Spanning Tree LOOP with PortFast

Hi all,

I have configure portfast on SW3 and SW4 and the loop doesn't occur. The Sw2 Fa0/5 still receive BPDU so it stay in blocking state while on cisco web site they say that it will do a loop.

SW2#show spanning-tree



Interface        Port ID                     Designated                Port ID

Name             Prio.Nbr      Cost Sts      Cost Bridge ID            Prio.Nbr

---------------- -------- --------- --- --------- -------------------- --------

Fa0/1            128.1           39 FWD         0  4196 000a.8a9b.6680 128.1  

Fa0/5            128.5           19 BLK        38 32769 000a.8aa7.7380 128.5

Can you please help me to understand why the loop doesn't occur ?

-------------

this the lab:

-------------

Sw1 is root with a priority of 4096

Sw2 is the secondary Root with a priority of 8192.

The Sw2 fa0/1 has a cost of 39 in order to block Sw2 fa0/5.

All other port has default fastethernet cost of 19

 

Sw1-(fa0/1)---------------(fa0/1)-Sw2

(fa0/3)                                  (fa0/5)

 |                                           Blocking

 |                                               |

 |                                               |

(fa0/3)                                  (fa0/5)                                          

Sw4-(fa0/1)---------------(fa0/1)-Sw3

 

these are the configurations:

Sw4:

SW4#show running-config
Building configuration...

Current configuration : 2560 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW4
!
!
ip subnet-zero
!
spanning-tree portfast default
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 no ip address
!
interface FastEthernet0/2
 no ip address
!        
interface FastEthernet0/3
 no ip address
!
interface FastEthernet0/4
 no ip address
!
interface FastEthernet0/5
 no ip address
!

Sw3:

SW3#show running-config
Building configuration...

Current configuration : 2560 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW3
!
!
ip subnet-zero
!
spanning-tree portfast default
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 no ip address
!
interface FastEthernet0/2
 no ip address
!        
interface FastEthernet0/3
 no ip address
!
interface FastEthernet0/4
 no ip address
!
interface FastEthernet0/5
 no ip address
!

Sw2:

SW2#show running-config
Building configuration...

Current configuration : 2761 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW2
!
!
ip subnet-zero
!
!
spanning-tree extend system-id
spanning-tree vlan 100 priority 8192
!
!
interface FastEthernet0/1
 switchport trunk allowed vlan 1,100,1002-1005
 switchport mode trunk
 no ip address
 spanning-tree cost 39
!
interface FastEthernet0/2
 no ip address
!
interface FastEthernet0/3
 no ip address
!
interface FastEthernet0/4
 no ip address
!
interface FastEthernet0/5
 switchport access vlan 100
 switchport mode access
 no ip address
 duplex full
 speed 100
!

Sw1:

SW1#show running-config
Building configuration...

Current configuration : 2763 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW1
!
!
ip subnet-zero
!
!
spanning-tree extend system-id
spanning-tree vlan 100 priority 4096
!
!
interface FastEthernet0/1
 switchport trunk allowed vlan 1,100,1002-1005
 switchport mode trunk
 no ip address
 spanning-tree cost 1000
!
interface FastEthernet0/2
 no ip address
!
interface FastEthernet0/3
 switchport access vlan 100
 switchport mode access
 no ip address
 duplex full
 speed 100
!

 

 

 

Comments

  • By default, portfast feature does not block BPDUs; when a BPDU is
    received, the port simply loses its portfast status. You need BPDUfilter
    at both sides to block STP completely.



    ----- Original Message -----
    From: "Nabs"
    Sent: Wed, June 17, 2009 17:16
    Subject:[CCIE R&S] Spanning Tree LOOP with PortFast


    Hi all,

    I have configure portfast on SW3 and SW4 and the loop doesn't occur. The
    Sw2 Fa0/5
    still receive BPDU so it stay in blocking state while on cisco web site
    they say
    that it will do a loop.

    SW2#show spanning-tree

    Interface Port ID Designated
    Port ID
    Name Prio.Nbr Cost Sts Cost Bridge ID
    Prio.Nbr
    ---------------- -------- --------- --- --------- --------------------
    --------
    Fa0/1 128.1 39 FWD 0 4196 000a.8a9b.6680 128.1
    Fa0/5 128.5 19 BLK 38 32769 000a.8aa7.7380 128.5

    Can you please help me to understand why the loop doesn't occur ?

    -------------

    this the lab:

    -------------

    Sw1 is root with a priority of 4096

    Sw2 is the secondary Root with a priority of 8192.

    The Sw2 fa0/1 has a cost of 39 in order to block Sw2 fa0/5.

    All other port has default fastethernet cost of 19



    Sw1-(fa0/1)---------------(fa0/1)-Sw2

    (fa0/3) (fa0/5)

    | Blocking

    | |

    | |

    (fa0/3) (fa0/5)


    Sw4-(fa0/1)---------------(fa0/1)-Sw3



    these are the configurations:

    Sw4:

    SW4#show running-config Building configuration...Current configuration : 2560
    bytes!version 12.1no service padservice timestamps debug uptimeservice
    timestamps
    log uptimeno service password-encryption!hostname SW4!!ip
    subnet-zero!spanning-tree
    portfast defaultspanning-tree extend system-id!!interface FastEthernet0/1
    no ip
    address!interface FastEthernet0/2 no ip address! interface
    FastEthernet0/3
    no ip address!interface FastEthernet0/4 no ip address!interface
    FastEthernet0/5 no
    ip address!

    Sw3:

    SW3#show running-config Building configuration...Current configuration : 2560
    bytes!version 12.1no service padservice timestamps debug uptimeservice
    timestamps
    log uptimeno service password-encryption!hostname SW3!!ip
    subnet-zero!spanning-tree
    portfast defaultspanning-tree extend system-id!!interface FastEthernet0/1
    no ip
    address!interface FastEthernet0/2 no ip address! interface
    FastEthernet0/3
    no ip address!interface FastEthernet0/4 no ip address!interface
    FastEthernet0/5 no
    ip address!

    Sw2:

    SW2#show running-config Building configuration...Current configuration : 2761
    bytes!version 12.1no service padservice timestamps debug uptimeservice
    timestamps
    log uptimeno service password-encryption!hostname SW2!!ip
    subnet-zero!!spanning-tree
    extend system-idspanning-tree vlan 100 priority 8192!!interface
    FastEthernet0/1
    switchport trunk allowed vlan 1,100,1002-1005 switchport mode trunk no ip
    address
    spanning-tree cost 39!interface FastEthernet0/2 no ip address!interface
    FastEthernet0/3 no ip address!interface FastEthernet0/4 no ip
    address!interface
    FastEthernet0/5 switchport access vlan 100 switchport mode access no ip
    address
    duplex full speed 100!

    Sw1:

    SW1#show running-config Building configuration...Current configuration : 2763
    bytes!version 12.1no service padservice timestamps debug uptimeservice
    timestamps
    log uptimeno service password-encryption!hostname SW1!!ip
    subnet-zero!!spanning-tree
    extend system-idspanning-tree vlan 100 priority 4096!!interface
    FastEthernet0/1
    switchport trunk allowed vlan 1,100,1002-1005 switchport mode trunk no ip
    address
    spanning-tree cost 1000!interface FastEthernet0/2 no ip address!interface
    FastEthernet0/3 switchport access vlan 100 switchport mode access no ip
    address
    duplex full speed 100!







    --
    View this message online at: http://ieoc.com/forums/p/6847/24195.aspx#24195
    --
    Internetwork Expert - The Industry Leader in CCIE Preparation
    http://www.internetworkexpert.com

    Subscription information may be found at:
    http://www.ieoc.com/forums/ForumSubscriptions.aspx

    ----- End of original message --
  • Hi,

    So Why we can see on cisco web site that it is possible to make a loop with portfast ?

     

    Tomorrow I will try to configure bpdufilter on Sw3 (fa0/1) in order to make a loop. I will tell you if it is ok.

    I will do this on Sw3:

    !        
    interface FastEthernet0/3
     spanning-tree bpdufilter enable
    !

    So in theory, it will blocks BPDU to Sw2 fa0/5.

     

     

     

  • hey, it's only cisco :) the idea is that portfast port continues sending
    BPDUs all the time, just keeps the port in the portfast state until it
    receives a BPDU.
    Thus if you connect two ports back2back they will move each other out of
    the portfast state immediately.


    ----- Original Message -----
    From: "Nabs"
    Sent: Thu, June 18, 2009 0:06
    Subject:Re: [CCIE R&S] Spanning Tree LOOP with PortFast


    Hi,

    So Why we can see on cisco web site that it is possible to make a loop
    with portfast ?



    Tomorrow I will try to configure bpdufilter on Sw3 (fa0/1) in order to
    make a loop.
    I will tell you if it is ok.

    I will do this on Sw3:

    ! interface FastEthernet0/3 spanning-tree bpdufilter enable!

    So in theory, it will blocks BPDU to Sw2 fa0/5.







    --
    View this message online at: http://ieoc.com/forums/p/6847/24217.aspx#24217
    --
    Internetwork Expert - The Industry Leader in CCIE Preparation
    http://www.internetworkexpert.com

    Subscription information may be found at:
    http://www.ieoc.com/forums/ForumSubscriptions.aspx

    ----- End of original message --
  • Hi Petr,

    I am agree with you about portfast when we connect 2 switch in back2back, but i really don't see how it is possible to make a loop as the cisco web site say:

    http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/6.x/configuration/guide/stp_enha.html#wp1020694

     

    PI: For BPDUfilter on Sw3 fa0/1 or Sw3 fa0/5, Sw3 doesn't send BPDU to Sw2 fa0/5 so it makes the Sw2 fa0/5 change his state to forwarding. So i Have made a loop (it is what I wanted to do).

     

    Nabs

     

     

Sign In or Register to comment.