spanning-tree portfast default

if SW1 has spanning-tree portfast default command enabled,

if SW1 has fa0/1 port set as an access port, and then, fa0/1 receives a BPDU,

the question is, will fa0/1 loose its portfast status 

Comments



  • <!--
    /* Font Definitions */
    @font-face
    {font-family:Times;
    panose-1:2 0 5 0 0 0 0 0 0 0;
    mso-font-charset:0;
    mso-generic-font-family:auto;
    mso-font-pitch:variable;
    mso-font-signature:3 0 0 0 1 0;}
    @font-face
    {font-family:"MS ??";
    mso-font-charset:78;
    mso-generic-font-family:auto;
    mso-font-pitch:variable;
    mso-font-signature:-536870145 1791491579 18 0 131231 0;}
    @font-face
    {font-family:"Cambria Math";
    panose-1:2 4 5 3 5 4 6 3 2 4;
    mso-font-charset:0;
    mso-generic-font-family:auto;
    mso-font-pitch:variable;
    mso-font-signature:-536870145 1107305727 0 0 415 0;}
    @font-face
    {font-family:Cambria;
    panose-1:2 4 5 3 5 4 6 3 2 4;
    mso-font-charset:0;
    mso-generic-font-family:auto;
    mso-font-pitch:variable;
    mso-font-signature:-536870145 1073743103 0 0 415 0;}
    /* Style Definitions */
    p.MsoNormal, li.MsoNormal, div.MsoNormal
    {mso-style-unhide:no;
    mso-style-qformat:yes;
    mso-style-parent:"";
    margin:0in;
    margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:12.0pt;
    font-family:Cambria;
    mso-ascii-font-family:Cambria;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"MS ??";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Cambria;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    .MsoChpDefault
    {mso-style-type:export-only;
    mso-default-props:yes;
    font-family:Cambria;
    mso-ascii-font-family:Cambria;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"MS ??";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Cambria;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    @page WordSection1
    {size:8.5in 11.0in;
    margin:1.0in 1.25in 1.0in 1.25in;
    mso-header-margin:.5in;
    mso-footer-margin:.5in;
    mso-paper-source:0;}
    div.WordSection1
    {page:WordSection1;}
    -->

    This is a great explanation from the INE version 5 advanced
    Technology Labs workbook:

     

    Regardless of how portfast is enabled, if BPDUs are received on
    the port, the port will lose its portfast and edge status, and STP port state
    will be negotiated, thus the port may actually transition to blocking.

  • Not what happen to the format from my last post.  Here it is again

    This is a great explanation from the INE version 5 advanced Technology Labs workbook:
    Regardless of how portfast is enabled, if BPDUs are received on the port, the port will lose its portfast and edge status, and STP port state will be negotiated, thus the port may actually transition to blocking.

  • Not sure what happen with the formatting on my last post.  Here it is again:

    This is a great explanation from the INE version 5 advanced Technology Labs workbook:


    Regardless of how portfast is enabled, if BPDUs are received on the port, the port will lose its portfast and edge status, and STP port state will be negotiated, thus the port may actually transition to blocking.

  • JoeMJoeM ✭✭✭

    It will not lose the portfast status, but its reaction will be different, depending on the configuration of both sides.   This is the reason for warnings.

    Here are some commands to test this.

    debug spanning-tree bpdu   <-- to see the reaction of the port

    show spanning-tree vlan 10 interface f1/0  <-- to see the port status

    show spanning-tree vlan 10 summary

    show spanning-tree vlan 10 inconsistent

     

    TEST 1: ..with both sides as access-ports (vlan 10)

    note: R1 using portfast directly on the interface. I believe this should be the same for the global default command.

    R1#sh spanning-tree vlan 10 inter f1/0
     Port 41 (FastEthernet1/0) of VLAN10 is forwarding
       Port path cost 19, Port priority 128, Port Identifier 128.41.
       Designated root has priority 32768, address c200.1cc4.0000
       Designated bridge has priority 32768, address c200.1cc4.0000
       Designated port id is 128.41, designated path cost 0
       Timers: message age 0, forward delay 0, hold 0
       Number of transitions to forwarding state: 1
       BPDU: sent 14, received 2
       The port is in the portfast mode

    R1#sh spanning-tree vlan 10 sum
    Root bridge for VLAN10 is this bridge.
    PortFast BPDU Guard is disabled
    UplinkFast is disabled
    BackboneFast is disabled

    Name                 Blocking Listening Learning Forwarding STP Active
    -------------------- -------- --------- -------- ---------- ----------
    VLAN10               0        0         0                 1

     

    TEST 2: access port on R1. trunk (native vlan 10) on R2

    R1#sh spanning-tree vlan 10 inter f1/0
     Port 41 (FastEthernet1/0) of VLAN10 is broken (Port Type Mismatch)
       Port path cost 19, Port priority 128, Port Identifier 128.41.
       Designated root has priority 32768, address c200.1cc4.0000
       Designated bridge has priority 32768, address c200.1cc4.0000
       Designated port id is 128.41, designated path cost 0
       Timers: message age 1, forward delay 14, hold 0
       Number of transitions to forwarding state: 1
       BPDU: sent 4, received 3
       The port is in the portfast mode

    R1#sh spanning-tree vlan 10 sum
    Root bridge for VLAN10 is this bridge.
    PortFast BPDU Guard is disabled
    UplinkFast is disabled
    BackboneFast is disabled

    Name                 Blocking Listening Learning Forwarding STP Active
    -------------------- -------- --------- -------- ---------- ----------
    VLAN10                      0         0        0          1

    R1#sh spanning-tree vlan 10 inconsistentports

    Name                 Interface            Inconsistency
    -------------------- -------------------- ------------------
    VLAN10               FastEthernet1/0      Port Type Mismatch

    Number of inconsistent ports (segments) in VLAN10 : 1

  • JoeMJoeM ✭✭✭

    For me, we first need to think about the purpose of portfast.    

    Portfast allows the port to go directly to forwarding -- bypassing listen/learning.

    This is different than what happens when the port receives a BPDU (thus the switch warning).    Also try portfast with bpdufilter or bpduguard.  ;-)

  • Thanks JC12,

    I have ine v5 and I am testing that task on spanning-tree portfast default,

    but I can't see the reults of the port loosing its portfast status, using this test:

     

    R5  f0/0 -------connected to ------f2/5 SW1  

    f2/1 is in vlan 58

    =========

    SW1(config)#spann portfast default

    SW1(config)#int f2/5

        swi mo acc

        swi acc vl 58

        no sh

        end

    SW1# debug spann events

    SW1(config)#service timest log

                     logg console 7

    on R5 we have

    R5(config)#bridge 1 protocol ieee

              int f0/0

              bridge-group 1

             no sh

     

    -=====================

    with this setup, anyone has obtained a simulation to test the loosing of portfast status of SW1 f2/5

     

     

     

     

     

  • Do you get the same result if you enter the following command on R5?

    int f0/0.58
    encapsulation dot1Q 58

  • Thanks for the outputs JoeM, and I agree with you.  The point I was trying to make was that the port still participates in spanning-tree. 

    What I meant by the “port losing portfast and edge status” was that the ports will no longer be in a forwarding state if a BDPU is received. For example, the output you posted where the port transition to blocking. 

    Thanks again for your lab demonstration and the outputs.  It explained it better than I could. :)

  • I have ine v5 and I am testing that task on spanning-tree portfast default

    I have got this work when I did this task in a previous workbook - from the information in your posts you have provided your configuration but the results of this config - i.e. no verification.

    For example provide the output from the debug you have applied - and what the output of show spanning-tree interface f2/5

  • JoeMJoeM ✭✭✭

    EDIT:   deleting 2nd test.   

    After I did a 3rd test on REAL SWITCHES, I got the result we originally expected. Receiving BPDU's does remove the edge type.

     

    Feel free to test this and post your own verifications.

    Good night (my time). ;-)

     

     

  • Hi JC13

    here are the results

    I am using GNS3 

    =================================

     

    ====== R5 e0/1 has a subinterface e0/1.58 connected to SW1 e3/2

    =======SW1 e3/2 is an access port in VLAN 58

    ======= SW1 has e3/2 portfast configured at the interface level

    ======== as a result SW1 e3/2 goes into inconsistent state = Bloking, 

    ========= portfast is still showing on SW1 e3/2, but e3/2 is blocking        

    R5#conf t

    Enter configuration commands, one per line.  End with CNTL/Z.

    R5(config)#int e0/1

    R5(config-if)#no ip add

    R5(config-if)#exi

    R5(config)#int e0/1.58

    R5(config-subif)#enc dot 58

    R5(config-subif)#ip add 155.1.58.5 255.255.255.0

    R5(config-subif)#end

    R5# 

    *Feb  1 10:23:20.968: %SYS-5-CONFIG_I: Configured from console by console

     

    R5#sh ip int brie | exc una

    Interface                  IP-Address      OK? Method Status                Protocol

    Ethernet0/1.58             155.1.58.5      YES manual administratively down down

     

    R5#sh run int e0/1

    Building configuration...

    Current configuration : 54 bytes

    !

    interface Ethernet0/1

     no ip address

     shutdown

    end

     

    R5#sh run int e0/1.58

    Building configuration...

    Current configuration : 93 bytes

    !

    interface Ethernet0/1.58

     encapsulation dot1Q 58

     ip address 155.1.58.5 255.255.255.0

    end

    ===================================

    R5#conf t

    Enter configuration commands, one per line.  End with CNTL/Z.

    R5(config)#bri

    R5(config)#bridge 1 pro

    R5(config)#bridge 1 protocol ieee

    R5(config)#int e0/1.58

    R5(config-subif)#br

    R5(config-subif)#bridge-group 1

    R5(config-subif)#no sh

    R5(config-subif)#exi

    R5(config)#int e0/1

    R5(config-if)#no sh

    R5(config-if)#end

    ! ==== SW1 e3/2 is still in shutdown mode 

    R5#sh sp

     

     Bridge group 1 is executing the ieee compatible Spanning Tree protocol

      Bridge Identifier has priority 32768, address aabb.cc00.0510

      Configured hello time 2, max age 20, forward delay 15

      We are the root of the spanning tree

      Topology change flag not set, detected flag not set

      Number of topology changes 0 last change occurred 00:00:46 ago

      Times:  hold 1, topology change 35, notification 2

              hello 2, max age 20, forward delay 15

      Timers: hello 1, topology change 0, notification 0, aging 300

     

     Port 22 (Ethernet0/1.58) of Bridge group 1 is listening

       Port path cost 100, Port priority 128, Port Identifier 128.22.

       Designated root has priority 32768, address aabb.cc00.0510

       Designated bridge has priority 32768, address aabb.cc00.0510

       Designated port id is 128.22, designated path cost 0

       Timers: message age 0, forward delay 12, hold 0

       Number of transitions to forwarding state: 0

       BPDU: sent 0, received 0

     

    !==================== now SW1 e3/2 is enabled, so R5 e0/1 interface is up/up

    *Feb  1 10:26:53.141: %LINK-3-UPDOWN: Interface Ethernet0/1, changed state to up

    *Feb  1 10:26:54.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1, changed state to up

    R5#

    !================== R5 is sending BPDUs now

    R5#sh sp

     

     Bridge group 1 is executing the ieee compatible Spanning Tree protocol

      Bridge Identifier has priority 32768, address aabb.cc00.0510

      Configured hello time 2, max age 20, forward delay 15

      We are the root of the spanning tree

      Topology change flag not set, detected flag not set

      Number of topology changes 1 last change occurred 00:21:07 ago

              from Ethernet0/1.58

      Times:  hold 1, topology change 35, notification 2

              hello 2, max age 20, forward delay 15

      Timers: hello 0, topology change 0, notification 0, aging 300

     

     Port 22 (Ethernet0/1.58) of Bridge group 1 is forwarding

       Port path cost 100, Port priority 128, Port Identifier 128.22.

       Designated root has priority 32768, address aabb.cc00.0510

       Designated bridge has priority 32768, address aabb.cc00.0510

       Designated port id is 128.22, designated path cost 0

       Timers: message age 0, forward delay 0, hold 0

       Number of transitions to forwarding state: 1

       BPDU: sent 628, received 0

     

    !================== on SW1 side we have

    !=================================================================

     

    SW1# conf t        

    SW1(config)#vlan 58

    SW1(config-vlan)#exi

    SW1(config)#int e3/2

    SW1(config-if)#swi mo acc

    SW1(config-if)#swi access vlan 58

    SW1(config-if)#spanning-tree portfast

    %Warning: portfast should only be enabled on ports connected to a single

     host. Connecting hubs, concentrators, switches, bridges, etc... to this

     interface  when portfast is enabled, can cause temporary bridging loops.

     Use with CAUTION

     

    %Portfast has been configured on Ethernet3/2 but will only

     have effect when the interface is in a non-trunking mode.

    SW1(config-if)#end

    SW1#

    !==========================================================

    !================== SW1 e3/2 is still shutdown

    SW1#sh sp

     

    No spanning tree instance exists.

    !============================

    SW1#conf t

    Enter configuration commands, one per line.  End with CNTL/Z.

    SW1(config)#service timestamps log

    SW1(config)#service timestamps debug datetime ms

    SW1(config)#logg console 7

    SW1(config)#end

    SW1#wr

    Building configuration...

    Compressed configuration from 1783 bytes to 1011 bytes[OK]

    !=======================================================

    SW1#debug spanning-tree events

    Spanning Tree event debugging is on

    !============================================================

    SW1#conf t

    Enter configuration commands, one per line.  End with CNTL/Z.

    SW1(config)#int e3/2

    SW1(config-if)#do sh sp

     

    No spanning tree instance exists.

     

    SW1(config-if)#do sh sp int e3/2 portf

    no spanning tree info available for Ethernet3/2

    !====================== enable now e3/2  to test portfast ====================

    SW1(config-if)#no sh

    SW1(config-if)#

    *Feb  1 10:27:52.312: setting bridge id (which=3) prio 32826 prio cfg 32768 sysid 58 (on) id 803A.aabb.cc00.0100

    SW1(config-if)#

    *Feb  1 10:27:52.312: set portid: VLAN0058 Et3/2: new port id 800F

    *Feb  1 10:27:52.312: STP: VLAN0058 Et3/2 ->jump to forwarding from blocking

    00:18:50: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk Ethernet3/2 VLAN58.

    00:18:50: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking Ethernet3/2 on VLAN0058. Inconsistent port type.

    SW1(config-if)#

    *Feb  1 10:27:53.057: STP: VLAN0058 Et3/2 -> blocking

    SW1(config-if)#

    00:18:51: %LINK-3-UPDOWN: Interface Ethernet3/2, changed state to up

    SW1(config-if)#

    00:18:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet3/2, changed state to up

    1=====================================================================

    SW1(config-if)#end

    !=================================== portfast is still on !!!!!!!!!!!!!!!!!!!!!!

    SW1#sh sp int e3/2 portf

    VLAN0058            enabled

    SW1#sh sp

    SW1#sh spanning-tree inc

    SW1#sh spanning-tree inconsistentports

     

    Name                 Interface                Inconsistency

    -------------------- ------------------------ ------------------

    VLAN0058             Ethernet3/2              Port Type Inconsistent

     

    Number of inconsistent ports (segments) in the system : 1

    !======================================================================

    SW1#sh spanning-tree

     

    VLAN0058

      Spanning tree enabled protocol ieee

      Root ID    Priority    32826

                 Address     aabb.cc00.0100

                 This bridge is the root

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

     

      Bridge ID  Priority    32826  (priority 32768 sys-id-ext 58)

                 Address     aabb.cc00.0100

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

                 Aging Time  300 sec

     

    Interface           Role Sts Cost      Prio.Nbr Type

    ------------------- ---- --- --------- -------- --------------------------------

    Et3/2               Desg BKN*100       128.15   Shr Edge *TYPE_Inc

     

     

  • JC13 and the rest of teh readers,

    Sorry, I have forgotten to make SW1 e3/2 a trunk port, since R5 e0/1 is 802.1Q encapsulated

    so as a result,  portfast is not lost, and the ports stay  in good working order,

    so portfast at the interface level did not get lost, in my GNS3, in real hardware, maybe it will be lost

    maybe, someone can test this on real hardware ==================

     

     

    here is my corrected scenario !!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    SW1#sh run int e3/2

    Building configuration...

     

    Current configuration : 133 bytes

    !

    interface Ethernet3/2

     switchport trunk encapsulation dot1q

     switchport mode trunk

     duplex auto

     spanning-tree portfast trunk

    end

     

    SW1#sh int tr

    SW1#sh int trunk

     

    Port        Mode             Encapsulation  Status        Native vlan

    Et3/2       on               802.1q         trunking      1

     

    Port        Vlans allowed on trunk

    Et3/2       1-4094

     

    Port        Vlans allowed and active in management domain

    Et3/2       1,58

     

    Port        Vlans in spanning tree forwarding state and not pruned

    Et3/2       1,58

    SW1#sh sp

    SW1#sh spanning-tree vl

    SW1#sh spanning-tree vlan 58

     

    VLAN0058

      Spanning tree enabled protocol ieee

      Root ID    Priority    32768

                 Address     aabb.cc00.0510

                 Cost        100

                 Port        15 (Ethernet3/2)

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

     

      Bridge ID  Priority    32826  (priority 32768 sys-id-ext 58)

                 Address     aabb.cc00.0100

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

                 Aging Time  300 sec

     

    Interface           Role Sts Cost      Prio.Nbr Type

    ------------------- ---- --- --------- -------- --------------------------------

    Et3/2               Root FWD 100       128.15   Shr

     

     

    SW1#sh sp

    SW1#sh spanning-tree vl

    SW1#sh spanning-tree vlan 1

     

    VLAN0001

      Spanning tree enabled protocol ieee

      Root ID    Priority    32769

                 Address     aabb.cc00.0100

                 This bridge is the root

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

     

      Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)

                 Address     aabb.cc00.0100

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

                 Aging Time  300 sec

     

    Interface           Role Sts Cost      Prio.Nbr Type

    ------------------- ---- --- --------- -------- --------------------------------

    Et3/2               Desg FWD 100       128.15   Shr Edge

     

     

    SW1#conf t

    Enter configuration commands, one per line.  End with CNTL/Z.

    SW1(config)#int e3/2

    SW1(config-if)#sh

    SW1(config-if)#

    SW1(config-if)#

    *Feb  1 11:35:43.058: STP: VLAN0058 we are the spanning tree root

    SW1(config-if)#

    01:26:42: %LINK-5-CHANGED: Interface Ethernet3/2, changed state to administratively down

    01:26:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet3/2, changed state to down

    SW1(config-if)#

    SW1(config-if)#

    SW1(config-if)#!================ enable e3/2 back to see debugs

    SW1(config-if)#

    SW1(config-if)#no sh

    SW1(config-if)#

    SW1(config-if)#

    SW1(config-if)#

    01:27:12: %LINK-3-UPDOWN: Interface Ethernet3/2, changed state to up

    *Feb  1 11:36:16.092: setting bridge id (which=3) prio 32769 prio cfg 32768 sysid 1 (on) id 8001.aabb.cc00.0100

    *Feb  1 11:36:16.092: set portid: VLAN0001 Et3/2: new port id 800F

    *Feb  1 11:36:16.092: STP: VLAN0001 Et3/2 ->jump to forwarding from blocking

    *Feb  1 11:36:16.092: setting bridge id (which=3) prio 32826 prio cfg 32768 sysid 58 (on) id 803A.aabb.cc00.0100

    *Feb  1 11:36:16.092: set portid: VLAN0058 Et3/2: new port id 800F

    *Feb  1 11:36:16.092: STP: VLAN0058 Et3/2 ->jump to forwarding from blocking

    01:27:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet3/2, changed state to up

    SW1(config-if)#

    *Feb  1 11:36:16.852: STP: VLAN0058 heard root 32768-aabb.cc00.0510 on Et3/2

    *Feb  1 11:36:16.852:     supersedes 32826-aabb.cc00.0100

    *Feb  1 11:36:16.852: STP: VLAN0058 new root is 32768, aabb.cc00.0510 on port Et3/2, cost 100

    SW1(config-if)#end

    SW1#

    SW1#

    01:27:35: %SYS-5-CONFIG_I: Configured from console by console

    SW1#sh sp

    SW1#sh spanning-tree vl

    SW1#sh spanning-tree vlan 58

     

    VLAN0058

      Spanning tree enabled protocol ieee

      Root ID    Priority    32768

                 Address     aabb.cc00.0510

                 Cost        100

                 Port        15 (Ethernet3/2)

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

     

      Bridge ID  Priority    32826  (priority 32768 sys-id-ext 58)

                 Address     aabb.cc00.0100

                 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

                 Aging Time  300 sec

     

    Interface           Role Sts Cost      Prio.Nbr Type

    ------------------- ---- --- --------- -------- --------------------------------

    Et3/2               Root FWD 100       128.15   Shr

     

     

    SW1#

Sign In or Register to comment.