Re: Now I'm confused...

I really don't think bpduguard or bpdufilter or any other feature is going to accomplish what you are looking for there. Bpdufilter simply filters the sending and receiving of BPDUs which effectively disables stp. You will not see listening, learning because the switch will never process the BPDUs it is filtering

Sent from my Verizon Wireless BlackBerry

Regards,

Joe Astorino
CCIE #24347

"He not busy being born is busy dying" - Dylan

-----Original Message-----
From: Michael Kiefer <mjkiefer_at_gmail.com>
Sender: nobody_at_groupstudy.com
Date: Wed, 1 Jun 2011 20:12:37
To: <ccielab_at_groupstudy.com>
Reply-To: Michael Kiefer <mjkiefer_at_gmail.com>
Subject: Now I'm confused...

I have two 3560 48 port TS switches running 12.2.55.SE1 IP-Services. Both
switches are connected with port 13.

My goal is to have the ports in portfast mode and jump back to standard
learning, listening, and forwarding state after detecting a BPDU.

One vendor's material states that this can be accomplished by doing
"spanning-tree portfast bpdugaurd default" globally and then enabling
portfast on the interface. No dice, it goes straight to err-disable.

Another vendor's material states to do "spanning-tree portfast bpdufilter
default" globally and then do portfast on the interface. This seems to work
in the sense that it doesn't kill the port with err-disable. The problem is
the debugs and show spanning-tree never show the listening and learning
states.

SW1 and SW2 config:

global:
spanning-tree mode pvst
spanning-tree portfast bpdufilter default
spanning-tree extend system-id

under each port 13

spanning-tree portfast

Here's the debug output:

*Mar 1 00:29:27.907: Created spanning tree: VLAN0001 (5698310)
*Mar 1 00:29:27.907: Setting spanning tree MAC address: VLAN0001 (5698310)
to 001e.14cc.1100
*Mar 1 00:29:27.907: setting bridge id (which=3) prio 32769 prio cfg 32768
sysid 1 (on) id 8001.001e.14cc.1100
*Mar 1 00:29:27.907: STP PVST: Assigned bridge address of 001e.14cc.1100
for VLAN0001 [1] @ 5698310.
*Mar 1 00:29:27.907: Enabling spanning tree optimized bpdu tx for VLAN0001
(5698310)
*Mar 1 00:29:27.907: Starting spanning tree: VLAN0001 (5698310)
*Mar 1 00:29:27.907: set portid: VLAN0001 Fa0/13: new port id 800F
*Mar 1 00:29:27.907: Created spanning tree port Fa0/13 (460217C) for tree
VLAN0001 (5698310)
*Mar 1 00:29:27.907: STP: PVST vlan 1 port Fa0/13 created, ext id 4B65F48
*Mar 1 00:29:27.907: Enabling spanning tree port: FastEthernet0/13
(460217C)
*Mar 1 00:29:27.907: STP: VLAN0001 Fa0/13 ->jump to forwarding from
blocking <-----------------------------
*Mar 1 00:29:29.870: STP: VLAN0001 heard root 32769-001b.d53e.b700 on
Fa0/13
*Mar 1 00:29:29.870: supersedes 32769-001e.14cc.1100
*Mar 1 00:29:29.870: STP: VLAN0001 new root is 32769, 001b.d53e.b700 on
port Fa0/13, cost 19
*Mar 1 00:29:29.903: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed
state to up
*Mar 1 00:29:29.903: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:30.910: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:30.910: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/13, changed state to up
*Mar 1 00:29:31.917: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:32.923: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:33.930: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:34.937: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:35.943: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:36.950: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:29:37.957: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:30:09.926: STP: VLAN0001 we are the spanning tree root
*Mar 1 00:30:09.926: STP: VLAN0001 heard root 32769-001b.d53e.b700 on
Fa0/13
*Mar 1 00:30:09.926: supersedes 32769-001e.14cc.1100
*Mar 1 00:30:09.926: STP: VLAN0001 new root is 32769, 001b.d53e.b700 on
port Fa0/13, cost 19
*Mar 1 00:30:09.926: STP: VLAN0001 sent Topology Change Notice on Fa0/13
*Mar 1 00:30:37.960: Returning spanning tree port stats: FastEthernet0/13
(460217C)
*Mar 1 00:31:37.964: Returning spanning tree port stats: FastEthernet0/13
(460217C)

The debug clearly shows moving to forwarding from blocking. Then BPDUs are
heard and root port election/tcn takes place. At no time did the port go
into learning and listening state. What am I missing? I can't seem to find
the right combination to accomplish the goal.

TIA,

Mike

Blogs and organic groups at http://www.ccie.net
Received on Thu Jun 02 2011 - 01:15:58 ART