printable format  e-mail to a friend comment on article More Q & A Video Killed the Data Stream Distance Training with IS-IS Theory, Reality and Total T-1 Bandwidth 'Area 257' De-Classified Follow That Packet! Back-to-Back Connections and ADSL Split-Scope DHCP Servers VRRP Implementation Q & A Archive

I need your valuable suggestions for the following case. We have five Catalyst switches (one 3508 and four 3524s). Four switches are cascaded (the 3508 and three of the :3524s). All four are connected by GigaStack GBIC modules and are working fine. But when we try to connect the remaining 3524 switch to the 3508 (connecting single port GBIC to single port GBIC) through a cat5e cross cable, the link slows down and the configuration shows the gigabit interface and line protocol down. We are using STP. Please let me know the required configuration to be done if necessary.

I think the problem might be with PortFast.

Please provide me with a solution.

-- Raje

Answer:

Raje,

That’s a very interesting scenario. Now, I’m both interested and concerned with why you believe that spanning-tree PortFast is a good decision to do on the port connecting two switches to each other!

Spanning Tree Protocol is used to ensure a loop free topology in your layer 2 network. It does this by sending out BPDU frames (Bridge Protocol Data Units) to figure out what all is going on in a network.

As BPDUs are propagated, the network goes through a series of elections. First a Root Bridge is chosen. This is merely the first step. Following that, remaining switches select a Root Port, which is the port on the switch that provides the most optimal path back to the root bridge. Likewise, each network segment elects a Designated Port reflecting the most optimal path from the network link back to the root bridge. Each of these ports will be in a forwarding state.

Leftover ports may find themselves in a blocking state. And this allows traffic to flow only in loop-free paths throughout a flat network.

-- advertisement (story continued below) --

Spanning tree PortFast is an enhancement that we use to speed things up in a new device’s introduction to the network. When a port comes online, it needs to figure out where it fits within the existing spanning tree. It does this through BPDU information, but spanning tree goes through multiple stages. It blocks for 20 seconds, listens for 15 seconds and learns for another 15 seconds. Then, if everything is good, it’s placed in a forwarding state.

During the previous 50 seconds, however, no data is being passed on the link. This means many things like DHCP discovery, Windows logins, etc. may not work for workstation devices. Users tend to be irked by this behavior. This is why we use PortFast. It “jumps” to a forwarding state immediately because you have assured the switch that no loop will exist through this port.

In the Cisco deployment of PortFast, it is against the rules to plug a switch into a PortFast enabled port. And the introduction of a bridge/switch will lead to receiving a BPDU. If the existing switch (the one in PortFast) receives a BPDU, it knows things are bad. It will put the port into an “errdisable” state, which means some error has forced the port to become disabled.

Normally you need to perform a “shutdown” and “no shutdown” on the port in order to reset things. In addition you’ll need to remove the PortFast configuration from that port since you’re continuing to plan on violating those rules! In recent versions of IOS for the Catalyst switches you can have the switch auto-correct errdisable’d ports by using the “errdisable recovery cause bpduguard” command. The “errdisable recovery interval” command can be used to set the number of seconds the switch will wait between an error and automatically resetting the port.

Think through the spanning tree deployment on your switches, and pay attention to which of the solutions are geared towards hosts only! These steps will make your life easier and will allow your network to function more optimally.

-- Scott

Send your toughest CCIE-level technical questions to editor@tcpmag.com.

back to question

Scott Morris, quadruple CCIE, JNCIE and all-around uber-geek, can often be seen traveling around the world consulting and delivering CCIE training. He recently accepted a new Senior CCIE Instructor position with Internetwork Expert! For more information on him check out http://www.uber-geek.net or for CCIE training check out http://www.internetworkexpert.com. You can contact Scott via editor@tcpmag.com. You can contact Scott about "Is PortFast My Problem? " at editor@tcpmag.com.