broadcast storm and an unstable environment

Unanswered Question
Jul 16th, 2010

Please, could anyone give me some suggested for problem below:

CORE 6509 _____________________ACCESS Switch_______Telephony VOIP

                |                                                                                          |

                |________________________ ACCESS Switch ___________|

Some users are connecting both ethernet jacks from phone on different access switches,

therefore creating a broadcast storm and creating an unstable environment.

Which are best practices to solve this problem?

Could be portsecurity?

Best Regards

Marcelo Fanaia

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Amit Singh Fri, 07/16/2010 - 12:03

Marcelo,


Why are the users connecting both the IP phone ports to the different switches? PC-port at the back of IP phone is only used to connect to the PC/Laptop. What kind of policy is there on the network? Werent the users trained on how to use the IP Phones? You need to to correct that first on the basic level.

You can use , STP BPDU guard, STP BPDU filter to control that.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.4/configuration/guide/stp_enha.html

Have a look at the link above.

HTH,

-amit singh

marcelo.fanaia Fri, 07/16/2010 - 12:46

Sr.

I understand your questions well, but I have two network jack on the wall, and sometimes it happens to some users and I dont want to allow this to happen by some mistake from user.  I want to have full control over this question.

"You can use , STP BPDU guard, STP BPDU filter to control that" >>> I have applied that on our environment, it is working fine, but  no solve the problem completely .

Thank you very much for your support!

Reza Sharifi Fri, 07/16/2010 - 13:56

marcelo

I agree with Amit.  you should connect you PC/laptop to the back of the phone and then connect the phone to the wall jack using 2 separate vlans (one for voice and one for data).  If you have an extra port on the wall, it should be disabled or if you have users using the extra wall jack then you only need a data vlan on that port.

HTH

Reza

Actions

This Discussion