From: Ronnie Higginbotham (ronniepaul@hotmail.com)
Date: Thu May 24 2007 - 06:56:41 ART
Thomas,
Default config is fine. I however do not use the auto recovery settings. Not
only does it stop STP loop problem form patch cable begin connected
incorrectly. Also prevents end users from connecting a switch to your
network that is running spanning tree that you are not aware of.
I prefer the port to errdisable and I have to manually enable it. If you
recover every 10 minutes it will be in a loop if the switch is not removed
or cable disconnected. Every 10 minutes the port will reactivate and
errdisable again. Unless you have some other means of received the traps ie
syslog, snmp.
Ronnie
CCIE 13834
----- Original Message -----
From: <thomas.rader@freesurf.ch>
To: <ccielab@groupstudy.com>
Sent: Thursday, May 24, 2007 3:02 AM
Subject: BPDU Guard best practice
> Hello,
>
> One of my clients configures BPDU Guard per default on all switch access
> ports.
>
> Switch(config-if)# spanning-tree bpduguard enable
>
> The reason for this is that they want to stop STP loop problems as a
> result of incorrectly patched access cables.
>
> I'm wondering if this (default config) is a good idea, or if there are
> situations that it could give you problems ?
>
> They also use errdisable to automatically recover a port after 10 minutes.
>
> Switch(config)# errdisable recovery interval 600
> Switch(config)# errdisable recovery cause bpduguard
>
> Any experience or feedback would be appreciated,
>
> Thanks, Thomas
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 01 2007 - 06:55:22 ART