That's totally beyond the scope of STP or its original purpose. I doubt Radia Perlman cares or even dreamed of this when she invented STP while at DEC when your parents where in high school.
I suggest you look at a layer design where subnets are scoped only to a local layer 3 switch and you run OSPF MD5 authentication between each device.
-Joe
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of CCIE KID
Sent: Thursday, January 12, 2012 1:22 PM
To: Cisco certification; CCIE OSL
Subject: OT: Authentication in STP
Hi fellas,
My customer is asking for any authentication in STP. Can someone tell me that if there is any Authentication mechanism in STP to validate to correct birdges with some hash value and try to avoid rogue bridges with this. I searched in RFC's and i guess there is no Authentication mechanism in STP .
So is there any other IEEE standard for STP Authentication.
I found Cisco Proprietary Root Guards which basically tells avoid any superior BPDUs and avoid that port as Root port.
I know Root Guard doesnt do any authentication . But is there any other mechnaism where can do authenticating the bridges in STP logic
I believe Radia Perlman is still kicking for this :)
-- With Warmest Regards, CCIE KID CCIE#29992 (Security) Blogs and organic groups at http://www.ccie.netReceived on Thu Jan 12 2012 - 22:25:10 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 02 2012 - 11:52:51 ART