This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Switching & Routing
- ExtremeSwitching (EXOS/Switch Engine)
- RE: edge-safeguard enabled by default
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
edge-safeguard enabled by default
edge-safeguard enabled by default
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-27-2017 05:32 PM
Hi,
Is there a way to enable by default for every ports the STP mode edge-safeguard with bpdu-restrict ? Like the "spanning-tree portfast default" and "spanning-tree portfast bpduguard default" on Cisco switches.
I'd like to enable the edge-safeguard mode for every port, and add an exception on trunk/dot1q ports.
Is that possible ?
I've tried to enable it for every ports in each instance like that :
configure stpd s0 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s900 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s903 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s914 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
But since the ports are not in the instance yet (auto-bind enabled), it throws an error for all ports :
Error: Port 1 is not a member of STP domain s900
Error: Port 2 is not a member of STP domain s900
etc...
Here is the whole STP config (the goal is to be compatible with rapid-pvst+ on Cisco):
configure stpd s0 mode dot1w
configure stpd s0 default-encapsulation pvst-plus
create stpd s823
configure stpd s823 default-encapsulation pvst-plus
create stpd s900
configure stpd s900 default-encapsulation pvst-plus
create stpd s903
configure stpd s903 default-encapsulation pvst-plus
create stpd s914
configure stpd s914 default-encapsulation pvst-plus
create stpd s921
configure stpd s921 default-encapsulation pvst-plus
create stpd s923
configure stpd s923 default-encapsulation pvst-plus
enable stpd s823 auto-bind vlan 823
enable stpd s923 auto-bind vlan 923
enable stpd s903 auto-bind vlan 903
enable stpd s900 auto-bind vlan 900
enable stpd s921 auto-bind vlan 921
enable stpd s914 auto-bind vlan 914
enable stpd s0
configure stpd s823 tag 823
enable stpd s823
configure stpd s900 tag 900
enable stpd s900
configure stpd s903 tag 903
enable stpd s903
configure stpd s914 tag 914
enable stpd s914
configure stpd s921 tag 921
enable stpd s921
configure stpd s923 tag 923
enable stpd s923
Thanks for your help
Is there a way to enable by default for every ports the STP mode edge-safeguard with bpdu-restrict ? Like the "spanning-tree portfast default" and "spanning-tree portfast bpduguard default" on Cisco switches.
I'd like to enable the edge-safeguard mode for every port, and add an exception on trunk/dot1q ports.
Is that possible ?
I've tried to enable it for every ports in each instance like that :
configure stpd s0 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s900 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s903 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
configure stpd s914 ports edge-safeguard enable 1-24 bpdu-restrict recovery-timeout 300
But since the ports are not in the instance yet (auto-bind enabled), it throws an error for all ports :
Error: Port 1 is not a member of STP domain s900
Error: Port 2 is not a member of STP domain s900
etc...
Here is the whole STP config (the goal is to be compatible with rapid-pvst+ on Cisco):
configure stpd s0 mode dot1w
configure stpd s0 default-encapsulation pvst-plus
create stpd s823
configure stpd s823 default-encapsulation pvst-plus
create stpd s900
configure stpd s900 default-encapsulation pvst-plus
create stpd s903
configure stpd s903 default-encapsulation pvst-plus
create stpd s914
configure stpd s914 default-encapsulation pvst-plus
create stpd s921
configure stpd s921 default-encapsulation pvst-plus
create stpd s923
configure stpd s923 default-encapsulation pvst-plus
enable stpd s823 auto-bind vlan 823
enable stpd s923 auto-bind vlan 923
enable stpd s903 auto-bind vlan 903
enable stpd s900 auto-bind vlan 900
enable stpd s921 auto-bind vlan 921
enable stpd s914 auto-bind vlan 914
enable stpd s0
configure stpd s823 tag 823
enable stpd s823
configure stpd s900 tag 900
enable stpd s900
configure stpd s903 tag 903
enable stpd s903
configure stpd s914 tag 914
enable stpd s914
configure stpd s921 tag 921
enable stpd s921
configure stpd s923 tag 923
enable stpd s923
Thanks for your help
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-01-2017 05:45 AM
Hello Julienb.
You can't make setting link type edge and enabling edge-safeguard by default.
Anyway, even with the auto bind options on STPDs, it will not automatically be bound to the STPD if you add a port to a vlan as untagged since default-encapsulations are PVST+ on every STPD.
So below two example lines are needed when you add a port to a vlan as untagged with edge-safeguard.
conf "v823" add ports 5 untagged "s823" dot1d
conf "s823" ports link-type edge 5 edge-safeguard enable bpdu-restrict recovery-timeout 300
You can't make setting link type edge and enabling edge-safeguard by default.
Anyway, even with the auto bind options on STPDs, it will not automatically be bound to the STPD if you add a port to a vlan as untagged since default-encapsulations are PVST+ on every STPD.
So below two example lines are needed when you add a port to a vlan as untagged with edge-safeguard.
conf "v823" add ports 5 untagged "s823" dot1d
conf "s823" ports link-type edge 5 edge-safeguard enable bpdu-restrict recovery-timeout 300
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-01-2017 05:45 AM
I totally agree here, this is ridiculous. New to EXOS and I have to use PVST+ for interoperability.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-01-2017 05:45 AM
Wow Extreme knows how to make life easy for network admins ! ahah
So each time you change a VLAN on a port, you also need to change the STP config ? What is auto-bind made for in that case?
So each time you change a VLAN on a port, you also need to change the STP config ? What is auto-bind made for in that case?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-27-2017 06:53 PM
This is a nice script I have used to get you going.
https://github.com/extremenetworks/EXOS_Apps/tree/master/EZ_SpanningTree
https://github.com/extremenetworks/EXOS_Apps/tree/master/EZ_SpanningTree
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-27-2017 06:53 PM
I don't get it. It says the script associates all vlans to instance s0 and configure it for MSTP. But in MSTP, you need one instance per VLAN right ? By the way, I need Rapid-PVST+, not MSTP.
