Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

STP sample

Good morning,

Does anyone have sample configuration for STP, for what they normally configure on their access, distro, and core switch? I would like to see how other organizations have STP set up for each one of their switches, depending on the function of the switch.

 

Thanks,

Chad

Everyone's tags (3)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Silver

I found somewhere picture in

I found somewhere picture in attach and I think that it tells more than words smiley

BR,

Dragan

HTH, Dragan
New Member

 STP is verry good  to have a

 

STP is verry good  to have a loop free  netwok .

STP are mostly implemented in distribution going down to Access Switches.

Below are the Basic guidelines in STP Implementations:

1.Define first the root bridge switch in your network.

 -Mostly the Primary distribution switches (if your using primary/secondary set up)

-The most powerfull switches you have (lot of Gig ports ports)

2.After you define the root bridge, configure the switch as your root bride (Distribution 1 in this case) .

3.Protect the root port in your root bridge by configuring spanning-tree guard root on port (trunk port) going to access switches.

-This way no other port to become root except those ports you have configured/allowed to be root.

4.In Access switches , configure uplink ports (trunk port going to distribution switches) with spanning-tree guard loop

-this will prevent any loop to be broadcast outside the local switch.

-best way also to configure primary and secondary path for your vlans.

-spanning-tree guard loop is also good to configure in access ports that has no port security configured in it. this is useful in guarding the port from any loop that is cause by end users miss patching of cable in open ports in your production area. BPDU guard enable sometimes not work mostly when a VOIP Phone's both port is connected in a switch.

-Above is only a basic implementation assuming you have the idea how spanning tree works.

 

Regards,

Rex

 

 

2 REPLIES
Silver

I found somewhere picture in

I found somewhere picture in attach and I think that it tells more than words smiley

BR,

Dragan

HTH, Dragan
New Member

 STP is verry good  to have a

 

STP is verry good  to have a loop free  netwok .

STP are mostly implemented in distribution going down to Access Switches.

Below are the Basic guidelines in STP Implementations:

1.Define first the root bridge switch in your network.

 -Mostly the Primary distribution switches (if your using primary/secondary set up)

-The most powerfull switches you have (lot of Gig ports ports)

2.After you define the root bridge, configure the switch as your root bride (Distribution 1 in this case) .

3.Protect the root port in your root bridge by configuring spanning-tree guard root on port (trunk port) going to access switches.

-This way no other port to become root except those ports you have configured/allowed to be root.

4.In Access switches , configure uplink ports (trunk port going to distribution switches) with spanning-tree guard loop

-this will prevent any loop to be broadcast outside the local switch.

-best way also to configure primary and secondary path for your vlans.

-spanning-tree guard loop is also good to configure in access ports that has no port security configured in it. this is useful in guarding the port from any loop that is cause by end users miss patching of cable in open ports in your production area. BPDU guard enable sometimes not work mostly when a VOIP Phone's both port is connected in a switch.

-Above is only a basic implementation assuming you have the idea how spanning tree works.

 

Regards,

Rex

 

 

84
Views
0
Helpful
2
Replies