[e-nsp] EAPS + xSTP + Private VLAN

Eduardo Schoedler listas at esds.com.br
Tue Apr 2 22:16:57 EDT 2013 

By the way, how to include private vlan configuration in this setup?

Thanks!


-- 
Eduardo Schoedler


2013/4/2 Eduardo Schoedler <listas at esds.com.br>

> Hi Luis,
>
> Thanks for the configuration,I'll try here.
>
> Regards,
>
> --
> Eduardo Schoedler
>
>
> 2013/4/1 Luis Mercado <lmercado at logicworks.net>
>
>>  Eduardo,****
>>
>> ** **
>>
>> Your EAPS configuration should not have spanning tree turned on neither
>> the primary nor secondary  ports that are prt of the EAPS ring., however
>> you can turn on spanning-tree on ports that are not ****
>>
>> part of the ring. I have pvst running on stacked  x460 switches when
>> connecting cisco switches to each node on the stack. This will ensure we
>> don’t run into spanning tree issues. The best policy is to keep ****
>>
>> all ports not in use in shutdown this way you can control the whole
>> process. Preconfigure spanning tree etc…. have them connect then unshut the
>> ports.****
>>
>> ** **
>>
>> ** **
>>
>> ** **
>>
>> create vlan "POOL-111"****
>>
>> configure vlan POOL-111 tag 111****
>>
>> ** **
>>
>> Client:****
>>
>> ** **
>>
>> create vlan "POOL-113"****
>>
>> configure vlan POOL-113 tag 113****
>>
>> ** **
>>
>> create vlan "EAPS-CONTROL3"****
>>
>> configure vlan EAPS-CONTROL3 tag 1014****
>>
>> ** **
>>
>> configure vlan POOL-111 add ports 1:29, 2:29 tagged ****
>>
>> configure vlan POOL-113 add ports 1:29, 2:29 tagged ****
>>
>> configure vlan EAPS-CONTROL3 add ports 1:29, 2:29 tagged ****
>>
>> ** **
>>
>> configure eaps fast-convergence on****
>>
>> enable eaps****
>>
>> create eaps EAPS-DOMAIN3****
>>
>> configure eaps EAPS-DOMAIN3 mode master****
>>
>> configure eaps EAPS-DOMAIN3 primary port 1:29****
>>
>> configure eaps EAPS-DOMAIN3 secondary port 2:29****
>>
>> enable eaps EAPS-DOMAIN3****
>>
>> configure eaps EAPS-DOMAIN3 add control vlan EAPS-CONTROL3****
>>
>> configure eaps EAPS-DOMAIN3 add protected vlan POOL-111****
>>
>> configure eaps EAPS-DOMAIN3 add protected vlan POOL-113****
>>
>> ** **
>>
>> ** **
>>
>> I have two cisco switches connected to each slot in the stack. ****
>>
>> ** **
>>
>> 1:4 is really a shared port 1:4 and 2:4****
>>
>> ** **
>>
>> Here is my spanning tree config****
>>
>> ** **
>>
>> ** **
>>
>> configure stpd PVST-POOL111 add vlan POOL-111 ports 1:4 pvst-plus****
>>
>> configure stpd PVST-POOL111 ports mode pvst-plus 1:4****
>>
>> configure stpd PVST-POOL111 ports cost auto 1:4****
>>
>> configure stpd PVST-POOL111 ports priority 16 1:4****
>>
>> configure stpd PVST-POOL111 ports link-type point-to-point 1:4****
>>
>> configure stpd PVST-POOL111 ports edge-safeguard disable 1:4****
>>
>> enable stpd PVST-POOL111 ports 1:4****
>>
>> configure stpd PVST-POOL111 ports mode pvst-plus 1:5****
>>
>> configure stpd PVST-POOL111 ports cost auto 1:5****
>>
>> configure stpd PVST-POOL111 ports priority 16 1:5****
>>
>> configure stpd PVST-POOL111 ports link-type point-to-point 1:5****
>>
>> configure stpd PVST-POOL111 ports edge-safeguard disable 1:5****
>>
>> enable stpd PVST-POOL111 ports 1:5****
>>
>> ** **
>>
>> Regards,****
>>
>> ** **
>>
>> -LM****
>>
>> ** **
>>
>> *From:* extreme-nsp-bounces at puck.nether.net [mailto:
>> extreme-nsp-bounces at puck.nether.net] *On Behalf Of *Eduardo Schoedler
>> *Sent:* Monday, April 01, 2013 6:27 PM
>> *To:* Extreme NSP
>> *Subject:* [e-nsp] EAPS + xSTP + Private VLAN****
>>
>> ** **
>>
>> Hello everyone,****
>>
>> ** **
>>
>> First of all, sorry my bad english :).****
>>
>> ** **
>>
>> I have an metroethernet network runing in extreme networks x350 switches.
>> ****
>>
>> It's a ring network, working with EAPS.****
>>
>> But in some times, my field crew loops the ring in some port.****
>>
>> ** **
>>
>> So I noticed that EAPS don't cover this, only ring failure.****
>>
>> That's why I think to run a xSTP instance, to block the port with in loop.
>> ****
>>
>> ** **
>>
>> That will work?****
>>
>> How to prevent to the xSTP don't block forwarding the ring ports?****
>>
>> Someone can help me with this configuration?****
>>
>> ** **
>>
>> In time, how I can configure Private VLAN in ports of some vlans in this
>> setup?****
>>
>> My idea is to provide layer2 isolation between customers.****
>>
>> ** **
>>
>> Thanks in advance.****
>>
>> ** **
>>
>> Regards,****
>>
>> **
>>
>> -- ****
>>
>> Eduardo Schoedler
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/extreme-nsp/attachments/20130402/21148b21/attachment-0001.html>

More information about the extreme-nsp mailing list