Netbrain
Home NetBrain Product One-Skill-at-a-Time Search Mark Forums Read
Go BackThe Net-BrainerOne-Skill-at-a-Time Guard root or PostFast BPDU guard?

Reply
 
Thread Tools Search this Thread Display Modes
Old 03-17-2010, 09:42 PM
ashley ashley is offline
 
Join Date: Jan 2010
Posts: 18
Default Guard root or PostFast BPDU guard?

Hello,

I have two Cat6500 running CatOS as access switches to my servers farms, I have enabled portfast per port basis where needed and enabled portfast bpdu guard globally, so my question is how about guard root? Do I need to enable this features? because as each ports connected to the servers with portfast bpdu guard enabled cannot receive bpdu and thus cannot receive a new root information from this port?

Thanks for your answer.
Reply With Quote
Old 03-19-2010, 12:13 AM
m.stone m.stone is offline
 
Join Date: Dec 2009
Posts: 29
Default Re: Guard root or PostFast BPDU guard?

You usually enable loop guard on you uplink ports connecting to other switches and not on you access ports.

Please reference this documet for more info with examples:

http://www.cisco.com/en/US/tech/tk38...tml#loop_guard

HTH
Reply With Quote
Old 03-22-2010, 09:33 PM
David.C David.C is offline
 
Join Date: May 2009
Posts: 118
Default Re: Guard root or PostFast BPDU guard?

Hello Ashley,

I agree in your case you should be fine if you have deployed STP bdpu guard on all access ports.
Reply With Quote
Old 03-24-2010, 10:49 PM
Chris Chris is offline
 
Join Date: Jun 2009
Posts: 74
Default Re: Guard root or PostFast BPDU guard?

The Guard root is usually configured on a port connected to another switch which could have a probability of sending lower priority BPDUs which could cause your manually configured root switch to become a designated bridge.

Since your two switches are access switches connected to a server farm ONLY, a portfast command is all that is needed which will enable them to transition faster.

Instead of a BPDU guard, it would be advisable to put a bpdufilter in place as bpduguard will put that port into "errdisable" state when it detects a bpdu packet (if by accident you do put a switch on a port on these switches), whereas bpdufilter will drop the STP bpdu packets.
Reply With Quote
Reply

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Forum Jump

All times are GMT -4. The time now is 02:11 AM.
Powered by vBulletin
Copyright 2000-2010 Jelsoft Enterprises Limited.
Copyright 2009 NetBrain, Inc. All rights reserved.