I have the following commands configured on a 3560 switch:
spanning-tree portfast default
spanning-tree portfast bpduguard default
switchport access vlan 7
switchport mode access
spanning-tree bpdufilter enable
I want to connect a switch to G0/9 but because of the "stp portfast/bpdu default" commands, the port will err-disable. The way round this was to disable STP on the port by configuring the "bpdufilter enable" command on the port, as shown above. This is fine under normal cirumstances but should a loop occur on the other switch then the port will no longer be protected. I know the alternative is not to use the "stp portfast default" command, and instead, configure portfast explicity, except for port G0/9, which will then have stp enabled. Is there another alternative method of configuring the port whilst still being able to use the "stp portfast default" command?
I would recommend on the port having portfast disabled and bpdufilter disabled.
That is of course, depending on the L2 network design. Who is default root for the vlan 7? Is this other switch a cisco switch? BPDUGuard will turn off the port if a single BPDU is recieved. BPDUfilter will completely ignore BPDUs (even his own if a loop occurs).
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...