AFAIK need to lab it but theoretically the trunk with bpdu filter both ends and permitting all vlans is looping as its forwarding dot1q/isl frames that have traffic on, good commands to check this would be sh int xx for 5 min input & show processes cpu
I'm sure Marko will correct me of I'm completely out of touch :) -- BR Sent from my iPhone on 3 On 5 Apr 2013, at 21:41, Josh Miller <[email protected]> wrote: > Just to make sure we're on the same page, if both switches were configured > identically except one switch had BPDU filtering set one port going to the > other switch, then it would allow a loop in the topology as either switch's > STP would be unaware of the additional link. I don't think the port with BPDU > filtering would ever go into the blocking state. However, I'm not sure if the > port starts in blocking state when it comes up. > > > On Fri, Apr 5, 2013 at 11:38 PM, Tony Singh <[email protected]> wrote: > Say a simple topology two switches connected together via two fe links one > running STP the other not but with bpdu filter both ends of the trunk > > One end of the STP trunk we have blocking and one end forwarding but the > trunk with filter enabled would possibly create a loop right....? > > > -- > BR > > Tony > > Sent from my iPad > > On 5 Apr 2013, at 10:43, Josh Miller <[email protected]> wrote: > >> A port configured with BPDU filtering will not send or receive BPDU frames >> with another device. If there's a loop in the layer 2 topology involving a >> port configured with BPDU filtering you'll see error messages in the log >> about MAC addresses flipping from one port to another over and over again. >> Enabling BPDU filter essentially disables spanning tree on that port. >> >> As far as root elections go, it doesn't directly influence that. It can >> prevent a switch from participating in the election process altogether if >> BPDU filtering is segmenting the spanning tree topology. >> >> >> >> On Fri, Apr 5, 2013 at 11:50 AM, <[email protected]> wrote: >> Do you mean if it is not configured under the right interfaces ? In this >> case it can cause root bridge election problems and ports going for learning >> to blocking several times >> >> >> -----Original Message----- >> From: Marko Milivojevic <[email protected]> >> Sender: [email protected] >> Date: Thu, 4 Apr 2013 13:33:18 >> To: Tony Singh<[email protected]> >> Cc: OSL Routing and Switching<[email protected]> >> Subject: Re: [OSL | CCIE_RS] Portfast LOOP >> >> BPDUs are not *added* to the frames. They are separate control frames sent >> by the switches. BPDU Filter does not create temporary loops, if used >> improperly it creates permanent loops that can bring down the whole network. >> >> -- >> Marko Milivojevic - CCIE #18427 (SP R&S) >> Senior CCIE Instructor / Managing Partner - IPexpert >> >> >> On Thu, Apr 4, 2013 at 12:51 PM, Tony Singh <[email protected]> wrote: >> >> > >> > Hi Marko >> > >> > Can you expand if possible on why bpdu filter would cause temp loops? Are >> > you saying that the bpdu is stripped from an Ethernet frame when this >> > happens? >> > >> > This may be a stupid question but when we filter bpdu's then I presume >> > this doesn't include the whole 802.3 frame, as I understand it a bpdu is >> > added to the payload of the 802.3 Ethernet frame and is 35 bytes in size or >> > am I going completely off the scales here and have I got knowledge gaps... >> > >> > Or are we talking STP BPDU's for control only... >> > >> > To picture my understanding: >> > >> > >> > http://www.google.co.uk/search?q=bpdu+where+in+ethernet+frame&oe=UTF-8&hl=en&client=safari&um=1&ie=UTF-8&tbm=isch&source=og&sa=N&tab=wi&ei=RNRdUaedD4iL4AT6roCwAw&biw=768&bih=928&sei=SNRdUeKnIei00QW54YHoAQ#biv=i%7C4%3Bd%7CgoRoh1hn961EyM%3A >> > >> > -- >> > BR >> > >> > Tony >> > >> > Sent from my iPad >> > >> > On 4 Apr 2013, at 19:49, Marko Milivojevic <[email protected]> wrote: >> > >> > > That's a very valid question and one that I get asked often :-) >> > > >> > > Generally speaking, you are right - as soon as PortFast receives a BPDU >> > it >> > > will be disabled and the port transitioned into the appropriate state >> > > (remain forwarding or end up being blocked/discarding). >> > > >> > > However… >> > > >> > > There is that brief period of time before a BPDU has been received during >> > > which, depending on the amount of the traffic in your network, bad things >> > > could happen due to the loop that was briefly formed. >> > > >> > > I personally think that warning message is misplaced. It should appear >> > when >> > > you configure BPDU Filter on the interface and not PortFast, but that's >> > > just me :-) >> > > >> > > -- >> > > Marko Milivojevic - CCIE #18427 (SP R&S) >> > > Senior CCIE Instructor / Managing Partner - IPexpert >> > > >> > > >> > > On Thu, Apr 4, 2013 at 2:39 AM, Quentin Huberty < >> > [email protected]>wrote: >> > > >> > >> Hi all,**** >> > >> >> > >> ** ** >> > >> >> > >> Is anybody know why the message below appears when portfast is >> > activated ? >> > >> **** >> > >> >> > >> ** ** >> > >> >> > >> %Warning: this command enables portfast by default on all interfaces. >> > You* >> > >> *** >> > >> >> > >> should now disable portfast explicitly on switched ports leading to >> > hubs, >> > >> **** >> > >> >> > >> switches and bridges as they may create temporary bridging loops.**** >> > >> >> > >> ** ** >> > >> >> > >> I mean, I tested and each time I received BPDU on interface where >> > portfast >> > >> is enabled (per interface or globally) the portfast is automatically >> > >> disabled and STP run...**** >> > >> >> > >> ** ** >> > >> >> > >> How a loop can be created ? >> > >> >> > > _______________________________________________ >> > > For more information regarding industry leading CCIE Lab training, >> > please visit www.ipexpert.com >> > > >> > > Are you a CCNP or CCIE and looking for a job? Check out >> > www.PlatinumPlacement.com >> > > >> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs >> > >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> http://onlinestudylist.com/mailman/listinfo/ccie_rs >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> http://onlinestudylist.com/mailman/listinfo/ccie_rs >> > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
