cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
694
Views
0
Helpful
6
Replies

Placing of STP features

kian_hong2000
Level 1
Level 1

From what i have read from the book, can i say that the placing of the following feature are correct from the below answer stated:

Portfast:

Only access switches where interface invlove end-user ports, cisco devices and server ports.

Uplinkfast:

Only access switches where the number of active VLAN is limited.

BackboneFast:

Between Distribution and Core switches where link cores encounter direct failures.

BPDU Guard:

Only access switches where interface configure with portfast feature.

BPDU Filtering:

Only access switches where interface configure with portfast feature.

Root Guard:

Between distribution and access switches.

Loop Guard:

Between Core, Distribution and Core switches where link cores encounter indirect failures.

UDLD:

All Core, Distribution and Core switches where link cores encounter physically link failures.

6 Replies 6

gauravshar
Level 2
Level 2

"Portfast:

Only access switches where interface invlove end-user ports, cisco devices and server ports"

Just remove cisco devices, because you must not configure portfast for port connected to another switch.

Rest looks pretty good.

Good work you have done!

Thanks

--gaurav

Edison Ortiz
Hall of Fame
Hall of Fame

>BPDU Filtering:

> Only access switches where interface configure with portfast feature.

Be careful with BPDU filtering, the global bpdufiltering behaves differently than the interface level bpdufiltering.

The global bpdufiltering removes the portfast feature along with the bpdufiltering feature from a switchport when a bpdu is received.

The interface bpdufiltering blocks the sending/receiving of bdpus and it's not associated to portfast at all.

HTH,

__

Edison.

simonstoll
Level 1
Level 1

Hi

If you can, make it with Rapid Spanning Tree, so you don't have to worry about Uplinkfast and BackboneFast. About the other features: Best pratice for me is to enable Portfast on any port connecting to end devices, and then to switch on BPDU Guard on this ports as well (can be done with bpdu guard default on all portfast ports). Loopguard can be switched on on all Links facing to the STP Root, Rootguard on all Ports where you never to learn a bridge with higher priority as your current STP Root, and finally UDLD on alle Fiber Links interconnecting your switches.

That link shows all the feauters:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swstpopt.html

Simon

Thanks everyone for your information.

I got another questions. I read CCNP BCMSN Command Guide. I does not sure:

1) Why the book say that do not enable root guard on interfaces used by Uplinkfast?

2) From the example given by the book, i found out that root guard is place only at the switch which is in the block state. Why we cannot place it in other states such as forwarding or listening ?

Hi

1.As mentioned in earlier post the root guard is used when the port should not become a root port or in otherwords dont expect any root (or superioir BPDU's) from that port.Now uplink fast is used when two uplink is there towards the root.Hence both contradict and so the uplinkfast interface cannot be enabled with root guard..

2.As far as i know ,root guard can be placed in port in forwarding states also( designated port)..

lets see what other have to say on this..

From where you read this..,can u pls provide the link or something..???

arun

Hi arun,

Thanks for your answer. Oh, I found it in a book called "CCNP BCMSN Portable Command Guide", the author is "Scott Empson"

It can be found under Chapter 3. It show a figure of one core, two distribution and two access switches.

The core is dual link to two distribution switches A and B and two distribution switches are dual link to two access switches C and D. However, one of the access switches C's link is in block state.

The link connected from A, B and D are in forwarding state and the interfaces pointing to C have configure with root guard features

That is the reason why i can confuse with the root guard features. I am wondering is this features normally place at the link where it is in block state.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco