Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Anonymous
N/A

Spanning Tree

When a port is in Blocking Mode what traffic is permitted? All documentations states network Management traffic. But I pulled a trace today and I see DNS resolutions, ICMP ping replies and TCP traffic. Is this normal? I ask because I have spanning tree running connecting 2 switches together. Between the switches are IPS devices. We use spanning tree to act as our failover method. But I am seeing alerts pop up on my backup IPS device. I was under the impression no traffic should be entering that device except for the occasional BPDUs sent between the switch. Any help would be great been working on this for 2 months. Below is a diagram showing the switch port mode and how the IPS are inline.

(switch1)FWD------IPS-A----- FWD(switch2)

(Switch1)FWD-----IPS-B------BLK(switch2)

1 REPLY
Silver

Re: Spanning Tree

Hi

Switch2BLK means it will only transmit BPDU and will only receive BPDU, ( actually it can receive whatever traffic but all traffic will be dropped, exept for the BPDU:s).

Switch1FWD means it will forward all traffic that is normally flooded,like broadcast, maybe multicast depending on configurations, multicast in 224.0.0.0-255 range, and unknown unicast destination.

If you see other traffic like ICMP ping replies the source and destination mac-address should be known. Look in switch1 to see what mac-address-table looks like for the traffic you traced

/Mikael

94
Views
0
Helpful
1
Replies