10-08-2019 03:42 AM
hey, not a cisco/networking expert, hence the question;-) when connecting a non cisco PoE switch (digitus) to one of our cisco ports, the ports goes to errdisabled mode. (so this means the digitus sends out bdpu's and the loopguard reacts beacause the port is in portfast right?). so in this way we cannot use the switch. in what why can we actually use it (drop the portfast command on the cisco port? - or is that 'dangerous?)
thx for some pointers and feedback!
here's some elevant information (i guess):
spanning-tree mode mst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree extend system-id spanning-tree pathcost method long
!
spanning-tree mst configuration
name ILVO-MST
revision 1
!
spanning-tree mst max-hops 40
interface FastEthernet0/1
switchport access vlan 246
switchport mode access
switchport voice vlan 146
storm-control broadcast level pps 1k 500
storm-control action shutdown
storm-control action trap spanning-tree portfast
10-08-2019 04:09 AM
Try removing this parameter:
spanning-tree portfast bpduguard default
Then you can enable bpduguard on the access ports.
In addition, the taged must be done in the access ports of the non-Cisco switch, leaving the ports that connect both switches in trunk mode.
Regards
10-08-2019 04:49 AM
10-08-2019 05:46 AM
You can occupy the range to configure the bpduguard in the other interfaces
interface range FastEthernet0/2-24
spanning-tree portfast bpduguard
Regards
10-08-2019 06:13 AM
Hi,
As you enabled the BPDUGUARD default on the switch global configuration mode means it is enabled on all ports. Here, you have to disable this command and can enable the same within each interface (range interface command) configuration except the port where the non-manageable switch is connected.
10-08-2019 07:00 AM
Hello
You mention that your adding a non cisco switch to a cisco switch in stp mst domain?
Then the question is that non -cisco switch also running stp and what node is it running.
if you wish to trunk the non-cisco switch then you could open yourself stp issues especially when your running MST st
Assuming stp root is within your cisco mst domain then it also needs to be the the cist root for that non-Cisco switch
What are your expectation of this non switch switch?, do you just want it to run a single vlan if so you dont need to trunk the interconnection as the port connecting the non switch switch can be in in an administrative mode of access if you wish to run just the switch a a host switch in a single vlan
int x/x
description non-cisco switch
switchport mode access
swithcport access vlan x
spanning-tree guard root
spanning-tree bpdufilter enable
10-08-2019 07:15 AM
10-08-2019 07:38 AM - edited 10-08-2019 07:52 AM
Hello
@Steven.Cools wrote:
so given the other replies above, i'd have to disable the default bdpu guard command on the switch level, and apply it again on all individual ports except for the one connecting to the non-cisco right? thx! S.
No you can keep bpduguard enabled at a global level as any interface specific commands will take precedence over global ones, so you should be fine.
Bpdufilter applied at an interface level will just do that and filter any incoming bpdu's on the port thus you'll obtain a connection state between the two switches
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide