RE: Hub connected to an access port

Well, I would use bpduguard as you said to start with...this will do what
you want generally if somebody plugs in any kind of switch that actually
runs STP. BUT regarding the hub like you said, or switches that just are
not that advanced you have to dig deeper. How about port-security with a
maximum of 1 MAC address? As soon as more than 1 user MAC address comes on
the port, it will shut down. Of course they could technically have a hub
plugged in with only 1 user but ... Not likely. I think those 2 things will
solve about 99% of your issues.

Regards,

Joe Astorino
CCIE #24347 (R&S)
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
 
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Anantha Subramanian Natarajan
Sent: Monday, June 08, 2009 12:37 AM
To: Cisco certification
Subject: Hub connected to an access port

Hi All,

  I am trying to find an soultion on the below requirement.Any help is
really appreciated.

  The requirement is,an access port should be put in error disabled state if
an switch or hub is connected to that port.I am assuming that having
portfast enabled with bpdu guard feature on it would put the access port on
error disable state if an switch is connected.One problem which I have in
this solution is,if the connected switch has disabled BPDU on that port,how
this access port would knaow about it and put the port in error disable
state.

Also,if the hub is connected,how the access port knows about it, as I am
assuming, Spanning tree protocol only runs on bridges and switches which are
8012.1D compliant and so not in hub.I am thinking,may be I am wrong in this
assumption.Kindly help me to understand the same.

Any other method to acheive the same.

Thanks for the assistance

Regards
Anantha Subramanian Natarajan

Blogs and organic groups at http://www.ccie.net
Received on Mon Jun 08 2009 - 00:44:57 ART