Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
667
Views
15
Helpful
4
Replies

broadcast storm and an unstable environment

marcelo.fanaia
Level 1
Level 1

‎07-16-2010 09:08 AM - edited ‎03-06-2019 12:03 PM

Please, could anyone give me some suggested for problem below:

CORE 6509 _____________________ACCESS Switch_______Telephony VOIP

                |                                                                                          |

                |________________________ ACCESS Switch ___________|

Some users are connecting both ethernet jacks from phone on different access switches,

therefore creating a broadcast storm and creating an unstable environment.

Which are best practices to solve this problem?

Could be portsecurity?

Best Regards

Marcelo Fanaia

Labels:
0 Helpful
4 Replies 4

manish arora
Level 6
Level 6

‎07-16-2010 11:47 AM

Try using dynamic arp inspection, this does increases your work load but can be helpfull.

here's the link on how to do it :-

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_20_se/configuration/guide/swdynarp.html#wp1038516

Hope it helps

Thanks

Manish

Amit Singh
Cisco Employee
Cisco Employee

‎07-16-2010 12:03 PM

Marcelo,


Why are the users connecting both the IP phone ports to the different switches? PC-port at the back of IP phone is only used to connect to the PC/Laptop. What kind of policy is there on the network? Werent the users trained on how to use the IP Phones? You need to to correct that first on the basic level.

You can use , STP BPDU guard, STP BPDU filter to control that.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.4/configuration/guide/stp_enha.html

Have a look at the link above.

HTH,

-amit singh

marcelo.fanaia
Level 1
Level 1
In response to Amit Singh

‎07-16-2010 12:46 PM

Sr.

I understand your questions well, but I have two network jack on the wall, and sometimes it happens to some users and I dont want to allow this to happen by some mistake from user.  I want to have full control over this question.

"You can use , STP BPDU guard, STP BPDU filter to control that" >>> I have applied that on our environment, it is working fine, but  no solve the problem completely .

Thank you very much for your support!

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to marcelo.fanaia

‎07-16-2010 01:56 PM

marcelo

I agree with Amit.  you should connect you PC/laptop to the back of the phone and then connect the phone to the wall jack using 2 separate vlans (one for voice and one for data).  If you have an extra port on the wall, it should be disabled or if you have users using the extra wall jack then you only need a data vlan on that port.

HTH

Reza

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card