06-10-2009 02:38 PM - edited 03-06-2019 06:11 AM
Hi,
Folks, I have a number of switches and ports configured as shown below. Request is that I should remove such portfast and stp bpduguard and bpdufilter configurations from production switches.
Question:
My concern is that such switches are live, critical and I have a bunch of live hosts connected to it.
Do you see any potential issue that could be triggered when removing configuration below? I just want to confirm.
!
interface FastEthernet0/1
switchport mode access
no keepalive
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
!
Solved! Go to Solution.
06-10-2009 02:42 PM
If any of these ports are user devices I don't think you want to turn off portfast. This can cause dhcp issues or any device that has to boot off of something on the network.What did they give as the reason to turn them off . Normally you do not want to run bpdufilter and bpduguard at the same time so maybe thats the issue .
06-12-2009 10:32 PM
If your network is connected to an ethernet based ISP network you would not want your Spanning Tree to be influenced by the ISP Spaning Tree and vice versa. In that case both you and the ISP will put bpdufilter on the interface that interconnects you.
HTH
06-10-2009 02:42 PM
If any of these ports are user devices I don't think you want to turn off portfast. This can cause dhcp issues or any device that has to boot off of something on the network.What did they give as the reason to turn them off . Normally you do not want to run bpdufilter and bpduguard at the same time so maybe thats the issue .
06-10-2009 02:50 PM
Marlon
I think Glen is spot on with this. Turning off portfast can create problems with devices that need "immediate" network connectivity. In addition BPDUGuard is also a very useful feature to enable on a port where you do not expect to see any BPDUs.
Is there any reason you need to remove these ?
Jon
06-10-2009 11:45 PM
Hello Marlon,
I agree with Glen and Jon.
I would remove only
spanning-tree bpdufilter enable
as explained in other thread of yours it is not the right tool for this kind of ports.
I think that removing STP portfast making a port a normal port can trigger a Topology change notification that causes STP recalculation.
to do this on multiple ports triggers a series of STP recalculations.
It is probably better to discuss again about the objectives of this action.
Hope to help
Giuseppe
06-12-2009 10:26 AM
I totally agree. I asked folks around it sounds like that was just a misperception about problems.
Curiosity:
Can someone clarify in which specific scenario 'bpdufilter' would be used?
I read the documentation and I understand the effect of bpdufilter, but to this point I have not seen an example on where I could use it.
06-12-2009 10:32 PM
If your network is connected to an ethernet based ISP network you would not want your Spanning Tree to be influenced by the ISP Spaning Tree and vice versa. In that case both you and the ISP will put bpdufilter on the interface that interconnects you.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide