11-25-2013 06:43 AM - edited 03-04-2019 02:33 AM
This is the Q&A from "Understanding LAN Switching Features – STP, QOS, and Stacking session".
A. Root guard can enable on both, the primary and secondary, root switches¬. The Root Guard feature forces an interface to become a designated port to prevent surrounding switches from becoming a root switch. In other words, Root Guard provides a way to enforce the root bridge placement in the network.The Root Guard feature prevents a Designated Port from becoming a Root Port. If a port on which the Root Guard feature receives a superior BPDU, it moves the port into a root-inconsistent state (effectively equal to a listening state), thus maintaining the current Root Bridge status.
A. BPDU guard can be enabled on any access-ports where you are not expected to receive any BPDU which affects the spanning-tree.
A. When you start troubleshooting spanning-tree loop, first you need to understand if there is an actual loop which can be easily identified by using enabled mac-address-table mac-move. Basically “MAC move” is when your switch learned same mac-address on different ports. To know more about STP troubleshooting, you can watch recorded video session.
A. Yes, loop guard can be implemented on uplinks between Cisco and Non-Cisco switches.
A. When you enable port-fast globally using “spanning-tree portfast default” command, it enable port-fast only on all access ports.
A. Port-fast is not a replacement for BPDU Filter or BPDU guard. Enabling portfast does not make any difference to sending or receiving BPDUs, it uses to avoid the port from participating in STP. If Portfast enable interface receives a BPDU on that port it’s not going to block the port from processing the BPDU whereas enabling BPDU filter stops sending and receiving BPDUs on the interface.
A. Enabling portfast does not make any difference to sending or receiving BPDUs, it uses to avoid the port from participating in STP. If a Port-fast enabled interface receives a BPDU on that port it’s not going to block the port from processing the BPDU ,it will simply turnoff the port-fast feature from that interface and start participating in STP.
A. Not always the mac-flaps create loops in the network. Let’s take an example: If a wireless user roams between the access-points then we would see mac-flaps which can an expected behavior. We cannot prevent the mac-flaps with any specific command. However, if your network is loop free (non-close looped switching network) then you might not see mac-flaps.
A. Yes, you can see log when you enable mac-move notifications.log can be seen as shown below:
“%SW_MATM-4-MACFLAP_NOTIF: Host aabb.ccdd.0000 in vlan 1 is flapping between port Gi2/0/3 and port Gi2/0/2”
A. If you configure port-fast globally it will affect only access-ports which can be verified using "show spanning-tree int <interface > detail | in portfast" command.
A. If there is a loop in the network then most of the time you should see high CPU utilization on the switch.
A. It can be used to identify the source but not always a TCN will be generated for every loop.
A. Every switch has a base mac-address and the least of the base mac-address will be used as bridge id.
A. You will not always see “arp-input” process to be high during mac-flap situations. However, in a few scenarios, if the mac-address flushes and re-learns which might trigger the ARP rebuilt process.
A. The best way to trace a mac address is to run the “show mac address-table address <> command” and follow the interfaces.
A. Stacking does not limit the switch to its routing capabilities. These are layer 3 switches and can route as well.
A.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: