Portfast or not Portfast

Network with 2 Cat6500 switches trunked together. Servers are multihomed, one nic connected to each switch...Should port fast be disabled on these ports? I see no reason to enable it as that will only increase the chance of loops

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Netstudent

The general rule of thumb is to enable portfast on access ports with BPDU guard.

lex0429

may i ask why enable it?
My logic is it only helps to enable it to prevent a user from logging into his machine and getting a timeout thus not contacting the DHCP server. With a server which obviously is on amost all the time i dont see the need to enable it.

Aquabat [banned]

i dunno, but in my experience i always enable stp portfast

EdTheLad

lex0429 wrote:

Network with 2 Cat6500 switches trunked together. Servers are multihomed, one nic connected to each switch...Should port fast be disabled on these ports? I see no reason to enable it as that will only increase the chance of loops

If the server doesnt use vlan tags enable the port as portfast, when you enable a port as portfast it doesnt participate in spanning tree and the port can transition to forwarding immediately.If you dont enable portfast everytime the port gets reset it will take 30 seconds to come up.Also a trunk port will receive all traffic on the switch unless you prune vlans on the trunk.
Regarding loops, how do you envision a loop occuring on the port a server is connected to?

larkspur

Regarding loops, how do you envision a loop occuring on the port a server is connected to?

This is the set....

watch out for the spike!!

going with Ed on this one. Do you seriously know STP? On a scale of one to 10?

Netstudent

EdTheLad wrote:

lex0429 wrote:

Network with 2 Cat6500 switches trunked together. Servers are multihomed, one nic connected to each switch...Should port fast be disabled on these ports? I see no reason to enable it as that will only increase the chance of loops

If the server doesnt use vlan tags enable the port as portfast,

Is this becuase it would be a trunk? and we NEVER enable portfast on trunks?

EdTheLad

Netstudent wrote:

EdTheLad wrote:

lex0429 wrote:

Network with 2 Cat6500 switches trunked together. Servers are multihomed, one nic connected to each switch...Should port fast be disabled on these ports? I see no reason to enable it as that will only increase the chance of loops

If the server doesnt use vlan tags enable the port as portfast,

Is this becuase it would be a trunk? and we NEVER enable portfast on trunks?

Yes your right with flagging that statement. Trunks are usually used between switches and the odd case to an end device that supports trunking.Older versions of either CatOs or Ios wont allow a trunk to be configured with portfast, i'm pretty sure the new versions will allow you, but they throw up a warning message.So even if its trunking and connected to a server portfast should be enabled if possible.

dtlokee

For what it's worth I had an admin crash a network a few weeks back because they connected a server with a dual NIC to a switch, then configured VMWare to bridge to the network cards. This created a nice little bridging loop on the switch, so I would say configure portfast globally, then if it receives a BPDU on the interface, it will loose it's portfast status. The other thing I like to do is setup storm-control on the interfaces so if a loop does occur you can limit how much of the bandwith it can consume.