Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 128
  • Last Modified:

How to Design STP Loop Free Network

Considering the impact that STP Loop can cause in the Network, I would like to know in real world whether there is granularity in configuration to fend off the loop or just set up VLANs normal way, use the VLAN Interfaces to communicate between VLANs and ignore the granular configuration.

What I mean by granular, to cite just few examples:
- Manually configure for each VLAN a specific Switch to be the Root for that VLAN
- Manually configure Access ports to be Portfast and at the same time configure the Ports with BPDUGUARD
- Manually configure on each VLAN each Blocked port with Loop Guard and UDLD
-Manually configure each VLAN with Root Guad,
Etc....
Etc...

if that's the case there should be a Config Template, that encompasses all those concerns.

Any clarifications on that ?

Thank you
0
jskfan
Asked:
jskfan
  • 5
  • 2
2 Solutions
 
PredragNetwork EngineerCommented:
Basically that is design question and what are actual needs for specific network.
You can find guidelines for L2 (and other layers) implementation Campus Network for High Availability Design Guide , but details are scattered across the page.

if that's the case there should be a Config Template, that encompasses all those concerns.
Yes. Typically companies create template(s) how specific port type should be configured.
You do not have to use everything that there is there to protect your network, you need to create your own template for that purpose, although those rules are not  enough since in addition there should be general design guide how network should be designed. The reason for that is that you can have different potential problems according to network design.
0
 
jskfanAuthor Commented:
The Example of Network I will use  is a Company that has a Data Center in Site A (the main Site) and has Branches in site B ,C,D,E,F . Each Branch has around 300 computer Users.
Sites are connected with WAN Connection.
 

All the Servers are in Site A, which means client requests will have to come to Site A to retrieve and Update the Information.
0
 
PredragNetwork EngineerCommented:
That actually depends on your network design.
Typically you should have for each location separate VTP domain (with it's own VLANs) and connect main site with branch offices over L3 links. Also typically you will have one VTP server per domain (for that VTP domain) and you can use the same VLAN numbers on for each location.
If you have one VTP domain for all locations it is currently considered as a bad design (L2 end-to-end network). Currently recommendation is to use L3 links wherever it is possible.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
jskfanAuthor Commented:
Assuming Everything is set up properly..and we are running RPVST.
what do you do next to prevent STP loops ?
Do you have a Configuration Example that you can use on every single VLAN ?
0
 
jskfanAuthor Commented:
Each Site is connected to the DataCenter (Core) as shown below:
stp
0
 
jskfanAuthor Commented:
What Configuration Template will you apply on Access /Distribution/Core Switches in order to avoid STP Loops ?
0
 
jskfanAuthor Commented:
I will do some reading later
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now