[c-nsp] Supress STP on a port?

Michael K. Smith - Adhost mksmith at adhost.com
Thu Mar 12 02:57:02 EDT 2009


I echo what Lincoln said as loudly as I can without typing in all caps.  If you enable filtering and you get a second path somehow or somewhere (customers can be very helpful by doing "stuff" when you're not looking), you will loop up your entire network.  This will happen at 3 am 2 years from now on a Sunday when you're out of town and your front line tech is asleep in a hut somewhere.  Trust me.  BPDU-filter bad.  Really.

Mike

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Lincoln Dale
> Sent: Wednesday, March 11, 2009 11:43 PM
> To: skeeve at skeeve.org
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Supress STP on a port?
> 
> its a matter of SHOULD you.  enabling eating BPDUs is never a wise thing
> IMHO.
> 
> not sure what you're looking for exactly - are you looking to have
> multiple VLANs on a port, but not have that port as a 'network' port?
> 
> if so, why not enable it as 'edge trunk' port?  best of both worlds &
> keep your STP protective measures in place (loop guard et al) ?
> 
> 
> 
> cheers,
> 
> lincoln.
> 
> Skeeve Stevens wrote:
> > What about if it is a trunk port... which isn't portfasted.... and  you can
> > only do that command on a portfast port yes?
> >
> > ...Skeeve
> >
> > -----Original Message-----
> > From: Giovanni Torres [mailto:torresgi at ninds.nih.gov]
> > Sent: Tuesday, 10 March 2009 11:35 PM
> > To: skeeve at skeeve.org
> > Cc: cisco-nsp at puck.nether.net
> > Subject: Re: [c-nsp] Supress STP on a port?
> >
> > Switch(config-if)# spanning-tree bpdufilter enable
> >
> > Skeeve Stevens wrote:
> >
> >> Is it possible to suppress STP on a specific port?
> >>
> >> .Skeeve
> >>
> >> --
> >> Skeeve Stevens, RHCE
> >> skeeve at skeeve.org / www.skeeve.org
> >> Cell +61 (0)414 753 383 / skype://skeeve
> >>
> >> eintellego - skeeve at eintellego.net - www.eintellego.net
> >> --
> >> I'm a groove licked love child king of the verse
> >> Si vis pacem, para bellum
> >>
> >>
> >> _______________________________________________
> >> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >>
> >>
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 474 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090311/85db5d8e/attachment.bin>


More information about the cisco-nsp mailing list