Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Portfast for the Access Ports in Cisco Catalyst 4006 switches

I have read in the documentation that portfast should not be enabled on switch ports which may be connected to other switches and hubs. I would like to know what this mean? I understand that the spanning tree protocol is to eliminate undesirable loops in the network. If we enable the portfast for an access port and an end user inadvertently connects to a hub or a switch without our knowledge how does this affect spanning tree? Meaning a single link coming of the switch in question to another switch which the end user uses. I think if we take two identical links from a Cisco Switch with portfast enabled and connect this to another switch, then there is a possiblity of a loop while STP process being hastened by the port fast.

6 REPLIES
New Member

Re: Portfast for the Access Ports in Cisco Catalyst 4006 switche

In the event a port set to portfast sees a BPDU it will disable portfast. However the possibilty of a loop bringing down your network is really only in the case of when the switch is powered on as it will start forwarding frames straight away and this could cause a loop.

Cisco Employee

Re: Portfast for the Access Ports in Cisco Catalyst 4006 switche

You'll need BPDU guard for this. It does not disable the port otherwise

Cisco Employee

Re: Portfast for the Access Ports in Cisco Catalyst 4006 switche

As long as their is no loop, you should be ok with connecting a switch or a hub to a port with portfast enabled. Infact we use somthing similar to this in Rapid STP(RSTP) implementation.

However, there is a possibility for a loop due to human error/cabling on those hub/switches. The best scenario would be to use portfast with BPDU guard on edge ports

http://www.cisco.com/warp/public/473/65.html

New Member

Re: Portfast for the Access Ports in Cisco Catalyst 4006 switche

Thanks for responding. I appreciate the quick response from prkrishn and beckmanp. I am quite impressed with this forum where knowledge is exchanged. Well, I do understand loops with human error by introducing multiple paths between switches and with this scenario STP will block without one policing the switch connections.

But safe to say that the access ports where in end users are connected could be either enabled with STP, portfast or disable STP. Infact we have numerous Nortel Switches in our environment and we have conveniently disabled STP altogether in user access ports. Nortel also comes with fast start but we have had bad experience especially with Novell Clients. We didn't have any problem with loops for the access ports by disabling STP so far.

Re: Portfast for the Access Ports in Cisco Catalyst 4006 switche

Hi,

you must be a lucky guy if you disabled STP on all user ports and noticed no problem.

I remember a complete building 10 minutes outage caused by a user made loop on hub in the past.

I strongly recommend portfast (fixes Novell client problems) and BPDU guard on user ports.

Regards,

Milan

New Member

Re: Portfast for the Access Ports in Cisco Catalyst 4006 switche

I understand spanning tree protocol to be enabled for a topology with redundant links(like uplinks). It is always better to link the switches with redundant links and enable STP on those links. If for some reason one of the link goes down the STP will readjust and the other links comes back on line without disrupting network traffic. How would you imagine a end user would take two identical ports from a switch in IDF or BDF in a building and connect to a switch in his location? In this context disabling STP on access ports makes sense(depending the probability theory) and also would save some BPDU packets on the wire.

265
Views
0
Helpful
6
Replies