I'm not 100% but I don't think BPDUs are limited to trunks; hypothetically it would only takes one device with one port configured with BPDU filter to cause a loop, either a trunk or access port.
On Sat, Apr 6, 2013 at 2:36 AM, Tony Singh <[email protected]> wrote: > AFAIK need to lab it but theoretically the trunk with bpdu filter both > ends and permitting all vlans is looping as its forwarding dot1q/isl frames > that have traffic on, good commands to check this would be sh int xx for 5 > min input & show processes cpu > > I'm sure Marko will correct me of I'm completely out of touch :) > > -- > BR > > Sent from my iPhone on 3 > > On 5 Apr 2013, at 21:41, Josh Miller <[email protected]> wrote: > > Just to make sure we're on the same page, if both switches were configured > identically except one switch had BPDU filtering set one port going to the > other switch, then it would allow a loop in the topology as either switch's > STP would be unaware of the additional link. I don't think the port with > BPDU filtering would ever go into the blocking state. However, I'm not sure > if the port starts in blocking state when it comes up. > > > On Fri, Apr 5, 2013 at 11:38 PM, Tony Singh <[email protected]> wrote: > >> Say a simple topology two switches connected together via two fe links >> one running STP the other not but with bpdu filter both ends of the trunk >> >> One end of the STP trunk we have blocking and one end forwarding but the >> trunk with filter enabled would possibly create a loop right....? >> >> >> -- >> BR >> >> Tony >> >> Sent from my iPad >> >> On 5 Apr 2013, at 10:43, Josh Miller <[email protected]> wrote: >> >> A port configured with BPDU filtering will not send or receive BPDU >> frames with another device. If there's a loop in the layer 2 topology >> involving a port configured with BPDU filtering you'll see error messages >> in the log about MAC addresses flipping from one port to another over and >> over again. Enabling BPDU filter essentially disables spanning tree on that >> port. >> >> As far as root elections go, it doesn't directly influence that. It can >> prevent a switch from participating in the election process altogether if >> BPDU filtering is segmenting the spanning tree topology. >> >> >> >> On Fri, Apr 5, 2013 at 11:50 AM, <[email protected]> wrote: >> >>> Do you mean if it is not configured under the right interfaces ? In this >>> case it can cause root bridge election problems and ports going for >>> learning to blocking several times >>> >>> >>> -----Original Message----- >>> From: Marko Milivojevic <[email protected]> >>> Sender: [email protected] >>> Date: Thu, 4 Apr 2013 13:33:18 >>> To: Tony Singh<[email protected]> >>> Cc: OSL Routing and Switching<[email protected]> >>> Subject: Re: [OSL | CCIE_RS] Portfast LOOP >>> >>> BPDUs are not *added* to the frames. They are separate control frames >>> sent >>> by the switches. BPDU Filter does not create temporary loops, if used >>> improperly it creates permanent loops that can bring down the whole >>> network. >>> >>> -- >>> Marko Milivojevic - CCIE #18427 (SP R&S) >>> Senior CCIE Instructor / Managing Partner - IPexpert >>> >>> >>> On Thu, Apr 4, 2013 at 12:51 PM, Tony Singh <[email protected]> >>> wrote: >>> >>> > >>> > Hi Marko >>> > >>> > Can you expand if possible on why bpdu filter would cause temp loops? >>> Are >>> > you saying that the bpdu is stripped from an Ethernet frame when this >>> > happens? >>> > >>> > This may be a stupid question but when we filter bpdu's then I presume >>> > this doesn't include the whole 802.3 frame, as I understand it a bpdu >>> is >>> > added to the payload of the 802.3 Ethernet frame and is 35 bytes in >>> size or >>> > am I going completely off the scales here and have I got knowledge >>> gaps... >>> > >>> > Or are we talking STP BPDU's for control only... >>> > >>> > To picture my understanding: >>> > >>> > >>> > >>> http://www.google.co.uk/search?q=bpdu+where+in+ethernet+frame&oe=UTF-8&hl=en&client=safari&um=1&ie=UTF-8&tbm=isch&source=og&sa=N&tab=wi&ei=RNRdUaedD4iL4AT6roCwAw&biw=768&bih=928&sei=SNRdUeKnIei00QW54YHoAQ#biv=i%7C4%3Bd%7CgoRoh1hn961EyM%3A >>> > >>> > -- >>> > BR >>> > >>> > Tony >>> > >>> > Sent from my iPad >>> > >>> > On 4 Apr 2013, at 19:49, Marko Milivojevic <[email protected]> >>> wrote: >>> > >>> > > That's a very valid question and one that I get asked often :-) >>> > > >>> > > Generally speaking, you are right - as soon as PortFast receives a >>> BPDU >>> > it >>> > > will be disabled and the port transitioned into the appropriate state >>> > > (remain forwarding or end up being blocked/discarding). >>> > > >>> > > However… >>> > > >>> > > There is that brief period of time before a BPDU has been received >>> during >>> > > which, depending on the amount of the traffic in your network, bad >>> things >>> > > could happen due to the loop that was briefly formed. >>> > > >>> > > I personally think that warning message is misplaced. It should >>> appear >>> > when >>> > > you configure BPDU Filter on the interface and not PortFast, but >>> that's >>> > > just me :-) >>> > > >>> > > -- >>> > > Marko Milivojevic - CCIE #18427 (SP R&S) >>> > > Senior CCIE Instructor / Managing Partner - IPexpert >>> > > >>> > > >>> > > On Thu, Apr 4, 2013 at 2:39 AM, Quentin Huberty < >>> > [email protected]>wrote: >>> > > >>> > >> Hi all,**** >>> > >> >>> > >> ** ** >>> > >> >>> > >> Is anybody know why the message below appears when portfast is >>> > activated ? >>> > >> **** >>> > >> >>> > >> ** ** >>> > >> >>> > >> %Warning: this command enables portfast by default on all >>> interfaces. >>> > You* >>> > >> *** >>> > >> >>> > >> should now disable portfast explicitly on switched ports leading to >>> > hubs, >>> > >> **** >>> > >> >>> > >> switches and bridges as they may create temporary bridging >>> loops.**** >>> > >> >>> > >> ** ** >>> > >> >>> > >> I mean, I tested and each time I received BPDU on interface where >>> > portfast >>> > >> is enabled (per interface or globally) the portfast is automatically >>> > >> disabled and STP run...**** >>> > >> >>> > >> ** ** >>> > >> >>> > >> How a loop can be created ? >>> > >> >>> > > _______________________________________________ >>> > > For more information regarding industry leading CCIE Lab training, >>> > please visit www.ipexpert.com >>> > > >>> > > Are you a CCNP or CCIE and looking for a job? Check out >>> > www.PlatinumPlacement.com >>> > > >>> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> > >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> >> >> > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
