https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318908#M824409 <HTML><HEAD></HEAD><BODY><P>There is one drawback to using the old spanning tree and that is that the switches do not open the port until aprox 30 seconds, that can affect the dhcp process depending on how fast the computers are.</P><P></P><P>"old" spanning-tree</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp.htm" target="_blank">http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp.htm</A></P><P></P><P>Rapid Spanning-tree</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml" target="_blank">http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml</A></P><P></P><P></P><P>HTH</P><P></P></BODY></HTML> Mon, 16 Nov 2009 10:34:23 GMT hobbe 2009-11-16T10:34:23Z https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318905#M824406 <P>Hi, tricky one. We've just taken over management of a site and my responsibility is for their Pix. This customer has 2 other sites that connect via MPLS (looked after by BT) who's traffic is filtered by the pix. However, one of these sites has an issue whereby if one of the users plugs a network cable into 2 ports it slowly brings down the network and stops access to our site. Given that this site is a school and the users are students, this happens quite often.</P><P></P><P>Would I be right in thinking that any solution would need to be implemented on either the switch or router at the remote site? As I dont know must about routing protocols for switches or routers is there any advice I can give them given that I dont have any access to that site and is there anything I can implement on the firewall to help.</P><P></P><P>Thanks, Rex.</P> Mon, 11 Mar 2019 16:40:04 GMT https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318905#M824406 Rex Biesty 2019-03-11T16:40:04Z https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318906#M824407 <HTML><HEAD></HEAD><BODY><P>My guess is that it is best solved with spanning tree in the switches.</P><P>If they have "new" cisco switches then try to enable rapid spanning tree (if all the switches support it) and set the ports to portfast (it works nice with rapid)</P><P>if the switches does not support rapid spanning tree, then use the "normal" spanning tree but do not set the ports to portfast (unless they are for a server)</P><P></P><P>Since it is a school there are probably some bright kids there so there are some nice features that there is a possibility to implement fx floodguard and bpdu guard features.</P><P></P><P>And no there is nothing you can do on your end. This is a local problem.</P><P></P><P>HTH</P><P></P></BODY></HTML> Mon, 16 Nov 2009 10:16:21 GMT https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318906#M824407 hobbe 2009-11-16T10:16:21Z https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318907#M824408 <HTML><HEAD></HEAD><BODY><P>Thanks, just the answer I was looking for. I'll pass this info on to those that look after the switches at the remote site to sort.</P></BODY></HTML> Mon, 16 Nov 2009 10:25:35 GMT https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318907#M824408 Rex Biesty 2009-11-16T10:25:35Z https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318908#M824409 <HTML><HEAD></HEAD><BODY><P>There is one drawback to using the old spanning tree and that is that the switches do not open the port until aprox 30 seconds, that can affect the dhcp process depending on how fast the computers are.</P><P></P><P>"old" spanning-tree</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp.htm" target="_blank">http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp.htm</A></P><P></P><P>Rapid Spanning-tree</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml" target="_blank">http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml</A></P><P></P><P></P><P>HTH</P><P></P></BODY></HTML> Mon, 16 Nov 2009 10:34:23 GMT https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318908#M824409 hobbe 2009-11-16T10:34:23Z https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318909#M824410 <HTML><HEAD></HEAD><BODY><P>Thanks again.</P></BODY></HTML> Mon, 16 Nov 2009 10:38:12 GMT https://community.cisco.com/t5/network-security/loopback-bringing-network-down/m-p/1318909#M824410 Rex Biesty 2009-11-16T10:38:12Z