spanning tree help


 i have uplinks from core switches that connect to Virgin WAN router configured as access ports and in vlan 999. By mistake a cable is plugged in thats configured in different vlan and has portfast set. This leads to error message of not in common subnet and all ports in vlan999 being blocked until reconvergence.

This seemed to take a long time and I want  to avoid it happening again. I think if i set all ports except uplinks with bpduguard so they error disable if a switch is plugged in, this would stop some problems. But would this help protect against the not in common subnet error and blockign affecting all switches on vlan 999?

Is spanning tree detecting a loop when it gives not in common subnet ?Thanks
Who is Participating?
Marius GunnerudConnect With a Mentor Senior Systems EngineerCommented:
if by uplink port you mean access ports then yes, best practice is to set all non inter switch ports as access ports and configure bpduguard on those ports aswell.

It is also best practice to set an unused vlan to be the native vlan.

Spanning-tree only looks for and prevents loops, it doesn't see or care if two subnets are trying to use the same vlan.
Istvan KalmarHead of IT Security Division Commented:

You need to set bootg devices same native vlan

conf t
 int x/x
 switchport trunk native vlan 999
Marius GunnerudSenior Systems EngineerCommented:
The not on common subnet error just means that there are two different subnets trying to use the same vlan.

BPDUguard will not stop the not on common subnet error.  It will just shutdown the port if someone tries to connect a switch to that access port. However, since the port that a switch was just connected is shut down when BPDUs are detected, the not on common subnet will not happen.
jly999Author Commented:
thanks a lot for the comments

i wonder is it good practice to have uplink ports set as access with bpduguard set?
or better to have trunk ports with native vlan, or it doesnt matter?

Is it standard for STP to block everything and reconverge if it sees two subnets trying to use the same vlan?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.