Enabling portfast

Unanswered Question
May 19th, 2008

We have dhcp configure on our routers,

however it takes sometime for hosts

to get an IP address. And sometimes they

get a 169. address, which leads to troubleshooting the physical layer connection.

I would like to configure portfast on all

host ports, however-there are rouge

hubs and netgear switches on the floor.

If I configure bpdu guard, will this

still allow me to configure porfast?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Edison Ortiz Mon, 05/19/2008 - 19:49

You can configure bpduguard along with portfast, however if the Netgear switches do not send BPDUs, enabling bpduguard will not help preventing a loop.

I suggest enabling portfast in all host ports and also implement port-security with a limit of 1 per port, in order to prevent those rouge hubs and switches.

HTH,

__

Edison.

joseph.derrick Mon, 05/19/2008 - 22:05

It is highly recommended to configure portfast on access ports to put the port in forwarding state automatically without going through the other states.

On the other hand, you can still configure portfast along with bpduguard. Bpduguard tells the access port not to receive BPDUs so it's basically ok.

Please rate if it helps.

Thanks,

Deejay

nygenxny123 Tue, 05/20/2008 - 07:20

so if the hub/switch on the floor is not sending a bpdu...there is no chance of this causing a loop..right?

mattcalderon Tue, 05/20/2008 - 07:32

As edison stated above if those devices do not send a BPDU, then you can not prevent them from forming a loop. So yes there IS a chance of a loop being formed. If the device does not send a BPDU, then it just means it is not participating in spanning tree.

Edison Ortiz Tue, 05/20/2008 - 07:32

BPDU is not what causes a loop.

A loop is caused if the switch learns a group of MAC Addresses via one switchport (a switchport connection from a hub) and the same group of MAC Address via another switchport (the same hub connecting to the same switch).

The switch won't be able to determine which is the correct egress port hence causing the loop.

In a switched network, when you have multiple inter-switch links you have 2 options:

1) Configure Etherchanneling

2) Sacrifice one of those links. The Spanning-Tree Protocol will place one of those inter-switch links in blocking mode. STP learns about those inter-switch links by receiving BPDUs.

Thus, BPDU contributes on the loop prevention mechanism and having hubs and switches that do not send BPDU in your switched network, can increase the risk of a loop.

HTH,

__

Edison.

Actions

This Discussion