Hi All,
Currently, We checked that we did not use portfast and bpduguard on access ports, configured the trunk ports (etherchannel and internetwork(metroE) with Rapid PVST spanning tree setting between Main site and backup site. We found the Loop and too many Arp issue which come up.
After that we set up the portfast and bpduguard on access ports and Trunk port remains the same on swtiches.
We have 4 x C9200 48P switches which installed on Main site and backup site.
All of the C9200 switches used Layer 2 protocol only have Management IP and without Stacking together.
We configurated Etherchannel (active passive) on P47 - P48 on each switches.
We only have Management Port which have IP on switch. Other Vlan 157-160, 170 did not have IP assign on its.
2 X Primary and secondary Metro E (internetwork) Trunk link on P45 / Te1/1/1 to connect to Backup site Switches.
There are our currently setting on all C9200 switches.
Main site.
Switch 1
Spanning Tree mode Rapid PVST
Spanning Tree system-id
Spanning Tree Vlan 157 - 160, 170 Priority Primary.
vlan 157
vlan 158
vlan 159
vlan 160
vlan 170
Port
Int vlan 157
no ip address
Int vlan 158
no ip address
int vlan 159
no ip address
int vlan 160
no ip address
int vlan 170
no ip address
P 1 - 44 (access ports) have bpduguard enable and portfast
P45 (Trunk) Trunk allowed 157,158 to connect to backup site for internetworking (Temp)
P47 - 48 (Trunk) Etherchannel Trunk allowed 157,158 (active)
Te1/1/1 (Trunk) fiber Trunk allowed 157,158 (inter network to other backup site)
Switch2
Spanning Tree mode Rapid PVST
Spanning Tree system-id
Int vlan 157
no ip address
Int vlan 158
no ip address
int vlan 159
no ip address
int vlan 160
no ip address
int vlan 170
no ip address
P 1 - 44 (access ports) have bpduguard enable and portfast
P45 (Trunk) Trunk allowed 157,158 to connect to backup site for internetworking (Temp)
P47 - 48 (Trunk) Etherchannel Trunk allowed 157,158 (passive )
Te1/1/1 (Trunk) fiber Trunk allowed 157,158 (inter network to other backup site)
Backup Site
Switch 1
Spanning Tree mode Rapid PVST
Spanning Tree system-id
Int vlan 157
no ip address
Int vlan 158
no ip address
int vlan 159
no ip address
int vlan 160
no ip address
int vlan 170
no ip address
P 1 - 44 (access ports) have bpduguard enable and portfast
P45 (Trunk) Trunk allowed 157,158 to connect to backup site for internetworking (Temp)
P47 - 48 (Trunk) Etherchannel Trunk allowed 157,158 (active)
Te1/1/1 (Trunk) fiber Trunk allowed 157,158 (inter network to other backup site)
Switch2
Spanning Tree mode Rapid PVST
Spanning Tree system-id
Int vlan 157
no ip address
Int vlan 158
no ip address
int vlan 159
no ip address
int vlan 160
no ip address
int vlan 170
no ip address
P 1 - 44 (access ports) have bpduguard enable and portfast
P45 (Trunk) Trunk allowed 157,158 to connect to backup site for internetworking to backup site (Temp)
P47 - 48 (Trunk) Etherchannel Trunk allowed 157,158 (passive )
Te1/1/1 (Trunk) fiber Trunk allowed 157,158 (inter network to other backup site)
We think about these 3 options
Loop Detection Guard
UniDirectional Link Detection
Flexlink+
As we would like to prevent the Trunk port and access port loop on switch if we cancel the Spanning-tree RPVST.
We assumed that, we used stacking to switch 1 (Main Site) and Switch 2 (Backup Site).
There is not spanning Tree RPVST on switches.
Do we able to use these Layer 2 protocol (combination) to prevent Loop issue as below?
- Flexlink+ on Trunk port (active standby) as etherchannel and Internetwork(Metro-E)
- Access port use Loop Detection Guard protocol
Please provide us any suggestion
Thanks,
Gary
Best Regards,
Gary
