This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

edge-safeguard enabled by default

edge-safeguard enabled by default

julienb
New Contributor

‎02-27-2017 05:32 PM

Hi,

Is there a way to enable by default for every ports the STP mode edge-safeguard with bpdu-restrict ? Like the "spanning-tree portfast default" and "spanning-tree portfast bpduguard default" on Cisco switches.
I'd like to enable the edge-safeguard mode for every port, and add an exception on trunk/dot1q ports.
Is that possible ?

I've tried to enable it for every ports in each instance like that :
configure stpd s0 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s900 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s903 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s914 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300

But since the ports are not in the instance yet (auto-bind enabled), it throws an error for all ports :
Error: Port 1 is not a member of STP domain s900
Error: Port 2 is not a member of STP domain s900
etc...

Here is the whole STP config (the goal is to be compatible with rapid-pvst+ on Cisco):
configure stpd s0 mode dot1w
configure stpd s0 default-encapsulation pvst-plus
create stpd s823
configure stpd s823 default-encapsulation pvst-plus
create stpd s900
configure stpd s900 default-encapsulation pvst-plus
create stpd s903
configure stpd s903 default-encapsulation pvst-plus
create stpd s914
configure stpd s914 default-encapsulation pvst-plus
create stpd s921
configure stpd s921 default-encapsulation pvst-plus
create stpd s923
configure stpd s923 default-encapsulation pvst-plus
enable stpd s823 auto-bind vlan 823
enable stpd s923 auto-bind vlan 923
enable stpd s903 auto-bind vlan 903
enable stpd s900 auto-bind vlan 900
enable stpd s921 auto-bind vlan 921
enable stpd s914 auto-bind vlan 914
enable stpd s0
configure stpd s823 tag 823
enable stpd s823
configure stpd s900 tag 900
enable stpd s900
configure stpd s903 tag 903
enable stpd s903
configure stpd s914 tag 914
enable stpd s914
configure stpd s921 tag 921
enable stpd s921
configure stpd s923 tag 923
enable stpd s923

Thanks for your help
0 Kudos
9 REPLIES 9

Roy_Noh
Extreme Employee

‎03-01-2017 05:45 AM

Hello Julienb.

You can't make setting link type edge and enabling edge-safeguard by default.
Anyway, even with the auto bind options on STPDs, it will not automatically be bound to the STPD if you add a port to a vlan as untagged since default-encapsulations are PVST+ on every STPD.
So below two example lines are needed when you add a port to a vlan as untagged with edge-safeguard.

conf "v823" add ports 5 untagged "s823" dot1d
conf "s823" ports link-type edge 5 edge-safeguard enable bpdu-restrict recovery-timeout 300
0 Kudos

Vincent_Boucher
New Contributor
In response to Roy_Noh

‎03-01-2017 05:45 AM

I totally agree here, this is ridiculous. New to EXOS and I have to use PVST+ for interoperability.

0 Kudos

julienb
New Contributor
In response to Roy_Noh

‎03-01-2017 05:45 AM

Wow Extreme knows how to make life easy for network admins ! ahah
So each time you change a VLAN on a port, you also need to change the STP config ? What is auto-bind made for in that case?
0 Kudos

Jeremy_Gibbs
Contributor

‎02-27-2017 06:53 PM

This is a nice script I have used to get you going.

https://github.com/extremenetworks/EXOS_Apps/tree/master/EZ_SpanningTree

0 Kudos

julienb
New Contributor
In response to Jeremy_Gibbs

‎02-27-2017 06:53 PM

I don't get it. It says the script associates all vlans to instance s0 and configure it for MSTP. But in MSTP, you need one instance per VLAN right ? By the way, I need Rapid-PVST+, not MSTP.
0 Kudos
Top
GTM-P2G8KFN