Switching

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Understanding edge ports in spanning tree protocol

    Posted 02-24-2017 03:15

    Hello all,

    I was tring to understand how I could configure my EX switches to protect agains loops.

    I have an EX device which works as an access device connected to a distribution switch.via xe port.

    Then all the other ge ports should be connected to a non-switch.

    What should be the best configuration to prevent acciental loop generated by connecting a ge port to another one on the sama device?

    If I am not mistaken the port connected to a non-switch device can be configured as edge port to speed up the rstp process so they put themself in forward mode immediately.  But what happen if I connect two of them each other?

     

    Thank You

     

    Rebards

     

    M.

     


    #edgeportrstpstpspanningtree


  • 2.  RE: Understanding edge ports in spanning tree protocol

     
    Posted 02-24-2017 17:48

    This situation is protected generally by storm control.  Basic settings are enabled by default on a number of the common access layer switch models.

     

    https://www.juniper.net/techpubs/en_US/junos12.3/topics/example/rate-limiting-storm-control-configuring.html



  • 3.  RE: Understanding edge ports in spanning tree protocol

    Posted 02-26-2017 03:19

    Spanning tree will tke care of loops. However the example you reference does not sound like a mistake any admin is likely to commit. If there is a suspicion that could happen, then disable all ports not in use. That is much more secure and would ensure that unused ports are not accidentally involved in any such loops. If you are concerned about another switch necoming root bridge then you have rootguard for that.



  • 4.  RE: Understanding edge ports in spanning tree protocol

     
    Posted 02-26-2017 05:30

    You can configure an access-port group for all the edge ports on the access switch. Then the group as a whole can be configured for bpdu-block-on-edge. This will make sure to disable any edge ports that will receive BPDU packets from the downstream devices. You would also want to set a bridge priority of 0 to your root bridge ( this could be your distribution switch for this case). You can configure the no-root-port statement on your root bridge as well, this will make sure to block any superior BPDU received from downstream devices, which helps in unnncessarily changing the STP topology. Basically, you should avoid closed form architecturs on your switching topology such as triangle, square or any irregular closed form as much as possible to prevent loops.


  • 5.  RE: Understanding edge ports in spanning tree protocol

    Posted 02-26-2017 23:43

    @biraj wrote:

    You can configure an access-port group for all the edge ports on the access switch. Then the group as a whole can be configured for bpdu-block-on-edge.

    I figured out how to configure the group. It should be something like this:

     

    protocols {
        rstp {
            bpdu-block-on-edge;
        }
    }
    ethernet-switching-options {
        bpdu-block {
            disable-timeout 10;
        }
    }

     

    I tought to put there also the "edge" setting but I cannot figure out how to do this.

    Shoudl I set any port one by one when I put them in the group?

     



  • 6.  RE: Understanding edge ports in spanning tree protocol

    Posted 02-27-2017 10:59

    You can use configuration groups for this purpose, however I would suggest that using configuration groups is an advanced configuration feature that if you plan on using it, you must understand how it will be displayed or not, and use it consistently accros the network so as to avoid confusion.


    set protocols rstp interface all edge
    set protocols rstp interface ge-0/0/0.0 disable (any interface that you wish to disable rstp on)



  • 7.  RE: Understanding edge ports in spanning tree protocol

     
    Posted 02-28-2017 09:04

    One way you can use group is the following:

     

    set interfaces interface-range access-interfaces member-range ge-0/0/0 to ge-0/0/20

    set protocols rstp interface access-interfaces edge

     

     

    Please mark this solution as complete if it addresses your quesiton.