[c-nsp] backup with STP
Andris Zarins
andris.zarins at microlink.lv
Wed Sep 28 09:22:09 EDT 2005
Yes, in that case you must have per-customer STP instance, and customer
could do what he likes with that instance. It works, of course, but by
my opinion - it's definitely not the best practice to allow customer to
manipulate with something inside SP network, exception might be some
routing inside VRF, when SP can control what customer is doing.
Besides - per-customer STP instance can finally grow into MST-RSTP
hybrid :) (if there is MST inside SP network), that operates by MST
principles, but has per-VLAN STP instance.. I don't like that idea
Andris
-----Original Message-----
From: Gert Doering [mailto:gert at greenie.muc.de]
Sent: Wednesday, September 28, 2005 4:15 PM
To: Andris Zarins
Cc: sthaug at nethelp.no; bambi at hughes.com.au; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] backup with STP
Hi,
On Wed, Sep 28, 2005 at 04:06:27PM +0300, Andris Zarins wrote:
> Second - completely agree with Aivars - don't run any kind of STP with
> devices NOT under your control. Interoperability is only one of
problems
> you might face, perhaps even not the most painful one. Imagine that
> under some conditions, customer starts telling your network, that his
> device is the root bridge, and if your network believes it, I guess
that
> might mean somewhat like 'dead end'...
Well, of course you'll only run STP with the customer equipment for
those VLANs that their stuff is on - so all they can do is hose their
own VLAN.
Running an open trunk with all internal VLANs toward customer equipment
is much more dangerous than just STP issues.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
gert at greenie.muc.de
fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list