I was trying to simulate this two command:
- spanning-tree portfast default
- spanning-tree portfast bpduguard default
Before going into details let me give you a little background on this two command:
spanning-tree portfast default – It’s a global command to set all the switch interface to STP portfast. When you issue the command you will received a warning to disable manually portfast on interface connected to hub, bridge and switch, because if not this will cause a temporary bridging loop.
spanning-tree portfast bpduguard default – It’s a global command to set STP bpduguard on all interface configured with portfast.
Combining the two command it is similar to going to each switch interface and enable portfast and bpduguard.
Our problem at first is how to disable portfast? Do we go to the interface and issue a “no spanning-tree portfast” or “spanning-tree portfast disable”.
What I do is enable “debug spanning-tree events” and “debug spanning-tree pvst+”, this is the only debug spanning option I find relevant to what I'm doing. I first capture debug out without the portfast default command, second I issue the portfast default command and lastly I issue the “spanning-tree portfast disable” on trunk interfaces. I then compare the three output and I can’t seem to find the deference.
I then move forward and issue the “spanning-tree portfast bpduguard default” command. When I try to connect a switch on one of the access interface the switch then moved to err-disabled state. It means the two command are working, I then issue “spanning-tree portfast disable” then refresh the node and the interface switch moved to connected state.
I then conclude that if you use the two global commands above, it will be applied on all interface including trunks and to negate the portfast/bpduguard you need to issue the “spanning-tree portfast disable” on the interface to avoid temporary loop on your L2 network.
No comments:
Post a Comment