• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 187
  • Last Modified:

Why Portfast participate in STP

If I understand Portfast is used so that Computers will receive DHCP configuration ASAP, and for the port to skip blocking , learning, listening phases.
however if portfast is configured without other XXXGUARD configuration, then if a switch is plugged to the port it can cause a Loop.

I wonder why Cisco design it that way ?
it makes sense to tell a port that you are configured to only talk to computers and not to switches...just like Access port but with skipping blocking , learning, listening phases

Any comments on this ?

Thanks
0
jskfan
Asked:
jskfan
  • 3
  • 3
4 Solutions
 
Don JohnstonInstructorCommented:
however if portfast is configured without other XXXGUARD configuration, then if a switch is plugged to the port it can cause a Loop.
Only until a BPDU arrives at the port.  Portfast does not disable spanning-tree on a port.  It only makes the port skip the initial listening/learning states.  

So if a portfast port does become part of a loop, once a BPDU enters the port, the loop will be detected and the appropriate port will block.
0
 
JustInCaseCommented:
As Don already said - loop in that case should be temporary...
I wonder why Cisco design it that way ?
Today 30 seconds downtime for listening/learning may look like eternity.
- VoIP
- CCTV
- Servers
- Medical equipment
There are companies that give a lot of money in equipment to be High Available - so downtime should be less then 1 second.
Portfast done that way is - calculated risk, port will be disabled if bpdu is received on port.
And you get warning when you are starting to use portfast on port. :)

C881(config)#interface f2
C881(config-if)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single host.
 Connecting hubs, concentrators, switches,  bridges, etc.to this interface
 when portfast is enabled, can cause temporary spanning tree loops.
 Use with CAUTION

%Portfast has been configured on FastEthernet2 but will only
 have effect when the interface is in a non-trunking mode.
You can also enable portfast on trunks. Usually this is done when end host can understand "taggish" like servers... You don't want switch port (or ports) that are attached to server go through listening/learning phases....

That is basically the same as everything in life...
Why car manufacturers produce cars that go fast enough so you can get killed?
:)
Use it with caution, you have been warned.
0
 
jskfanAuthor Commented:
What I meant is Portfast , should be fast but acts as an Access Port...
Since we know that it is conceived for a host to be plugged into it why would it receives or sends BPDUs at first place...
You see what I mean ?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Don JohnstonInstructorCommented:
What I meant is Portfast , should be fast but acts as an Access Port...
Portfast is not synonymous with access ports.  And it doesn't make a port act like an access port.
Since we know that it is conceived for a host to be plugged into it why would it receives or sends BPDUs at first place...
Because people connect cables where they aren't supposed to. I can't tell you the number of times that I've had users connect the two jacks in their office together because they felt like it should be.
You see what I mean ?
I guess not. :-(
0
 
jskfanAuthor Commented:
Don.
1 - Perfect design, is to tell the port you are accepting only  "Workstation", no switches. how to do that ?  
However if I am not wrong :
2 -- If you configure a port as access port, you plug a workstation, you are fine. If you plug a Switch, then topology change will kick in, and nowadays , there are Blades and probably even ESX hosts that have Virtual switches, and their NIC is already configured as Trunk or listens to BPDUs, and if you plug it to an Access Port it will cause Topology Change.

3-- Portfast (According  to what I have read) will prevent Topology change only if you configure it with BPDU Guard.
I wonder if it is guaranteed that there will be no Topology change or Loop.

What I am looking for is Bullet 1 to be fulfilled with skipping "Blocking,Listening,Learning).

== I also need to understand the difference between Loop and Topology change
Topology change is when switches start election of the Root Bridge, but if we have Root bridges(Primary and Secondary) already hard-coded then Topology change should not occur.

*Loop , if I understand , STP is already on the Switch by default, it can block redundant ports, so why Loop should happen in this case.?
0
 
Don JohnstonInstructorCommented:
Perfect design, is to tell the port you are accepting only  "Workstation", no switches. how to do that ?  
Portfast and BPDU Guard.
3-- Portfast (According  to what I have read) will prevent Topology change only if you configure it with BPDU Guard.
That's an... interesting way of putting it.  What portfast and BPDU Guard will do when a loop is created is to put the port in an error disable state. The port is effectively shut down.  So the "prevent topology change" is a result of the port being disabled.

I wonder if it is guaranteed that there will be no Topology change or Loop.
If no other changes were made, enabling portfast and BPDU Guard will not prevent STP from discovering and blocking loops.
What I am looking for is Bullet 1 to be fulfilled with skipping "Blocking,Listening,Learning).
Portfast and BPDU Guard.

I also need to understand the difference between Loop and Topology change
Topology change occurs everytime the topology changes.  For example, if an existing inter-switch link fails, that's a topology change. If a new inter-switch link is established, that's a topology change. If a new root switch comes up, that's a topology change.  Basically, anything that could alter the path of frames is a topology change.

Loop , if I understand , STP is already on the Switch by default, it can block redundant ports, so why Loop should happen in this case.?
A loop is an additional inter-switch path.  STP is enabled by default and loops will be discovered and blocked.  Unless someone made changes to the STP configuration (changed which STP is used, adjusted timers incorrectly, enabled BPDU filter, etc.).
0
 
jskfanAuthor Commented:
Thank you for now..I am still reading about if a question comes up I will post it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now