cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
360
Views
0
Helpful
2
Replies

Loop in network.

good day, i have a question regarding a loop in my network.

we have arround 200 L2 (cisco) switches true out the factory,

when there are not enough network ports, the people from our utility department connects 3com switches to the L2 cisco switch.

the 3com is at the place the users are and many times the user creating loops.

is there a command to prevent this.

i have tried with stp but it seems like the interface is not going down.

I have set up here at my desk a 2960 switch attcahed a 3com switch and when i create the loop it does not shut or err disable one interface, does someone have an idea for this problem ?

!

spanning-tree mode pvst

spanning-tree loopguard default

spanning-tree portfast bpduguard default

spanning-tree portfast bpdufilter default

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

interface FastEthernet0/4

switchport access vlan 25

switchport mode access

switchport voice vlan 244

spanning-tree portfast

spanning-tree bpdufilter enable

spanning-tree bpduguard enable

!

Thanks a lot!

1 Accepted Solution

Accepted Solutions

Jan Hrnko
Level 4
Level 4

Hi Michael,

when you enable the BPDU Filtering, it takes precedence over the BPDU Guard. So with configuration like this, BPDU Guard is totally ineffective.

Solution:

I recommend disabling BPDU Filtering globally and also on that interface so that BPDU Guard will be functional.

Another thing that might help you with switching loops of this type: consider using port-security with maximum MAC addresses defined. This will discourage multiple users to connect through their switches to yours.

If you want more information or need additional help feel free to ask!

Best regards,

Jan

View solution in original post

2 Replies 2

Jan Hrnko
Level 4
Level 4

Hi Michael,

when you enable the BPDU Filtering, it takes precedence over the BPDU Guard. So with configuration like this, BPDU Guard is totally ineffective.

Solution:

I recommend disabling BPDU Filtering globally and also on that interface so that BPDU Guard will be functional.

Another thing that might help you with switching loops of this type: consider using port-security with maximum MAC addresses defined. This will discourage multiple users to connect through their switches to yours.

If you want more information or need additional help feel free to ask!

Best regards,

Jan

Hello Jan,

Thank you for your answer it works great, no problems with loops anymore.

I also applyed errdisable recovery so i dont have to enable the ports again.

I have one more question, maybe you also have an answer for that.

I would like to see or get some message when a port goes in to errdisable, i know it is possible with SNMP but i dont know what program to use for this.

we are using here ORION but it only show when a port goes down or up and not when it goes in to err disable.

i enabled the snmp trap in the switch but now i only need a program that shows me when it happens.

Do you have an idea ?

snmp-server enable traps errdisable

Thanks a lot.

Sorry for de delayed answer.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: