cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
670
Views
10
Helpful
2
Replies

Best practice for spanning tree, vtp etc. in a small network

kreminator
Level 1
Level 1

Got a small network with an ASA and a C2960-L switch connected to it. The switch is divided into vlans trunked to the ASA, which provides internet connectivity and DHCP. There are no other switches or firewalls that the vlans span across. However, since there is no central wireless network, people do connect small wifi routers, airports and i one case a cisco SG100 switch in their offices.

 

I am interested in what may be best practices for port configuration in this network. Maybe some features on the switch are not needed or worth looking into that are more for an enterprise grade network, and should be disabled. I have enabled portfast globally for faster converging when user equipment is connected:

 

!
spanning-tree mode rapid-pvst
spanning-tree portfast edge default
spanning-tree extend system-id
!

This has worked well so far, but maybe I am sacrificing stability for a few seconds wait time. Heck, maybe this is even a wrong configuration. What else should I enable for stability, bpdu guard maybe?

 

I will also disable vtp, since I see no point for it in this small network.

2 Replies 2

Hi,
If there is no more devices in network,i think that's ok.
you can config specific root bridge for a switch,and enable root gurad.Just like:
Switch(config)#spanning-tree vlan x root primary
Switch(config)#spanning-tree guard root

thanks~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

Deepak Kumar
VIP Alumni
VIP Alumni

Hi,

As you mentioned that there is no other devices then everything is looking good and no need anything extra expect the set lower priority for STP root bridge as 

Switch(config)#spanning-tree vlan x priority 4096

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco