Enabling portfast

Unanswered Question
May 19th, 2008
User Badges:

We have dhcp configure on our routers,

however it takes sometime for hosts

to get an IP address. And sometimes they

get a 169. address, which leads to troubleshooting the physical layer connection.

I would like to configure portfast on all

host ports, however-there are rouge

hubs and netgear switches on the floor.

If I configure bpdu guard, will this

still allow me to configure porfast?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Edison Ortiz Mon, 05/19/2008 - 19:49
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can configure bpduguard along with portfast, however if the Netgear switches do not send BPDUs, enabling bpduguard will not help preventing a loop.

I suggest enabling portfast in all host ports and also implement port-security with a limit of 1 per port, in order to prevent those rouge hubs and switches.




joseph.derrick Mon, 05/19/2008 - 22:05
User Badges:

It is highly recommended to configure portfast on access ports to put the port in forwarding state automatically without going through the other states.

On the other hand, you can still configure portfast along with bpduguard. Bpduguard tells the access port not to receive BPDUs so it's basically ok.

Please rate if it helps.



nygenxny123 Tue, 05/20/2008 - 07:20
User Badges:

so if the hub/switch on the floor is not sending a bpdu...there is no chance of this causing a loop..right?

mattcalderon Tue, 05/20/2008 - 07:32
User Badges:
  • Silver, 250 points or more

As edison stated above if those devices do not send a BPDU, then you can not prevent them from forming a loop. So yes there IS a chance of a loop being formed. If the device does not send a BPDU, then it just means it is not participating in spanning tree.

Edison Ortiz Tue, 05/20/2008 - 07:32
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

BPDU is not what causes a loop.

A loop is caused if the switch learns a group of MAC Addresses via one switchport (a switchport connection from a hub) and the same group of MAC Address via another switchport (the same hub connecting to the same switch).

The switch won't be able to determine which is the correct egress port hence causing the loop.

In a switched network, when you have multiple inter-switch links you have 2 options:

1) Configure Etherchanneling

2) Sacrifice one of those links. The Spanning-Tree Protocol will place one of those inter-switch links in blocking mode. STP learns about those inter-switch links by receiving BPDUs.

Thus, BPDU contributes on the loop prevention mechanism and having hubs and switches that do not send BPDU in your switched network, can increase the risk of a loop.





This Discussion