[e-nsp] EAPS + xSTP + Private VLAN

Eduardo Schoedler listas at esds.com.br
Tue Apr 2 16:01:36 EDT 2013 

Hi Luis,

Thanks for the configuration,I'll try here.

Regards,

-- 
Eduardo Schoedler


2013/4/1 Luis Mercado <lmercado at logicworks.net>

>  Eduardo,****
>
> ** **
>
> Your EAPS configuration should not have spanning tree turned on neither
> the primary nor secondary  ports that are prt of the EAPS ring., however
> you can turn on spanning-tree on ports that are not ****
>
> part of the ring. I have pvst running on stacked  x460 switches when
> connecting cisco switches to each node on the stack. This will ensure we
> don’t run into spanning tree issues. The best policy is to keep ****
>
> all ports not in use in shutdown this way you can control the whole
> process. Preconfigure spanning tree etc…. have them connect then unshut the
> ports.****
>
> ** **
>
> ** **
>
> ** **
>
> create vlan "POOL-111"****
>
> configure vlan POOL-111 tag 111****
>
> ** **
>
> Client:****
>
> ** **
>
> create vlan "POOL-113"****
>
> configure vlan POOL-113 tag 113****
>
> ** **
>
> create vlan "EAPS-CONTROL3"****
>
> configure vlan EAPS-CONTROL3 tag 1014****
>
> ** **
>
> configure vlan POOL-111 add ports 1:29, 2:29 tagged ****
>
> configure vlan POOL-113 add ports 1:29, 2:29 tagged ****
>
> configure vlan EAPS-CONTROL3 add ports 1:29, 2:29 tagged ****
>
> ** **
>
> configure eaps fast-convergence on****
>
> enable eaps****
>
> create eaps EAPS-DOMAIN3****
>
> configure eaps EAPS-DOMAIN3 mode master****
>
> configure eaps EAPS-DOMAIN3 primary port 1:29****
>
> configure eaps EAPS-DOMAIN3 secondary port 2:29****
>
> enable eaps EAPS-DOMAIN3****
>
> configure eaps EAPS-DOMAIN3 add control vlan EAPS-CONTROL3****
>
> configure eaps EAPS-DOMAIN3 add protected vlan POOL-111****
>
> configure eaps EAPS-DOMAIN3 add protected vlan POOL-113****
>
> ** **
>
> ** **
>
> I have two cisco switches connected to each slot in the stack. ****
>
> ** **
>
> 1:4 is really a shared port 1:4 and 2:4****
>
> ** **
>
> Here is my spanning tree config****
>
> ** **
>
> ** **
>
> configure stpd PVST-POOL111 add vlan POOL-111 ports 1:4 pvst-plus****
>
> configure stpd PVST-POOL111 ports mode pvst-plus 1:4****
>
> configure stpd PVST-POOL111 ports cost auto 1:4****
>
> configure stpd PVST-POOL111 ports priority 16 1:4****
>
> configure stpd PVST-POOL111 ports link-type point-to-point 1:4****
>
> configure stpd PVST-POOL111 ports edge-safeguard disable 1:4****
>
> enable stpd PVST-POOL111 ports 1:4****
>
> configure stpd PVST-POOL111 ports mode pvst-plus 1:5****
>
> configure stpd PVST-POOL111 ports cost auto 1:5****
>
> configure stpd PVST-POOL111 ports priority 16 1:5****
>
> configure stpd PVST-POOL111 ports link-type point-to-point 1:5****
>
> configure stpd PVST-POOL111 ports edge-safeguard disable 1:5****
>
> enable stpd PVST-POOL111 ports 1:5****
>
> ** **
>
> Regards,****
>
> ** **
>
> -LM****
>
> ** **
>
> *From:* extreme-nsp-bounces at puck.nether.net [mailto:
> extreme-nsp-bounces at puck.nether.net] *On Behalf Of *Eduardo Schoedler
> *Sent:* Monday, April 01, 2013 6:27 PM
> *To:* Extreme NSP
> *Subject:* [e-nsp] EAPS + xSTP + Private VLAN****
>
> ** **
>
> Hello everyone,****
>
> ** **
>
> First of all, sorry my bad english :).****
>
> ** **
>
> I have an metroethernet network runing in extreme networks x350 switches.*
> ***
>
> It's a ring network, working with EAPS.****
>
> But in some times, my field crew loops the ring in some port.****
>
> ** **
>
> So I noticed that EAPS don't cover this, only ring failure.****
>
> That's why I think to run a xSTP instance, to block the port with in loop.
> ****
>
> ** **
>
> That will work?****
>
> How to prevent to the xSTP don't block forwarding the ring ports?****
>
> Someone can help me with this configuration?****
>
> ** **
>
> In time, how I can configure Private VLAN in ports of some vlans in this
> setup?****
>
> My idea is to provide layer2 isolation between customers.****
>
> ** **
>
> Thanks in advance.****
>
> ** **
>
> Regards,****
>
> **
>
> -- ****
>
> Eduardo Schoedler
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/extreme-nsp/attachments/20130402/4dfff8d5/attachment.html>

More information about the extreme-nsp mailing list