i have a production network environment where i want to implement dhcp snooping and DAI. My setup is as below-
i have 35xx series switch at edge and 2 x 65xx series switcehs at the core. All edge swithc has 2 upink to the 2 core switches. STP is ruunig in the network, core switch 1 is configured as the primary root for all the valns and core switch 2 secondary root. An ether-channel is runnig between 2 core switches. Below are the stp commnds i run in both edge and core switches (uplinkfast is not runnig in the core switches)
spanning-tree mode pvst
spanning-tree loopguard default
description *** User-Vlan-01 ***
switchport access vlan 10
switchport mode access
switch-port port-security aging time 300
switch-port port-security violation restrict
spanning-tree bpduguard enable
Below are my querries-
1) Do i need to run any other stp related commands in the edge as well core switches in a typical production network?
Now i need to enable dhcp snooping and ARP inspection in my network. One point to mention is that there is a FWSM module in the core switch and the network setup is like FWSM>MSFC>Router. All the Vlans (User Vlan and Server Vlan) are the layer 3 interface of the FWSM. outside of the fwsm
connects to the MSFC.
My querry is -
2) What are the things i should take care before i implement dhcp snooping and DAI normally in a production LAN
3) Do i need to do any thing in the FWSM ? If YES, what are the things i should do ?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...