[j-nsp] TCN guard on Juniper EX

Phil Fagan philfagan at gmail.com
Mon Sep 16 11:07:11 EDT 2013


Kill layer2; stick with layer3 :-)


On Sat, Sep 14, 2013 at 1:02 AM, joel jaeggli <joelja at bogus.com> wrote:

> segmenting the office from the DC by subnetting seems like a really easy
> win.
>
> On 9/11/13 4:45 AM, Ben Dale wrote:
> > Hi Dennis,
> >
> > The closest thing Junos has at the moment is root-guard, which would
> stop your Netgears assuming root for the topology, but AFAIK TCNs would
> still be accepted and acted upon.
> >
> > Are your netgear boxes manageable?  You can't force ports into edge mode
> to stop this?
> >
> > On 11/09/2013, at 8:18 PM, Dennis Hagens <root at ipaddr.nl> wrote:
> >
> >> Hi All,
> >>
> >> Is there some way to filter out STP TCN BPDU's on a Juniper EX series
> switch?
> >>
> >> We have some old Netgears in our office environment (yes, I need to get
> rid of those) which send TCN's on edge port flaps.
> >> This causes a lot of reconvergence / mac table flushes on our
> datacenter switches, which are connected via layer 2 with the office. We
> currently hooked up an HP switch with TCN  guard to mitigate this, but this
> introduces a SPOF.
> >>
> >> Any ideas?
> >>
> >> Thanks,
> >>
> >> Dennis Hagens
> >> _______________________________________________
> >> juniper-nsp mailing list juniper-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/juniper-nsp
> >>
> >
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>



-- 
Phil Fagan
Denver, CO
970-480-7618


More information about the juniper-nsp mailing list