04-20-2019 06:22 PM
Got a small network with an ASA and a C2960-L switch connected to it. The switch is divided into vlans trunked to the ASA, which provides internet connectivity and DHCP. There are no other switches or firewalls that the vlans span across. However, since there is no central wireless network, people do connect small wifi routers, airports and i one case a cisco SG100 switch in their offices.
I am interested in what may be best practices for port configuration in this network. Maybe some features on the switch are not needed or worth looking into that are more for an enterprise grade network, and should be disabled. I have enabled portfast globally for faster converging when user equipment is connected:
! spanning-tree mode rapid-pvst spanning-tree portfast edge default spanning-tree extend system-id !
This has worked well so far, but maybe I am sacrificing stability for a few seconds wait time. Heck, maybe this is even a wrong configuration. What else should I enable for stability, bpdu guard maybe?
I will also disable vtp, since I see no point for it in this small network.
04-20-2019 10:48 PM
04-21-2019 01:47 AM
Hi,
As you mentioned that there is no other devices then everything is looking good and no need anything extra expect the set lower priority for STP root bridge as
Switch(config)#spanning-tree vlan x priority 4096
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide