RE: Disabling spanning tree from Cisco Fanatic on 2009-04-18 (Ccielab archives 04/2009)

From: Cisco Fanatic <ebay_products_at_hotmail.com>
Date: Sat, 18 Apr 2009 07:47:58 -0700

Reading the fine lines of the Doc CD -

Enabling BPDU
filtering on an interface is the same as disabling spanning tree.

-Yuri

> Date: Sat, 18 Apr 2009 13:04:55 +0200
> Subject: Re: Disabling spanning tree
> From: eshedalonie_at_gmail.com
> To: pbhatkoti_at_gmail.com
> CC: tparamba_at_thecontactcentre.ae; gwood83_at_gmail.com; ccielab_at_groupstudy.com;
nobody_at_groupstudy.com; tvarriale_at_flamboyaninc.com
>
> Is this also can be a solution ?
>
> Configuring 802.1Q and Layer 2 Protocol Tunneling
>
>
>
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12
.2_25_se/configuration/guide/swtunnel.html
>
> * When a port is configured as an 802.1Q tunnel port, spanning-tree bridge
> protocol data unit (BPDU) filtering is automatically enabled on the
> interface. Cisco Discovery Protocol (CDP) is automatically disabled on the
> interface
>
>
>
>
>
> On 4/17/09, Radioactive Frog <pbhatkoti_at_gmail.com> wrote:
> >
> > Exactly, we need to know other part of questions in this equation. In
short
> > we can use either:
> >
> > a) no Switchport
> > b) bpdu filter.
> >
> > story ends up here...
> >
> > off to pound :)
> >
> >
> > On Fri, Apr 17, 2009 at 1:04 PM, Thameem Maranveetil Parambath <
> > tparamba_at_thecontactcentre.ae> wrote:
> >
> > > I dont think that "no switchport" is a solution here... If you
convert
> > > the interface to L3 , what IP will you provide to it?
> > >
> > > Regards
> > >
> > >
> > >
> > >
> > > Jonathan Greenwood II <gwood83_at_gmail.com>
> > > Sent by: nobody_at_groupstudy.com
> > > 17/04/2009 01:46 AM
> > > Please respond to
> > > Jonathan Greenwood II <gwood83_at_gmail.com>
> > >
> > >
> > > To
> > > Tony Varriale <tvarriale_at_flamboyaninc.com>
> > > cc
> > > ccielab <ccielab_at_groupstudy.com>
> > > Subject
> > > Re: Disabling spanning tree
> > >
> > >
> > >
> > >
> > >
> > >
> > > There's your answer. Thanks Tony for finding out the other
requirements.
> > > I
> > > was going against the grain as to the vague question and not knowing
all
> > > the
> > > requirements. I agree with you on bpdufilter, but the output of
> > > the sh spanning-tree tells a different story. When I get a chance I'm
> > > going
> > > to sniff a port with bpdufilter and see the operation. It wouldn't be
> > the
> > > first time the DocCd was wrong about how a command actually works.
Case
> > > in
> > > point, Pavel did a good job on defunking the max-reserved bandwidth
> > > command
> > > with QoS & the DocCD. Hopefully that's not the case with this command.
> > >
> > > Cheers
> > >
> > > Jonathan Greenwood II
> > > CCIE #22744
> > >
> > > On Thu, Apr 16, 2009 at 1:46 PM, Tony Varriale
> > > <tvarriale_at_flamboyaninc.com>wrote:
> > >
> > > > Except 2 pages back in the lab book that mentions that this port
needs
> > > to
> > > > be
> > > > in vlan xy or z.
> > > >
> > > > The question gave a hint in that you cannot use "no spanning-tree".
> > It's
> > > > all right there...all you have to do is see it.
> > > >
> > > > tv
> > > >
> > > > -----Original Message-----
> > > > From: Ryan West [mailto:rwest_at_zyedge.com]
> > > > Sent: Thursday, April 16, 2009 3:16 PM
> > > > To: Jonathan Greenwood II; Tony Varriale
> > > > Cc: ccielab
> > > > Subject: RE: Disabling spanning tree
> > > >
> > > > Johathan and the original person who mentioned "no switchport":
> > > >
> > > > Rack1SW3#show spanning-tree int f0/5
> > > >
> > > > Vlan Role Sts Cost Prio.Nbr Type
> > > > ------------------- ---- --- --------- --------
> > > > --------------------------------
> > > > VLAN0005 Desg FWD 19 128.5 P2p
> > > >
> > > > interface FastEthernet0/5
> > > > switchport access vlan 5
> > > > switchport mode dynamic desirable
> > > > end
> > > > Rack1SW3(config)#in f0/5
> > > > Rack1SW3(config-if)#no swi
> > > > Rack1SW3(config-if)#end
> > > > Rack1SW3#show spa
> > > > *Mar 1 01:53:25.083: %LINK-3-UPDOWN: Interface FastEthernet0/5,
> > changed
> > > > state to up
> > > > Rack1SW3#show span
> > > > Rack1SW3#show spanning-tree int
> > > > *Mar 1 01:53:26.039: %SYS-5-CONFIG_I: Configured from console by
> > > console
> > > > *Mar 1 01:53:26.083: %LINEPROTO-5-UPDOWN: Line protocol on Interface
> > > > FastEthernet0/5, changed state to up
> > > > Rack1SW3#show spanning-tree int f0/5
> > > > no spanning tree info available for FastEthernet0/5
> > > >
> > > > winner winner chicken dinner?
> > > >
> > > > -ryan
> > > >
> > > > -----Original Message-----
> > > > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
> > Of
> > > > Jonathan Greenwood II
> > > > Sent: Thursday, April 16, 2009 3:59 PM
> > > > To: Tony Varriale
> > > > Cc: ccielab
> > > > Subject: Re: Disabling spanning tree
> > > >
> > > > My answer would still be "no switchport" Bottom line BPDUfilter is a
> > > STP
> > > > feature. Any command that involves "spanning-tree" on a interface
> > > utilizes
> > > > STP, and by default STP runs on every port on a switch . There's no
> > > > command
> > > > that can disable STP on a "per" interface basis. There's nothing in
> > the
> > > > question that says you can't convert the port to layer 3. Now I
> > haven't
> > > > tested this but maybe someone could do a sho spanning-tree on a layer
2
> > > > port
> > > > and try the same on a layer 3 port. If you don't see STP on the
layer
> > 3
> > > > port then its safe to say your not running it. I'm pretty sure STP
> > will
> > > > come up on the layer 2 port. Just my thoughts.
> > > >
> > > > HTH
> > > >
> > > > Jonathan Greenwood II
> > > > CCIE #22744
> > > >
> > > > On Thu, Apr 16, 2009 at 12:07 PM, Tony Varriale
> > > > <tvarriale_at_flamboyaninc.com>wrote:
> > > >
> > > > > STP cannot be operational without BPDUs.
> > > > >
> > > > >
> > > > >
> > > > > BPDU filter effectively disables spanning tree on a port because it
> > > > filters
> > > > > in AND out. Is it a turn off knob? No. Is it a trick? Yes.
> > > > >
> > > > >
> > > > >
> > > > > tv
> > > > >
> > > > >
> > > > >
> > > > > From: Jonathan Greenwood II [mailto:gwood83_at_gmail.com]
> > > > > Sent: Thursday, April 16, 2009 1:48 PM
> > > > > To: Tony Varriale
> > > > > Cc: ccielab
> > > > > Subject: Re: Disabling spanning tree
> > > > >
> > > > >
> > > > >
> > > > > STP is still operational as the port still must transtion through
the
> > > > > various port states, in this case you have portfast which is a STP
> > > > feature.
> > > > > That's still STP wouldn't you agree regardless of BPDU's being
> > > filtered
> > > > or
> > > > > not? I don't have access to a switch at the moment, but I agree
with
> > > > your
> > > > > test. My argument is that you can't disable STP on a per port
basis.
> > > > >
> > > > > Jonathan Greenwood II
> > > > >
> > > > > CCIE #22744
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Thu, Apr 16, 2009 at 11:40 AM, Tony Varriale <
> > > > > tvarriale_at_flamboyaninc.com>
> > > > > wrote:
> > > > >
> > > > > The question mentions nothing about TCNs or port flapping.
> > > > >
> > > > > How about config BPDUs? Put it up in a lab...
> > > > >
> > > > > Here's a quick example in production for you that has portfast but
> > not
> > > > > bpdufilter:
> > > > >
> > > > > interface GigabitEthernet9/12
> > > > > switchport
> > > > > switchport access vlan 12
> > > > > switchport mode access
> > > > > spanning-tree portfast
> > > > >
> > > > > xyz#sh spanning-tree int g9/12 d
> > > > > BPDU: sent 10566749, received 0
> > > > >
> > > > > Spanning tree is not disabled. Period.
> > > > >
> > > > > Here's one in production with bpdufilter:
> > > > >
> > > > > xyz#sh run int g1/1
> > > > > Building configuration...
> > > > >
> > > > > Current configuration : 171 bytes
> > > > > !
> > > > > interface GigabitEthernet1/1
> > > > > switchport access vlan 201
> > > > > switchport mode access
> > > > > spanning-tree portfast
> > > > > spanning-tree bpdufilter enable
> > > > >
> > > > > xyz#sh spanning-tree int g1/1 d
> > > > > BPDU: sent 0, received 0
> > > > >
> > > > > No BPDUs sent or received. If both are none, would you say it's
> > > > > participating in spanning tree?
> > > > >
> > > > > tv
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On
Behalf
> > > Of
> > > > >
> > > > > Jonathan Greenwood II
> > > > > Sent: Thursday, April 16, 2009 1:25 PM
> > > > > To: Tharak Abraham
> > > > > Cc: Salah ElShekeil; ccielab
> > > > > Subject: Re: Disabling spanning tree
> > > > >
> > > > > With portfast TCN BPDU's will not be sent if a port goes up or down
> > > thats
> > > > > configured for portfast. FYI
> > > > >
> > > > > Jonathan Greenwood II
> > > > > CCIE #22744
> > > > >
> > > > > On Thu, Apr 16, 2009 at 11:17 AM, Tharak Abraham
> > > > > <tharakabraham_at_gmail.com>wrote:
> > > > >
> > > > > > Spanning tree would be still be active even if you enable
portfast
> > > and
> > > > > > bpdus will be sent out !
> > > > > >
> > > > > > bpdu filter on access ports will stop all kinds of bpdu's and
hence
> > > > that
> > > > > > should be more appropriate in this context !
> > > > > >
> > > > > >
> > > > > > Tharak Abraham Luke
> > > > > >
> > > > > >
> > > > > > On Thu, Apr 16, 2009 at 8:04 PM, Jonathan Greenwood II <
> > > > > > gwood83_at_gmail.com> wrote:
> > > > > >
> > > > > >> I agree with Mr. West. They are looking for portfast based on
> > > your
> > > > > >> question.
> > > > > >>
> > > > > >> HTH
> > > > > >>
> > > > > >> Jonathan Greenwood II
> > > > > >> CCIE #22744
> > > > > >>
> > > > > >> On Thu, Apr 16, 2009 at 10:17 AM, Salah ElShekeil <
> > > > > >> salah.elshekeil_at_gmail.com
> > > > > >> > wrote:
> > > > > >>
> > > > > >> > Dear all,
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> > how to disable spanning tree on an interface without using "no
> > > > > spanning
> > > > > >> > tree" command?
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> > Salah
> > > > > >> >
> > > > > >> >
> > > > > >> > Blogs and organic groups at http://www.ccie.net <
> > > > http://www.ccie.net/
> > > > > >
> > > > > >> >
> > > > > >> >
> > > > >
> > > _______________________________________________________________________
> > > > > >> > Subscription information may be found at:
> > > > > >> > http://www.groupstudy.com/list/CCIELab.html
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >>
> > > > > >>
> > > > > >> --
> > > > > >> Jonathan Greenwood II
> > > > > >> CCIE #22744
> > > > > >>
> > > > > >>
> > > > > >> Blogs and organic groups at http://www.ccie.net <
> > > http://www.ccie.net/
> > > > >
> > > > > >>
> > > > > >>
> > > >
Received on Sat Apr 18 2009 - 07:47:58 ART

This archive was generated by hypermail 2.2.0 : Mon May 04 2009 - 07:39:12 ART