Thanks to all, I appreciate your input. This is the situation, I have an environment with 2 PIX's in transparent mode active/stdby connected to a 6500 on the inside and a 2950 in the outside, what is the proper configuration for the switch port where the pix connects? should it be configured with STP portfast enabled or should it be disabled? we are having issues when one pix goes down, thank you again!
Re: STP portfast with a switch and transparent PIX
PortFast is an option that tells the switch that you have a Layer 3 device connected out of a switch port. This causes the switch to put the port into forwarding state immediately after the link comes up, instead of waiting the default 30 seconds (15 seconds for listening, and 15 seconds for learning). It is important to understand that enabling PortFast does not disable spanning tree. Spanning tree is still running on that port; enabling PortFast only tells the switch that there is not another switch or hub (Layer 2-only device) connected at the other end of the link. This causes the switch to bypass the normal 30-second delay while it is trying to determine if bringing up that port will result in a Layer 2 loop. After the link is brought up, it will still participate in spanning tree. BPDUs will still be sent out the port, and the switch will still listen for BPDUs on that port. For these reasons, it is recommended to enable PortFast on any switch port that connects to a PIX. Thus, if the PIX's interface goes down during failover, the switch will not have to wait 30 seconds while the port is transitioned from a listening to learning to forwarding state.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...