09-19-2016 07:11 PM - edited 03-08-2019 07:29 AM
I have one existing network and just finished up building a new network. So I have network A (OLD) and network B (NEW). Two networks are totally isolated from each other.
I have lots of data that need to transfer from A to B, im thinking of connecting the two networks directly through a cross over cable, I have carved out a new vlan called 'Transfer ' in both networks, but im worrying about spanning tree root bridge change on either my new or old network. Should i configure a ' Root Guard ' on both switches ports where the cross over cable will be connected? or what would you guys suggest?
Thank You
Solved! Go to Solution.
09-21-2016 08:40 AM
If you configure the ports you are connecting as routing ports instead of assigning the IP addresses to SVIs ie
int gigX/Y
no switchport
ip address x.x.x.x 255.255.255.252
They will not do switching and will not run spanning tree.
Alternately set them as spanning tree edge ports and enable bpdufilter which will stop spanning tree propagating from one to the other. If you do this make sure you dont create a loop somewhere.
int gigX/Y
switchport access vlan X
spanning-tree portfast
spanning-tree bpdufilter enable
09-19-2016 07:33 PM
Why not connect the 2 networks together using a layer-3 routed link with a /30 IP. This way there is no need to worry about stp.
HTH
09-20-2016 07:57 PM
Hi Reza, /30 you mean usable only 2 ips, that is possible as I have a vlan carved out which is part of a layer 3 switch so routing is already there.. however the issue arises the minute you connect a switch to another network switch, if the new switch has lower bid (priority or mac address) then it might get elected as a root bridge, that would not be good as that switch is not part of the new network lol
Anyway I think the " root guard " spanning tree option will protect me from that...
Let me know what you think?
09-21-2016 08:40 AM
If you configure the ports you are connecting as routing ports instead of assigning the IP addresses to SVIs ie
int gigX/Y
no switchport
ip address x.x.x.x 255.255.255.252
They will not do switching and will not run spanning tree.
Alternately set them as spanning tree edge ports and enable bpdufilter which will stop spanning tree propagating from one to the other. If you do this make sure you dont create a loop somewhere.
int gigX/Y
switchport access vlan X
spanning-tree portfast
spanning-tree bpdufilter enable
10-21-2016 05:57 AM
Hi Patrick, sorry for the late reply, been a little busy here and there.. but finally got it done this morning at 4AM.... I went with your fist option, and everything works good, only had to add some static routes on both ends to make my other subnets routable etc... but all good. Thank You for the help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide