[j-nsp] EX switches and bpdu-block-on-edge
Chuck Anderson
cra at WPI.EDU
Mon Jan 14 12:49:22 EST 2013
On Mon, Jan 14, 2013 at 12:04:26PM +0100, Pierre-Yves Maunier wrote:
> Hi,
>
> I have a quick question about the bpdu-block-on-edge feature on EX switches.
>
> I think I have the good configuration for what I want to achieve but I'd
> like some feedback before I put that info production.
>
> I have top of rack EX switches : all ports except the uplink one should not
> receive bpdus and should be blocked if they received some.
>
> I've made the following sample configuration, which given my lab tests,
> works great :
>
> ge-0/0/24 is the uplink
>
> My question is : I have a more-specific config on ge-0/0/24 that over-ride
> the edge statement in "interface all". But as it's not a interface all
> "mode" edge but directly interface all edge, I'd like to be sure the 'edge'
> statement will never be applied to ge-0/0/24 resulting in a really bad
> behaviour in a production environment (shutdown the switch uplink).
>
> protocols {
> mstp {
> bridge-priority 60k;
> interface ge-0/0/24.0 {
> mode point-to-point;
> }
> interface all {
> edge;
> }
> bpdu-block-on-edge;
> }
> }
> ethernet-switching-options {
> bpdu-block {
> disable-timeout 300;
> }
> }
That's correct. I would generally do bpdu-timeout-action for uplinks
and leave the point-to-point mode to autodetection:
interface ge-0/0/24.0 {
bpdu-timeout-action {
block;
}
}
And on the other end of the uplink (i.e. the downstream, or "downlink"
port):
interface ge-x/y/z.0 {
no-root-port;
}
More information about the juniper-nsp
mailing list