When I tried to put the bpduguard command on the port I got the message that the command is not supported on the FEX interfaces. I was able to put the spanning-tree guard loop on. The other option is that spanning-tree guard root.

You are right, we have Nexus 5548s and 2232 Fiber Extenders. I was on vacation when it happened. I did a bit more digging and found out that when this happened they actually plugged the blade into the 5548 directly. Thank you for oyur help.

No problem. Configuring bpduguard and loopguard on N5548 client facing ports should be able to protect it.

Regards,

jerry

Hi - could you indentify where your guys found this check box or what type of network setup the Blade Center has? I'm about to plug the blade center in the ARs as a work around to Nexus issues but I'm concerned about this since if I plug anything bridging wise into my ARs my entire layer 2 data center network will go down and take out the business....

What check box are you talking about? And AR is access router? Please explain more, I am confused with your topology?

The loop in original post is not a Nexus problem, it is a classic spanning-tree issue. You have to use the spanning-tree protection machinasm like loop guard, root guard, etc. to protect your L2 spanning-tree domain.

Regards,

jerry

Jerry -

I'm using my ARs to get around my access switches. The access switch is a Nexus 5548 with 2232 FEXs. But right now I'm running into the known VTP bug where the new 2 vlans I added are not being heard by the Nexus. To get around the issue and keep the project moving forward I'm going to plug the blade center into the 10 gig mod I have in the 6509 and use the ports as switch ports. The original post-er referred to within the blade center a "check box" for using bridging or teaming. My server guys can't find this and since we have little to no experience with them I'm concerned that they just aren't looking at the right spot. This is my current plan for the configuration:

interface port-channel2

description Blade Center Bay 1 -ports 1 and 2

switchport mode trunk

switchport trunk allowed vlan 1,105,107

spanning-tree port type edge trunk

spanning-tree guard root

interface Ethernet109/1/17

description Bay 1 port 1

switchport mode trunk

switchport trunk allowed vlan 1,105,107

channel-group 2 mode active

spanning-tree port type edge trunk

spanning-tree guard root

interface Ethernet109/1/18

description Bay 1 port 2

switchport mode trunk

switchport trunk allowed vlan 1,105,107

channel-group 2 mode active

spanning-tree port type edge trunk

spanning-tree guard root

I see. I am not a server guy and I can't answer the first question.

In the Nexus's point of view, I think you are okay since the configuration will protected against BPDU. In terms of root, I don't think it is necessary.

Regards,

jerry

Normally we stick to just the edge port, the guard root is due to a certain level or paranoia - do you think the bolded part is unnecessary?

interface port-channel2

description Blade Center Bay 1 -ports 1 and 2

switchport mode trunk

switchport trunk allowed vlan 1,105,107

spanning-tree port type edge trunk

spanning-tree guard root

interface Ethernet109/1/17

description Bay 1 port 1

switchport mode trunk

switchport trunk allowed vlan 1,105,107

channel-group 2 mode active

spanning-tree port type edge trunk

spanning-tree guard root

interface Ethernet109/1/18

description Bay 1 port 2

switchport mode trunk

switchport trunk allowed vlan 1,105,107

channel-group 2 mode active

spanning-tree port type edge trunk

spanning-tree guard root

I don't see any bolded text.

I don't think root guard is necessary. If the blade server is configured with bridge, the port should see BPDU and the port will be errdisabled with the default behavior, edge port will enabled BPDU guard.

HTH,

jerry