cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2300
Views
0
Helpful
9
Replies

portfast and loop risk

sarahr202
Level 5
Level 5

Hi every body!

A switch first decides the role( such as root port, designated port etc) before deciding whether to put a port in blocking or forwarding state. until such port role is decided, the port remains in blocking state.

Let say we have a switch,sw1 which has portfast enabled on f0/1. This port was formally connected to windows xp host.

Let say we have a another switch, sw2 which is also connected to same switched network like sw1.

sw2 has few ports available( not in use).

we take sw2's f0/2 port and connect it to f0/1 of sw1 which has portfast enabled.

According to my book loop could form, but here is my reasoning why loop can not form in the above case.

sw2:

As soon as sw2 finds its f0/2 is up and up, it starts sending bpdu on that port while keeping that port blocked.

Sw1:

sw1 has already determined its f0/1 port being designated port when f0/1 was connected to host. When sw1 receives the bpdu on f0/1 from sw2, it will have decide again that port role.

Two things could happen:

1) port f0/1 could become a blocked port if the received bpdu from sw2 is superior.

2) port f0/1 could remain designated port if the received bpdu is not superior.

While this role is being decided, sw2's f0/2 remains blocked, so how could loop form?

Even if consider the fact that the portfast-enabled port f0/1 on sw1 was in forwarding state, when sw1 received the bpdu from sw2'f0/2, the loop should not form as sw2's f0/2 is in blocking state while sw1 is reconsidering the role for f0/1 and sw2 is considering the role for its f0/2 port.

thanks a lot and have a nice weekend!

5 Accepted Solutions

Accepted Solutions

Edison Ortiz
Hall of Fame
Hall of Fame

You won't create a loop on a single inter-switch link. A loop may be created when connecting multiple inter-switch links to the same neighbor or different neighbors.

PortFast delays the opening of the port while Spanning-Tree calculates the best path throughout the switch domain.

In your case, if SW02 is the root of all Vlans and you interconnect 2 links between these switches with SW01 having PortFast enabled on all ports, SW01 may loop as it will have both ports in FWD mode while one should be BLK.

View solution in original post

If you configure portfast while the port was up/up, nothing will happen. The port won't change from blocked to fwd state due to portfast. Portfast is only utilized during the opening of the port not during normal port operations. Spanning-Tree has blocked that port and it will remain as such until a Spanning-Tree change is received.

View solution in original post

If you enable portfast on a switchport, you will bypass the listening and learning states so in your case SW1's F0/1 will place the port in FWD right away.

View solution in original post

A switching port won't have more than one VLAN- unless it's a trunk.

When you put portfast on, it'll say something like "%Portfast has been configured on X/Y but will only

have effect when the interface is in a non-trunking mode."

If you've got two VLANs configured on that port, you're trunking- so portfast won't do anything. You'll come up with a standard portfast calculation. (So to answer your question: no, neither VLAN in your example would go straight to forwarding mode.)

However, you CAN enable spanning=tree portfast trunk- and then the link will come up, and all VLANs on the trunk will go straight to forwarding.

View solution in original post

As Nate stated, the portfast implementation is done on access ports so you only have one Vlan assigned to that port.

There is another implementation which is spanning-tree portfast trunk

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_50_se/command/reference/cli3.html#wp1946989

With that said, this feature affects all Vlans in the trunk and you can't selectively block one Vlan while allowing other Vlan.

If you intend to block a Vlan in a port, you may as well do a manual pruning with the command 'switchport trunk allow vlan x,x,x'

HTH,

__

Edison.

View solution in original post

9 Replies 9

Edison Ortiz
Hall of Fame
Hall of Fame

You won't create a loop on a single inter-switch link. A loop may be created when connecting multiple inter-switch links to the same neighbor or different neighbors.

PortFast delays the opening of the port while Spanning-Tree calculates the best path throughout the switch domain.

In your case, if SW02 is the root of all Vlans and you interconnect 2 links between these switches with SW01 having PortFast enabled on all ports, SW01 may loop as it will have both ports in FWD mode while one should be BLK.

Thanks Edison.

i come back in few hours if i have any question

Hi Edison

I have few questions:

Let say sw1 has a bolocked port f0/1, if i configure portfast on it( sheer stupidity),what would happen? will the blocked port transition into forwarding state?

If i configure portfast on all ports on a switch, will all ports end up in forwarding state?

The feature" portfast " simply puts the port in forwarding state directly( without interim states listening,learning) regardless of port role, i.e it could be blocked port,designated port. Is it correct?

thanks and have a good night!

If you configure portfast while the port was up/up, nothing will happen. The port won't change from blocked to fwd state due to portfast. Portfast is only utilized during the opening of the port not during normal port operations. Spanning-Tree has blocked that port and it will remain as such until a Spanning-Tree change is received.

Hi Edison,

I have one more question

Let say we have a switched network.

sw1 is root switch in the network.

let focus on sw2 in switched network.

sw2 is directly connected to sw1 via f0/1

sw1 f0/1--------f0/1 sw2

f0/1 of sw2 is root port.

f0/1 on sw1( root switch) is designated port.

let say we configured portfast on sw1's f0/1.

Now if i remove the cable connecting sw1's f0/1 to sw2's f0/1, and put it back, will sw1's f0/1 be put in forwarding state right away( without interim states listening and learning states) ?

Thanks a lot and have a nice day !

If you enable portfast on a switchport, you will bypass the listening and learning states so in your case SW1's F0/1 will place the port in FWD right away.

Hi Edison.

This is the last question .

The port feature if enabled, it is enabled for the port as the command" spanning-tree portfast does not have any field for vlan.

So let say a switch has a port which is in forwarding state for vlan 1 but in blocking state for vlan 2. if i enable portfast on the port, will it work i.e the port will transition into forwarding state right away ( for vlan 1)?

thanks a lot!

A switching port won't have more than one VLAN- unless it's a trunk.

When you put portfast on, it'll say something like "%Portfast has been configured on X/Y but will only

have effect when the interface is in a non-trunking mode."

If you've got two VLANs configured on that port, you're trunking- so portfast won't do anything. You'll come up with a standard portfast calculation. (So to answer your question: no, neither VLAN in your example would go straight to forwarding mode.)

However, you CAN enable spanning=tree portfast trunk- and then the link will come up, and all VLANs on the trunk will go straight to forwarding.

As Nate stated, the portfast implementation is done on access ports so you only have one Vlan assigned to that port.

There is another implementation which is spanning-tree portfast trunk

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_50_se/command/reference/cli3.html#wp1946989

With that said, this feature affects all Vlans in the trunk and you can't selectively block one Vlan while allowing other Vlan.

If you intend to block a Vlan in a port, you may as well do a manual pruning with the command 'switchport trunk allow vlan x,x,x'

HTH,

__

Edison.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco