06-30-2014 06:42 AM - edited 03-04-2019 11:15 PM
Good morning,
Does anyone have sample configuration for STP, for what they normally configure on their access, distro, and core switch? I would like to see how other organizations have STP set up for each one of their switches, depending on the function of the switch.
Thanks,
Chad
Solved! Go to Solution.
06-30-2014 07:41 AM
I found somewhere picture in attach and I think that it tells more than words
BR,
Dragan
06-30-2014 03:00 PM
STP is verry good to have a loop free netwok .
STP are mostly implemented in distribution going down to Access Switches.
Below are the Basic guidelines in STP Implementations:
1.Define first the root bridge switch in your network.
-Mostly the Primary distribution switches (if your using primary/secondary set up)
-The most powerfull switches you have (lot of Gig ports ports)
2.After you define the root bridge, configure the switch as your root bride (Distribution 1 in this case) .
3.Protect the root port in your root bridge by configuring spanning-tree guard root on port (trunk port) going to access switches.
-This way no other port to become root except those ports you have configured/allowed to be root.
4.In Access switches , configure uplink ports (trunk port going to distribution switches) with spanning-tree guard loop .
-this will prevent any loop to be broadcast outside the local switch.
-best way also to configure primary and secondary path for your vlans.
-spanning-tree guard loop is also good to configure in access ports that has no port security configured in it. this is useful in guarding the port from any loop that is cause by end users miss patching of cable in open ports in your production area. BPDU guard enable sometimes not work mostly when a VOIP Phone's both port is connected in a switch.
-Above is only a basic implementation assuming you have the idea how spanning tree works.
Regards,
Rex
06-30-2014 07:41 AM
06-30-2014 03:00 PM
STP is verry good to have a loop free netwok .
STP are mostly implemented in distribution going down to Access Switches.
Below are the Basic guidelines in STP Implementations:
1.Define first the root bridge switch in your network.
-Mostly the Primary distribution switches (if your using primary/secondary set up)
-The most powerfull switches you have (lot of Gig ports ports)
2.After you define the root bridge, configure the switch as your root bride (Distribution 1 in this case) .
3.Protect the root port in your root bridge by configuring spanning-tree guard root on port (trunk port) going to access switches.
-This way no other port to become root except those ports you have configured/allowed to be root.
4.In Access switches , configure uplink ports (trunk port going to distribution switches) with spanning-tree guard loop .
-this will prevent any loop to be broadcast outside the local switch.
-best way also to configure primary and secondary path for your vlans.
-spanning-tree guard loop is also good to configure in access ports that has no port security configured in it. this is useful in guarding the port from any loop that is cause by end users miss patching of cable in open ports in your production area. BPDU guard enable sometimes not work mostly when a VOIP Phone's both port is connected in a switch.
-Above is only a basic implementation assuming you have the idea how spanning tree works.
Regards,
Rex
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: