[c-nsp] What is The Best Configuration per Interface (Catalyst Switch 3500)?

[Alexandra Alvarado]

Hello,

We are looking for the best posible configuration to a catyalyst 3550 switch per interface.  Until now we have two types of configuration:

Backbone Example
-----------------------------

interface FastEthernet0/1
 description Backbone
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 ip access-group 135 in
 storm-control broadcast level 5.00
 storm-control multicast level 5.00
 no cdp enable
 arp timeout 1800
 spanning-tree mst 0 cost 200
 spanning-tree mst 1 cost 200
!

Client Interface Example
-------------------------------------

interface FastEthernet0/7
 description Client
 switchport access vlan 139
 switchport mode access
 switchport nonegotiate
 ip access-group 135 in
 storm-control broadcast level 5.00
 storm-control multicast level 5.00
 no cdp enable
 arp timeout 1800
 spanning-tree portfast trunk
 spanning-tree bpduguard enable
 spanning-tree guard root

We have been trying to put two new comands on the "client interface":

switchport block unicast
switchport block multicast

But clients experienced micro down times (2 minutes).

Today was a terrible day.  All network goes down for 3 hours, Initially I suposse was a mstp loop but
it wasn't because I open the phisical loops and we still had the problem. After in the MRTG web page I saw
a client with a high input traffic and after I saw in all switches the same traffic but in the other sens "output".
The problem was a hub or switch of one of my clients.  How can avoid that a client problem cause that my network goes down too?. 

Can somebody recommend to me a best way to configure a switch interface to avoid down times?


Thanks.


Alexandra Alvarado