how to do loop protection in Catalyst 4500?

Unanswered Question
Apr 8th, 2008
User Badges:

Guys can anyone help me and till how to protect Catalyst 4500 operations against looping?

the problem is that i have the STP enabled on the front ports of the Cat4500 which used to carry uplinks of edge switches (cisco and non-cisco), so whenever a loop happens on one of these edge switches, it reflects to the backbone Cat4500 and increase its CPU utilization to 99% and bring the operations down

- In Nortel passport switches there is a kind of a protection technique that disable the port source of looping automatically as soon as loop behaviour detected, does Cisco has something similar or any technique to provent looping?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Tue, 04/08/2008 - 04:29
User Badges:
  • Green, 3000 points or more

Mohammed,


The first thing you should do is to troubleshoot why there is a loop being formed in the first place rather than trying to disable the port when it does.


There are quite of a lot of STP features that can be used to prevent loops that are formed accidentally.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/stp_enha.html


HTH

Narayan

jgreenwoodii Tue, 04/08/2008 - 09:43
User Badges:

For starters I would figure out where the root is for my vlans "spanning-tree root detail" If the root for your vlans are not where they should be then you need to adjust the priority's accordingly on each vlan to position your root bridge ie 4500 as the the root for all vlans. You can use the "spanning-tree vlan X root primary"


Secondly on your uplinks depending on whether they are fiber you can use "udld enable" or copper "udld enable aggressive" on the actual interfaces of the uplinks


You can also enable "spanning-tree guard loop" which turns on loopguard and I would say after you have configured your switch as the root bridge for all vlans you can enable rootguard on the uplinks as an extra precaution.


Also with these features if triggered the port will go down into an errdisable state or loop inconsistent state so make sure you set the "errdisable recovery" method under global config or otherwise manually do a shut/ no shut on each affected interface.

Actions

This Discussion