we have a network that looks like a hub a spoke. The main spoke is the ISP's drop into the firewall. that connects to a stacked pair of L3 switches. attached to that pair are various other switches. I'm certain none of those switches are plugged into each other in any loop.
Off many of the switches are servers and iSCSI SAN appliances. with iSCSI, it is recommended that STP be turned off on those ports. I have a few questions:
1. Should STP be turned off on all ports but the trunk ports between the hub and spoke switches?
2. Our firewall drops into each switch in the stack and there's an HA firewall that does the same. Do I leave STP turned on for those 4 ports?
3. Most of our servers do not yet have dedicated iSCSI NIC ports. There are 2 and they are the iSCSI ports and the regular traffic ports. do I still turn STP off for those ports on the switch?
4. Some documents say if I have to leave STP on, turn on RSTP. Is that just as good as it being off or is there still some risk?