Best Solutions for Switching LOOPS

Unanswered Question
Apr 3rd, 2009

Dear All,

I am looking for urgent solution for this problem.We have normal cisco topology having 4 core 8 Dist and more than 500 Access switches.I have configure switches with storm broadcast,But is there any other way to avoid loops and to know quickly where it has originated.Any help on this would be great help.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Fri, 04/03/2009 - 02:41

There are a number of things you can do to mitigate this -

1) STP - obviously. There are also additional features than can be enabled such as BPDUGuard, LoopGuard etc.. -

2) You could look to use port-security on your switches which would allow you to lock down how many mac-addresses can be seen on each port and if you want to you could even go the lengths of hardcoding the mac to the port - not recommended with the size of your environment.

3) 802.1x authentcation - this is a step further where you require a device connecting to a port to authenticate before it is allowed network access.

1) is probably the easiest to implement ie. it's just a few additional commands.

2) is less work if you don't try to hardcode mac to port

3) this is a lot of work as you need authentication servers, 802.1x supplicants etc.


wadekar_nitin2000 Fri, 04/03/2009 - 06:35

Here is the config I have configured on switches ...

interface FastEthernet0/8

switchport access vlan x

switchport mode access

storm-control broadcast level 40.00

storm-control multicast level 40.00

storm-control action shutdown

storm-control action trap

spanning-tree portfast

spanning-tree bpdufilter enable

spanning-tree bpduguard enable

which disable ports one loops detected. 2 thing I am looking for .

1) How to pin point where loop originated quickly

2)Is there any other way to configure switches to avoid loops.

we have only cisco switches/devices in our oraginastaions.Any questions please ask.


This Discussion