[f-nsp] mstp disable vs no spanning-tree
Nick Hilliard
nick at foobar.org
Wed Feb 6 17:58:34 EST 2013
On 06/02/2013 22:05, Steven Raymond wrote:
> #1 leaves the interface in permanent blocking state. According to
> Brocade tac guy, he says that no traffic except BPDUs are forwarded on
> this interface with this command.
#1 will disable MSTP only on the interface, even if you're running other
STP instances on the switch.
> #2 I believe ceases sending or receiving BPDUs on the interface, and
> leaves it in a permanent forwarding state.
correct.
> What would be the best practice for my ports connecting to customer's L2
> switches, with the goal of isolating & preventing spanning-tree traffic
> exchange?
I use "no spanning-tree" at the interface level.
> In what situations would you choose between "stp-protect", vs "no
> spanning-tree", vs "stp-bpdu-guard" ?
no spanning-tree at the interface level completely stops all varieties of
STP on the interface.
no spanning-tree at the vlan level completely stops all varieties of
multi-vlan STP for that VLAN.
stp-protect causes inbound bpdus to be dropped and counted, and stops stp
negotiation from happening on the port, but as fas I remember, the port
will still be part of the spanning tree topology.
stp-bpdu-guard shuts down the port and puts it into errdisable mode if it
sees a bpdu.
Nick
More information about the foundry-nsp
mailing list