But what happened? Did two ports became connected? On which switches did the
ports interconnected?
Consider using "switchport port-security" with violate action shutdown on
the access ports.
Can you post the rest configuration of
On Fri, May 15, 2009 at 9:32 PM, Muhammad Saleem <msaleems_at_gmail.com> wrote:
> Switch down means, none of the PC was able to get network connectivity of
> that switch (all ports of that switches were flashing together)
>
> Before that everything was going fine, all the PCs of that switch were able
> to get network resources like Internet access
>
> Switch was configure as following
>
>
>
> Interface Gigint 1-44 all ports
>
> *spanning-tree portfast *
>
> *spanning-tree portfast bpdufilter enable*
>
>
>
>
> ------------------------------
>
> *From:* Pavel Bykov [mailto:slidersv_at_gmail.com]
> *Sent:* Friday, May 15, 2009 10:14 PM
> *To:* Muhammad Saleem
> *Cc:* ccielab_at_groupstudy.com
> *Subject:* Re: Network Degraded
>
>
>
> What happened before the switch went down?
> What does it mean "Was down"? Was it in Rommon? Rebooting? Tracebacking?
>
> What are all the options that you are enabling on the interface? Are you by
> any chance filtering BPDUs as well?
>
> On Fri, May 15, 2009 at 8:57 PM, Muhammad Saleem <msaleems_at_gmail.com>
> wrote:
>
> All ports are individually (not globally) with *spanning-tree portfast
> bpdufilter enable) *but this filter didn�t help, and the whole switch was
> down
>
>
> ------------------------------
>
> *From:* Pavel Bykov [mailto:slidersv_at_gmail.com]
> *Sent:* Friday, May 15, 2009 9:45 PM
>
>
> *To:* Ryan West
> *Cc:* Muhammad Saleem; ccielab_at_groupstudy.com
> *Subject:* Re: Network Degraded
>
>
>
> That's CCIE for you :)
>
> On Fri, May 15, 2009 at 7:48 PM, Ryan West <rwest_at_zyedge.com> wrote:
>
> Pavel,
>
>
>
> What I was referring to, I know it wasn�t clear as to interface or global,
> was the global version of bpdufilter that will disable the portfast
> properties. But I agree, it�s probably safest to just have the port
> disabled to discourage people from randomly plugging in things.
>
>
>
> -ryan
>
>
>
> *From:* Pavel Bykov [mailto:slidersv_at_gmail.com]
> *Sent:* Friday, May 15, 2009 1:46 PM
> *To:* Ryan West
> *Cc:* Muhammad Saleem; ccielab_at_groupstudy.com
> *Subject:* Re: Network Degraded
>
>
>
> I'd recoomend to go bpduguard.
> Either:
> (config)#spanning-tree portfast bpduguard
> or
> (config-if)#spanning-tree bpduguard enable
>
> With bpdufilter, If you connect two ports, both of which are with
> "bpdufilter" none of them will send bpdu, and there still will be a loop.
>
> On Fri, May 15, 2009 at 4:24 PM, Ryan West <rwest_at_zyedge.com> wrote:
>
> Put spanning-tree portfast bpdufilter enable or bpduguard to either take it
> out of portfast or err-disable it.
>
> -ryan
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Muhammad Saleem
> Sent: Friday, May 15, 2009 10:25 AM
> To: ccielab_at_groupstudy.com
> Subject: Network Degraded
>
> Hi Experts,
>
> How to protect Cisco switches (2960G, 3750) if someone insert the direct
> pulled cable from switch into the same switch wall Data outlet while all
> the
> ports have portfast and loop guard filter enabled, I will appreciate all
> suggestions
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> --
> Pavel Bykov
> ----------------
> Don't forget to help stopping the braindumps, use of which reduces value of
> your certifications. Sign the petition at http://www.stopbraindumps.com/
>
>
>
>
> --
> Pavel Bykov
> ----------------
> Don't forget to help stopping the braindumps, use of which reduces value of
> your certifications. Sign the petition at http://www.stopbraindumps.com/
>
>
>
>
> --
> Pavel Bykov
> ----------------
> Don't forget to help stopping the braindumps, use of which reduces value of
> your certifications. Sign the petition at http://www.stopbraindumps.com/
>
--
Pavel Bykov
----------------
Don't forget to help stopping the braindumps, use of which reduces value of
your certifications. Sign the petition at http://www.stopbraindumps.com/
Blogs and organic groups at http://www.ccie.net
Received on Fri May 15 2009 - 21:44:18 ART