Unmanaged switch loop prevention connected to 460-G2

  • 0
  • 1
  • Question
  • Updated 2 months ago
  • Answered
So we have a bunch of 460-G2's we will be replacing some enterasys C2's. Currently SpanGuard on the C2's was not enabled hence when people with an unmanaged desk switch looped 2 of the ports all hell breaks loose with Spantree.

The 460-G2's have STP enabled with BPDU-restrict and also edge-safeguard, but this does not prevent unmanaged switch loops.

How can we prevent the STP from people looping an unmanage switch connected to only 1 edge port and trashing the network?
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb

Posted 2 months ago

  • 0
  • 1
Photo of David Coglianese

David Coglianese, Embassador

  • 5,774 Points 5k badge 2x thumb
ELRP usually works well passing through unmanaged switches and stopping loops.
Photo of Eric Burke

Eric Burke

  • 2,144 Points 2k badge 2x thumb
We utilize ELRP in our standard build and it's very reliable. Sounds like you're getting rid of the 460's though, is that correct?
Photo of Dave Hammers

Dave Hammers, Dir SW Engineering

  • 3,502 Points 3k badge 2x thumb
Maybe exspantree.py.will help you.  It was developed for customers migrating from EOS.
See https://github.com/extremenetworks/EXOS_Apps/tree/master/EZ_SpanningTree for the latest.
Depending on the EXOS release, it may already be included with EXOS.
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
apologies, i should read what i type better.
We have C2's installed and moving to the Extreme 460-G2's.

I'll have a look at ELRP as well thanks.
Photo of Andrew Imam

Andrew Imam, Employee

  • 1,006 Points 1k badge 2x thumb
Hi Dave,

Thanks for confirming that you are migrating to the X460G2 switches. 
Please click on the links below for knowledge articles that explains what is ELRP, as well as the exact step to configure and enable ELRP:

https://gtacknowledge.extremenetworks.com/articles/Q_A/What-is-ELRP

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-ELRP-to-disable-ports

Please let us know if you have any questions.

Best regards,
Andrew
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
any comments on the below for us please?
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
ELRP worked flawlessly in testing thankyou. :-)
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
so i am curious, i wonder if we had edge-safeguard and bpdu-restrict configured correctly.
Looking at the below document, it says we can use either ELRP or edge-guard with bpdu-restrict???

ELRP works as i mentioned but wondering if we should be using the other. To do use have an MSTP cist and multiple MSTI's.

https://gtacknowledge.extremenetworks.com/articles/Q_A/What-options-are-there-for-loop-protection-in...

Sorry, new to swtiches and getting my head around it all.
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
i also noticed while using ELRP, that if a port is connected to an unmanaged switch and then the switch is loop, the port gets disabled as expected.  If i connect an unmanaged switch that is already looped to another port the whole system get stormed and ELRP doesnt kick in and disable the port.

Is this normal behavior??
Photo of David Coglianese

David Coglianese, Embassador

  • 5,774 Points 5k badge 2x thumb
If the ELRP VLAN is on both ports it should catch the loop.

Does the log show the loop?
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
how can i check for that?
By default we are going to disable the port.

This works with 2 seperate ports on same vlan are loop with 2 different ports on switch.
This works for connecting unmanage switch and then loop the unmanaged switch on itself.
This work if i connect unmanage switch, then connect it to another port on same VLAN

I tested again and first time i connected an already looped on itself unmanaged switch it turned the port off. i left the switch for a minute then connected to another ports and then its xmas time with the lights.

if i check ELRP disabled ports the ports appear on the list, except the issue i am having.
Photo of Dave Hanna

Dave Hanna

  • 204 Points 100 badge 2x thumb
figured the issue. 

the Unmanaged switch already has a broadcast storm happening on it and when the BPDU's get sent from the 460-G2 it takes X amount of time for that to get inserted into the processor of the unmanaged switch.

If loop the unmanaged switch and straight away connect to the 460-G2 it disables the port. :-)
Photo of simon bingham

simon bingham

  • 1,196 Points 1k badge 2x thumb
With Spanning tree the port will block, obviously the unmanaged switch will be down until the loop stops. ELRP does work well but in my experience customers forget where its configured or configure it on uplinks by mistake, resulting in the " every now and then one of my sites is down, we reboot and it comes back " issues. 
(Edited)