Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Spanning -tree-Dlink Switch

Dear All,

Please find attached one of our Switch configuration. this switch has been interconnected another switches in the network.

Today morning one of the user brought a Dlink switch and connected two port to the attached switch. there was two connection were dropped in cabin from the switch. suddenly all our other switch including the attached switch were started blinking . network is tottaly one was able to work.

atlast we idenfied the culprit and switched of the Dlink switch.

As per my understading Spanning -tree is been configured in the swiches. why it was not blocking the other link from the Dlink switch?

Could you please check the attached configuration a and guide me to prevent such incidents in future.


New Member

Re: Spanning -tree-Dlink Switch

If you say a user brought it to work, I assume it's one of those cheap-o, 3 for a buck, home-user switches. Those don't have spanning tree. All the switches in the topology need to have spanning-tree enabled. I believe what happened was the dumb D-Link switch, not knowing spanning tree, doesn't participate in the whole BPDU, this port is forwarding, this port is blocking message exchange, so both links on both switched were in FWD mode. It probably only took a couple of broadcasts to take your network down.

I encountered this scenario about a year back, and what I did was enable Broadcast Storm Control on the "Smart Switch" (P.S: It wasn't CISCO)

New Member

Re: Spanning -tree-Dlink Switch

Thanks for the reply.

In Cisco switch side already spanning tree is configured and running. will not be cisco switch blocking one of the port which connects to Dlink switch ?

One more thing i noticed in cisco switch side that "spanning tree portfast" was enabled in those ports. in that case looping will occur right ?

I dont want such incidents happen again in future. please help a way out for it .



Re: Spanning -tree-Dlink Switch


I would rework your config:

Global Config:

spanning-tree portfast default

spanning-tree portfast bpduguard default

Access port config:

switchport access vlan XX

switchport mode access

switchport nonegotiate

Trunk port config:

switchport trunk encapsulation dot1q

switchport trunk native vlan XX

switchport mode trunk

switchport trunk allowed vlan XX


Re: Spanning -tree-Dlink Switch

Part of your issue was BPDU Filtering. That was what caused the loop not to be seen on the access ports that the DLINK was looped up with.

Filtering disallows inbound and outbound filtering. If you had that off on the access ports, bpduguard would have shut it down.

Hall of Fame Super Silver

Re: Spanning -tree-Dlink Switch

Hello Bret,

I agree with you

>> spanning-tree portfast bpdufilter default


this causes problems on enterprise networks because makes a switch vulnerable to simply connecting two ports of same switch together !

bpdu filter is there to be used by SP to avoid to participate in customer's STP.

It is is bpdu guard the right tool.

We use it with storm-control on host ports.

We use loop guard + storm control on uplinks

Hope to help


CreatePlease login to create content