Cisco Portfast command

In cisco switches there is the Portfast feature, that blocks STP on a certain port so that the computer connects to the network faster.

I wonder if this feature is mandatory and has to be used on all switches where computers are connect to?
In cisco doc, it says it is used when a single host is connected to the port, which means if it's an access switch,and all ports have to be configured with fastport, since all ports will have computers connected to.

what about the Trunk ports do they have to have the portfast configured?

Who is Participating?
szfecoConnect With a Mentor Commented:
if portfast not enabled and your PC boots in 10 sec, still have to wait 20sec for STP to converge.
if the PC sending any traffic and the switchport is not Forwarding yet, the traffic will be droped.
After that can any user traffic be sent on the switchport (ie. DHCP request, or any data traffic). Switch won't accept any traffic from the PC when it is not in the Forwarding state

if portfast enabled the port will be Forwarding state in a few seconds, PC boots in 10 sec, sends the DHCP request and since the switchport is in Forwarding state the PC can get the IP and user traffic enabled to pass.

it is just an issue of time from the view of your PC, from the switch point it doesn't cares if your PC can pass or not any traffic. Even if from the PC point acceptable that the traffic will be dropped and must wait the switchport to be Forwarding than no issue again

usually the users are complaining that the PC has boot up and still didn't get an IP cos the switchport is still playing STP :)
if the PC didn't get an IP, it will try to get later.

governor_arnoldConnect With a Mentor Commented:
the spanning-tree portfast command isn't required on trunk ports. I had the same question a couple of years ago when we upgraded our network to Cisco and the cisco CCNP that worked with us told us there wasn't any need to use the portfast command. I only have a CCNA so I took his word for it.
jskfanAuthor Commented:
what about on the access switch ports, where all computers are connected to?
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

governor_arnoldConnect With a Mentor Commented:
I was told to use the command on the access ports.
thaibnConnect With a Mentor Commented:
Portfast is not mandatory on configuring the switch ports on any Cisco switch.  It is purely a layer 2 function and the main purpose of the portfast function is to allow the link up to move much faster bypassing the STP timers; thus, made for access connections to servers and PCs (and routers).  Over a layer 2 rule-of-thumb, portfast can be used wherever there are no BPDU (bridge packets) are being seen, thus switch to switch is not recommended as loops may be created.  Otherwise, you can use if you want or not use it if you don't want to over access connections.

Trunk ports do not require portfast, but can be configured.  Again, Portfast just makes the switch or trunk port enter spanning tree forwarding state immediately.  However, trunk ports will not inherit default values... you'll have to specify those configurations.
szfecoConnect With a Mentor Commented:
spanning-tree runs the port through this states:
Disabled - when not connected
Listening - stays 15sec
Learning - stays 15sec
Forwarding - can forward user data

When you connect your PC the port will move from Disabled to Listening than Learning and after that can be used to forward user traffic. It is 30 sec.

For a PC to boot 30sec is enough and IP address still cannot be aquired since the port is not Forwarding.

If you turn on portfast on a host-attached port, it will move the port to Forwarding almost immediately (1-2 sec).

It will not disable STP, since your user still can attach a rogue switch and plug two ports of your switch to the rogue switch effectively creating a loop.

However if a portfast port receives a BPDU (your user created a loop or attached a switch) it will move the switch port through the Listening and Learning states to determine if loop has created or not.
With other words a portfast port will loose its portfast designation and will be handled as a not-portfast port if BPDU received.

BPDU-s not sent by host, used by switches (spanning-tree).

you can use the "spanning-tree portfast trunk" on ports connecting to servers which are using trunks, but not to connect to other switches, since a BPDU will disable the portfast on the port, and servers are not intended to send BPDU-s in normal circumstances :)


jskfanAuthor Commented:
what I want understand is in real world environment, all computers are connected to switches.

So, are all those switches  have Portfast enabled on their ports?

in many articles, they say the computers when started first time they wait for dhcp to hand them out the IP, and when this idle time is over and the switch is still running STP, there will be a time out and the pc can't get an IP, etc...etc...

But I have not see any clear statement that says:
before you power up your computers that are connected to the switch, make sure all switch ports are in Portfast..

the only statement I see : it says portfast is enabled on a port that is connected to a single host.
it's obvious that it s a one-one connection, one port to one host.
But  should this portfast be enabled on all ports of the switch, since all ports will have computers connected to them?

Did you guys get my point?


not mandatory just recommended.
without portfast, if your pc boots faster than the STP converge than you should wait STP to finish, after that the PC can request the IP address.

makes no point to stay 15-15secs in Listening and Learning states when only a host connected, and no loop expected

jskfanAuthor Commented:
<<not mandatory just recommended.>> it sounds vague.

Not mandatory: means there is no issue for the computers when portfast is not enabled on the switch they are connected to.

Recommended: when it's recommended ? in just some particular cases?

thaibnConnect With a Mentor Commented:
I cannot tell if portfast is enabled on most switches.  Timing wise, most dumb switches and smart switches emulate that of Portfast.  I do know that Cisco has them disabled.  In a normal circumstance, some networks enable it and some don't.  Most organizations that do not know about Cisco switches, but have them don't enable portfast.  They rarely have issues, but there is a delay coming from the Engineer's point-of-view.  It rarely causes issues with IP addresses when starting up, but with enough users on the network, you may have that 1 or 2 users that didn't get an IP address because your port hasn't forwarded your information through yet.  Some users just reboot and their I.T. person will never even hear about it.

In what organizational circumstances will portfast be used?  Well, if I had an organization full of laptops that goes in and out all the time and gets awaken from a sleep state a lot, then portfast will be enabled.  Because their laptop is already on, the request with its associated timeout/delay may coincide and cause the laptop to fail on getting a DHCP request.  This occurrence is still rare, but will increase with more users.

Also, if you manage the network and want it to improve in its starting functions, portfast should be enabled on "controlled" ports.  Meaning, the port is known that you will always have a PC, server or router on it.
TheMetalicOneConnect With a Mentor Commented:
Lets keep it simple:  

Portfast is not mandatory at all, you do not need to configure any switchports with portfast.  

IF you notice however that your computers are booting up, and the user is logging in but not getting any login scripts running for example, that means that the computers are faster than the stp learn so you should enable portfast on those computer ports.

Simply put:

I Use portfast for desktop/laptop connections
Do not use portfast for connections between switches, routers, access points, etc.
I personally do not use portfast for any server connections, but thats a personal preference.

Really, its just an option to help you optimize your network.  

That being said, if you take a Cisco switch, just throw it on the network without configuring portfast, it will work just fine, the ports will just take a bit longer to come up.  Depending on how old the Cisco switch is, that stp learn could take up to 45 seconds.  As I found on a standard user network, this only becomes a problem when you get desktops that boot up and are ready to log in faster than the stp learn takes to complete.
jskfanAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.