mikearama wrote: » Yes, I'm a CCNP, and yes, I'm still uncertain about the answer to this question that came up this morning. We've had a few complaints this morning about user outages while accessing network resources of any kind. In checking STP, I noted that we've had reconvergences about 10 times so far this morning. Now then, my understanding from my studies was that during convergence, the root port continued to forward. However, the issues today give me the impression that ALL ports go into blocking state during convergence. Sure would appreciate confirmation, one way or the other. Links appreciated. BTW, our Implementations team appears to be the culprit... they've got a nortel switch they use to stage devices that they decided to plug into a pair of network ports. Wingnuts.
mikearama wrote: » BTW, our Implementations team appears to be the culprit... they've got a nortel switch they use to stage devices that they decided to plug into a pair of network ports. Wingnuts.
chmorin wrote: » You use RSTP right? How long is the downtime?
chrisone wrote: » If you are running Cisco switches at your core i would suggest implementing the following to protect your root. Implement the following 1.Root guard 2.Loop guard 3.Remove any portfast on access layer switches (unless BPDU-guard is enabled, leave portfast) To save some seconds but also introduce loops, STP root changes, port fast is not worth the headaches. Some tips from my CCDP book i am studying. • Loop guard is implemented on the Layer 2 ports between distribution switches, and on the uplink ports from the access switches to the distribution switches. • Root guard is configured on the distribution switch ports facing the access switches. • BPDU guard or root guard is configured on ports from the access switches to the end devices, as is PortFast.
