Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
537
Views
0
Helpful
4
Replies

STP portfast with a switch and transparent PIX

bbravo
Level 1
Level 1

‎03-09-2007 08:04 AM - edited ‎03-05-2019 02:48 PM

Thanks to all, I appreciate your input. This is the situation, I have an environment with 2 PIX's in transparent mode active/stdby connected to a 6500 on the inside and a 2950 in the outside, what is the proper configuration for the switch port where the pix connects? should it be configured with STP portfast enabled or should it be disabled? we are having issues when one pix goes down, thank you again!

Labels:
Preview file
27 KB
0 Helpful
4 Replies 4

glen.grant
VIP Alumni
VIP Alumni

‎03-09-2007 09:24 AM

Normally any port that has network equipment attached would have portfast "disabled" .

0 Helpful

Rajat Chauhan
Cisco Employee
Cisco Employee

‎03-10-2007 09:44 AM

Hi,

PortFast is an option that tells the switch that you have a Layer 3 device connected out of a switch port. This causes the switch to put the port into forwarding state immediately after the link comes up, instead of waiting the default 30 seconds (15 seconds for listening, and 15 seconds for learning). It is important to understand that enabling PortFast does not disable spanning tree. Spanning tree is still running on that port; enabling PortFast only tells the switch that there is not another switch or hub (Layer 2-only device) connected at the other end of the link. This causes the switch to bypass the normal 30-second delay while it is trying to determine if bringing up that port will result in a Layer 2 loop. After the link is brought up, it will still participate in spanning tree. BPDUs will still be sent out the port, and the switch will still listen for BPDUs on that port. For these reasons, it is recommended to enable PortFast on any switch port that connects to a PIX. Thus, if the PIX's interface goes down during failover, the switch will not have to wait 30 seconds while the port is transitioned from a listening to learning to forwarding state.

Please rate as applicable.

Regards

Rajat Chauhan

0 Helpful

bbravo
Level 1
Level 1
In response to Rajat Chauhan

‎03-12-2007 01:29 PM

Thanks Rajat, however since this is a PIX running 7.0 in transparent mode, it can be considered a Layer 2 device or bridge, are you sure that what you mentioned above still applies?

0 Helpful

Rajat Chauhan
Cisco Employee
Cisco Employee
In response to bbravo

‎03-13-2007 08:16 PM

Hi,

I guess i missed that. yes, in transparent mode, it'll allow BPDU by default, so you should rather disable portfast on that link.

Regards

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card