Solved: Re: In 2960 modelswitch the command - sh running-config | section span - Page 2

13jobsp90 · ‎10-28-2024

When I type the command "sh running-config | section spanning" . It shows the below output. Can anyone explain?

spanning-tree mode pvst

spanning-tree extend system-id

spanning-tree portfast

Joseph W. Doherty · ‎10-30-2024

"I have a doubt If I dont put spanning tree portfast command for each interface, Will there be any problem even though by default pvst is enabled on SW?any loop issue something like that?"

If you don't use portfast you have your best (about 100%) protection against allowing a L2 loop.

However, not using portfast, where it should be used, has two major effects. First, it may take multiple seconds (up to nearly a minute) for STP to allow the port to join the network. (The common impact of this, DHCP hosts often will not acquire their DHCP IP.)

Second, TCNs are needlessly generated for edge ports. These can be rather impactful to operational performance. So much so, the question often asked is, if we have no intentional L2 loops, do we need to run STP at all? (BTW, the normal answer is, it's recommended to run STP to preclude accidental L2 loops.)

Also BTW, if you have portfast enabled on a port that does create a L2 loop, Cisco's implementation will try to block the loop.

I suspect PVST is still the enabled default because it was Cisco's original method to deal with L2 loops and it's so important to avoid L2 loops. Portfast is not enabled by default because it adds some risk, if misapplied, to allowing a L2 loop.

Depending on the platform, there are newer and better L2 loop preclusion technologies than PVST. Also with the advent of L3 switches and Etherchannel, intentional L2 loop designs can often be avoided.

As a general recommendation, use rapid PVST with portfast on edge ports.

Lastly, your OP appeared to only ask why the section command returned the results it did. My original reply answered that, but it appears what you were asking was the purpose of portfast. Many replies answered that too.

13jobsp90 · ‎10-30-2024

"As a general recommendation, use rapid PVST with portfast on edge ports." Can u pls explain this?

Joseph W. Doherty · ‎10-30-2024

I thought between my and other member replies, it was explained.

However, to recap, to avoid an accidental L2 loop crashing a portion to all you network, some L2 loop prevention technology should be used.

For a simple configuration, PVST can be used for this purpose. Again, it's likely why it's enabled by default.

As rapid-PVST is (much) "better" and requires only changing one configuration statement, it's highly recommended vs. non rapid PVST.

When using any L2 loop management technology, they work best when using additional options. For PVST, rapid-PVST or MST, portfast correctly used is a good option. (BTW, Cisco has other STP options worth considering for usage [a couple are so good they are part of rapid-STP and MST standards].)

13jobsp90 · ‎10-30-2024

If i change from pvst to rapid, what all commands should I put in interfaces and globally?

Joseph W. Doherty · ‎10-30-2024

You should only need:

Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 26    WS-C2960-24TT-L    15.0(2)SE4            C2960-LANBASEK9-M

Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 15.0(2)SE4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Wed 26-Jun-13 02:49 by mnguyen



Press RETURN to get started!

Switch#sh run  | in spann
spanning-tree mode pvst
spanning-tree extend system-id

Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#spanning-tree mode rapid-pvst

That changes to the rapid-PVST variant.

Changing to rapid-PVST will automatically include, and enable, a couple PVST Cisco options (UplinkFast and BackboneFast), which may, or may not, have already been configured.

However, other options, might still be good to also include, if not already using them with PVST. If you want to get in a discussion of what those options are, and when you should use them, open a new discussion.

The option that should be used, if not already, is portfast, which can be enabled per port, or made the default for access ports (then you would need to disabled on access ports it shouldn't be used).

Switch(config)#spanning-tree portfast default !if you want portfast as the default on access ports
Switch(config)#spanning-tree portfast bpduguard default !often recommended with the above

Again, if you make portfast the default, on access port, you should disable it on access ports where it shouldn't be used

13jobsp90 · ‎10-30-2024

I didnt get your point regarding interfaces configuration? If earlier it was in spanning tree portfast for access ports then after changing globally to rpvst from pvst then for each interface (where hosts are connected) ports also should we change accordingly the command other than assigning the vlan? What is the difference between "spanning-tree portfast " & "spanning-tree portfast bpduguard" ?

Joseph W. Doherty · ‎10-30-2024

Changing between PVST and rapid-PVST doesn't change/impact portfast.

Changing interface portfast, whether done individually per port, or via global setting, impacts PVST or rapid-PVST operation. (How each is impacted is a bit different, as they don't work exactly alike. [In fact, if I remember correctly, portfast was a Cisco feature of PVST that was, more-or-less, incorporated into standard rapid STP's edge port feature, but Cisco continued to use "portfast" to enable rapid STP's edge port feature.])

As to BPDUguard, again, if you want to begin a discussion of other STP features, open a new discussion. I suggest this, because other readers would likely not expect such information based on your OP.

Also, if you're not real knowledgeable about STP, lots of material on the Internet, including on Cisco's main site, that would be more helpful for learning about STP and its options. These forums usually better address specific operational questions or issues. Cisco's learningnetwork.cisco.com is better aimed at generic learning of network technology.

Lastly, you've already marked one reply as the "solution" to your OP. Again, other readers might focus on that ignoring additional side information. So, also again, open a new discussion, and/or try one of the other venues I've suggested.

Cristian Matei · ‎10-29-2024

Hi,

See my previous reply, it's very clearly explained what PORTFAST does for STP vs. RSTP.

Best,

Cristian.

In 2960 modelswitch the command - sh running-config | section spanning