ExtremeSwitching (EXOS)

  • 1.  edge port using safeguard

    Posted 11-20-2014 10:52
    on my XOS switch i want to make ports 1 & 3 as edge ports would the below command syntax do the trick?

    create stpd s0 configure stpd s0 mode dot1w

    configure stpd s0 default-encapsulation dot1d

    configure stpd s0 add vlan Data ports 1,3

    configure stpd s0 ports link-type edge 1,3 edge-safeguard enable

    enable stpd s0



  • 2.  RE: edge port using safeguard

    Posted 11-20-2014 11:51
    This is ok.


  • 3.  RE: edge port using safeguard

    Posted 11-20-2014 11:53
    will the above command make them edge port? and if a device switch/hub is attached to port 3 will it go into blocking state?


  • 4.  RE: edge port using safeguard

    Posted 11-20-2014 11:55
    you have to enable BPDU-restrict on those ports.


  • 5.  RE: edge port using safeguard

    Posted 11-20-2014 12:33
    configure stpd s0 port link-type edge 1,3 edge-safeguard enable bpdu-restrict

    what happens if i put this recovery-timeout 300 command after the bpdu-restrict would it block the port and come to forwarding state after 300 secs (3mins)


  • 6.  RE: edge port using safeguard

    Posted 11-20-2014 12:38
    it should disable the port and enable it again after 5 minutes.


  • 7.  RE: edge port using safeguard

    Posted 11-20-2014 12:43
    What is the default if i dont add the recover-timeout value is it 50 secs ? sorry i am asking the nitty gritty as i am only using a simulator and not real kit


  • 8.  RE: edge port using safeguard

    Posted 08-31-2015 18:44
    It will stay disabled until you manually enable the port if you do not type a recovery number.


  • 9.  RE: edge port using safeguard

    Posted 09-01-2015 12:20
    good Morning Shakil if you are using this for the sole purpose of loop detection at the edge there is another method called ELRP. It will detect loops on the edge port and either disable the port permanently or for a specified period of time. You can also have it ignore ports, such as uplink ports, if you have two switches next to one anther and the loop is created between them. The ignore ports will make sure that only the edge ports are disabled and not the uplink ports.

    If however you have a large STP network that these ports are part of then use STP. ELRP is a great option as you do not have to setup domain like in STP.

    Hope that helps to provide some options. Please let us know if there are any other questions

    P



  • 10.  RE: edge port using safeguard

    Posted 09-01-2015 12:35
    Good morning Shakil,

    What you configured will only protect those ports for the Data VLAN. What if you have a VoIP scenario with a phone and a data connection off the same edge port? obviously add the VoIP vlan. I install Extreme gear at many customer sites for Extreme, and I build spanning tree into my base configuration before I even know the vlan scheme. I create a vlan specifically for spanning tree. Hint, add the STP configuration last or at least after having assigned the port to an untagged vlan's egress list.

    I do this for the edge port protection of course, but also to future ready the infrastructure for all the intelligence features that come from administrating an Extreme infrastructure such as Netlogin with NAC for 802.1x and MAC authentication. You need STP to use Netlogin.

    Do not apply the below on uplink ports.

    So as discussed already there are multiple ways to get this done, but here is the command script that I use.

    create vlan "Pearlman" configure vlan Pearlman tag 4090

    configure vlan Pearlman add ports 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48 tagged



    configure mstp region Pearlman

    configure stpd s0 delete vlan default ports all

    disable stpd s0 auto-bind vlan default

    configure stpd s0 mode mstp cist

    create stpd Pearlman_stm

    configure stpd Pearlman_stm mode mstp msti 1

    configure stpd Pearlman_stm add vlan Pearlman ports 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48 dot1d

    configure stpd s0 ports mode dot1d 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd s0 ports cost auto 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd s0 ports port-priority 128 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd s0 ports link-type edge 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd s0 ports edge-safeguard enable 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48 recovery-timeout 60

    configure stpd s0 ports bpdu-restrict enable 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48 recovery-timeout 60

    enable stpd s0 ports 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd Pearlman_stm ports mode dot1d 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd Pearlman_stm ports cost auto 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd Pearlman_stm ports port-priority 128 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd Pearlman_stm ports link-type edge 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48

    configure stpd Pearlman_stm ports edge-safeguard enable 1:1-48, 2:1-48, 3:1-48, 4:1-48, 5:1-48, 6:1-48 recovery-timeout 60