Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Loop in network.

good day, i have a question regarding a loop in my network.

we have arround 200 L2 (cisco) switches true out the factory,

when there are not enough network ports, the people from our utility department connects 3com switches to the L2 cisco switch.

the 3com is at the place the users are and many times the user creating loops.

is there a command to prevent this.

i have tried with stp but it seems like the interface is not going down.

I have set up here at my desk a 2960 switch attcahed a 3com switch and when i create the loop it does not shut or err disable one interface, does someone have an idea for this problem ?

!

spanning-tree mode pvst

spanning-tree loopguard default

spanning-tree portfast bpduguard default

spanning-tree portfast bpdufilter default

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

interface FastEthernet0/4

switchport access vlan 25

switchport mode access

switchport voice vlan 244

spanning-tree portfast

spanning-tree bpdufilter enable

spanning-tree bpduguard enable

!

Thanks a lot!

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Loop in network.

Hi Michael,

when you enable the BPDU Filtering, it takes precedence over the BPDU Guard. So with configuration like this, BPDU Guard is totally ineffective.

Solution:

I recommend disabling BPDU Filtering globally and also on that interface so that BPDU Guard will be functional.

Another thing that might help you with switching loops of this type: consider using port-security with maximum MAC addresses defined. This will discourage multiple users to connect through their switches to yours.

If you want more information or need additional help feel free to ask!

Best regards,

Jan

2 REPLIES
Silver

Re: Loop in network.

Hi Michael,

when you enable the BPDU Filtering, it takes precedence over the BPDU Guard. So with configuration like this, BPDU Guard is totally ineffective.

Solution:

I recommend disabling BPDU Filtering globally and also on that interface so that BPDU Guard will be functional.

Another thing that might help you with switching loops of this type: consider using port-security with maximum MAC addresses defined. This will discourage multiple users to connect through their switches to yours.

If you want more information or need additional help feel free to ask!

Best regards,

Jan

New Member

Re: Loop in network.

Hello Jan,

Thank you for your answer it works great, no problems with loops anymore.

I also applyed errdisable recovery so i dont have to enable the ports again.

I have one more question, maybe you also have an answer for that.

I would like to see or get some message when a port goes in to errdisable, i know it is possible with SNMP but i dont know what program to use for this.

we are using here ORION but it only show when a port goes down or up and not when it goes in to err disable.

i enabled the snmp trap in the switch but now i only need a program that shows me when it happens.

Do you have an idea ?

snmp-server enable traps errdisable

Thanks a lot.

Sorry for de delayed answer.

174
Views
0
Helpful
2
Replies
CreatePlease to create content