RE: Portfast Clarification

Sarah don't let the terms confuse you. When you use the command
"spanning-tree guard root" on a port (which ideally is to be used on a root
bridge) you are protecting the election of the root bridge. When you use
the command "spanning-tree bpdu enable" on a portfast interface or you use
the global command spanning-tree bpdu default, this will prevent bpdu
traffic from being carried on a portfast enabled port. In otherwords it is
used to prevent loop when a brigde / switch is plugged into a portfast
enabled interface. I think the port will go into an inconsistent state.

Example:
I have 3 switches plugged together. I elect one of them as my root and
place the command "spanning-tree guard root" where the other two plug into
my elected root. This will not let any of the other 2 switches overthrow my
elected root switch even if they have lower bpdu id.

Now on any of the other two I intend plugging pc's so I configure the ports
as portfast and place the command "spanning-tree bpdu enable" on the ports.
Some guy from space comes and removes the pc and plugs a switch. As soon as
he does that the port transitions into "inconsistent state" (if you do "sho
int status" you will see this state). This will prevent that plugged switch
from causing a loop on my network.

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Sarad
Sent: Monday, November 30, 2009 9:39 PM
To: Babatunde Sanda
Cc: Cisco certification
Subject: Re: Portfast Clarification

Hi Sanda,

Is it Root guard or BPDU gurd which used on a root brigde to protect it from
being overthrown by a switch with lower root id. ?

The other observation is even though I enable the portfast I noticed that it
runs STP once it detect a loop.

Thanks

Sara

On Tue, Dec 1, 2009 at 11:04 AM, Babatunde Sanda
<sbabatunde1_at_ca.rr.com>wrote:

>
>
> Portfast disables spanning-tree. Bpdu-guard is used on a root brigde to
> protect it from being overthrown by a switch with lower root id. Bpdu
filter
> will listen for bpdu trafic on the ports it's configured and drop it. Your
> number 1 observation is right. This features are not enabled automatically
> after enabling portfast.
>
> Observation 2. Since portfast disables spanning tree, a switch plugged
into
> such port runs the risk of loop because it doesn't know where to "fall"
the
> tree. And this ports will stay the way they are until you intervain by
> changing the port state.
>
>
> Sent from my Iphone.
>
> On Nov 30, 2009, at 9:10 PM, Sarad <tosara_at_gmail.com> wrote:
>
> Hi Experts,
>>
>> I have created some labs on stp portfast & had some observations. I would
>> like to verify whether my observations are correct with you all. My
>> observations are as follows.
>>
>>
>> 1. If I enable portfast default on the switch or portfast on a
>> particular
>> interface will BPDU filter or BPDU gurad get enable by default
>> (irrespective
>> of trunk or access port)?My observation is no
>>
>>
>> 2. If not it will create a temporary loop on the network if there are
>> switches configured on the ports with portfast enable but after few
>> seconds
>> stp will run on those ports & move those ports to forwarding or blocking
>> stage.
>>
>> Thank you in advance
>>
>> Sara
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>>
>
>
> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon Nov 30 2009 - 22:07:02 ART