I've got a challenging situation and I'd love to hear opinions on the right way to deal with it.
Understaffed currently, anything requiring a lot of administrative time/effort will be hard to maintain.
We have a large number of small unmanaged switches that don't send out BPDU packets when plugged in. These will be replaced, but this will take time due to budget restraints/end of year timing.
Large complex network supporting a manufacturing floor where equipment/workstations move often, far too often. Sometimes several times in a week.
Last week we had an outage when a helpful person on the floor saw a stray cable lying on a desk and plugged it into a small knockoff 5 port gig switch. This caused a loop that became very difficult to track down due to other issues.
The stack in question was a 6 switch stack, EAPS ring connected to the core via 20gb LAG ports.
ELRP seems like a good idea, except that requires constant updates of ELRP when vlans are moved between ports when manufacturing moves desks/test equipment/printers around. This feels really prone to human error.
BPDU guard seems like a good idea, except these chinese knockoff switches don't send out BPDU packets and happily just loop away.
STP doesn't work without BPDU being sent.
Broadcast limits seem reasonable, maybe on the uplink ports? I've noticed setting broadcast/multicast limits on large stacks (300+ ports) can cause a sustained CPU load that makes me uncomfortable.
Thoughts? I'd like to have a sustainable solution to this problem that will get us through the next 3 months when I can replace all these little desk switches with managed 430-8 models.