice, but did not dare to try that out yet. Actually, I am afraid an interface shutdown would cause the same interruption times during convergence because I suffered from such an interruption yesterday when makeing a supposedly harmless configuration change at some interfaces. (Edit: I just confimed this experimentally; as expected there was some 20 seconds of interruption after interface shutdown - note that I am looking for a "lossless" soluiton, not just "less loss")
It sounds like you're using class STP instead of rapid STP. Two options will speed up the convergence time significantly.
This should be applied to server interfaces. It will tell STP that there is no switch on the other side of this port, and that it is safe to skip the normal "safe" method of preventing loops. The port should move straight to forwarding.
Enables the newer Rapid Per-VLAN Spanning Tree protocol, which uses messages between switches to enable re-convergence within a couple of seconds rather than 30-45.
You might try setting up a port-channel between your switches instead of redundant single links. This would allow all traffic to fail over to the remaining port if one is lost.
As Keller says, definitely enable portfast facing your edge ports, but that's really not what you're worried about here.
If you're running classic spanning-tree then moving to rapid will help the outage time. Just be aware when you transition from classic to rapid there can be reconvergence, but generally there isn't.
What you are looking for is the spanning tree cost ### command. You just need to make the link that will be taken out of service a higher cost than the redundant link and spanning-tree will block that link and unblock the other. Or depending on your network layout you can run non-looped vlans that don't depend on spanning-tree for loop avoidance and/or outage recovery.
And edit to add... don't forget to remove the spanning-tree cost config after your maintenance and the link is back up, so your network is running the way it was originally designed.