This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Problem to configure STP BPDUGuard and LLDP on X460-g2

Problem to configure STP BPDUGuard and LLDP on X460-g2

ar1
Contributor

‎10-25-2017 07:24 AM

Hi all,
we are using a lot of C5-, G3 and K10 Serie switches as edge devices and have configured them with following restrictions:
- all edge ports must use MAC- and 802.1X- authentication
- all edge ports has to disable the port if BPDU's will received (spanguard enabled, timeout 0 and port configured as adminedge)
- without authentication it's not allow that the port send out traffic (no vlan egress)

Now he want to replace some C5 to X460-G2 and I have some problems to configure LLDP or STP settings.
I'm new to EXOS and I would be happy if someone could help.

Here an example what I try to do:

X460G2-48p-10G4.5 # sh port 3 vlan
Untagged
Port /Tagged VLAN Name(s)
-------- -------- ------------------------------------------------------------
3 None None
* X460G2-48p-10G4.6 # configure stpd s0 ports link-type edge 3 edge-safeguard enable bpdu-restrict recovery-timeout 600
Error: Port 3 is not a member of STP domain s0
Error: Command aborted due to input errors, no changes made
* X460G2-48p-10G4.137.7 #
* X460G2-48p-10G4.137.7 #
* X460G2-48p-10G4.137.7 # conf lldp port 3 advertise vendor-specific med policy application voice vlan VoIP-VLAN dscp 46
ERROR: The following ports "3" are not part of VLAN "VoIP-VLAN".
* X460G2-48p-10G4.137.8 #

Does anybody have an idea how to handle this?

I have enabled stp auto-bind for every vlan.

If I add all ports to the Default-VLAN I can configure STP but for LLDP I have to add all ports to tagged VoIP-VLAN.
But with this connfiguration I will break out company rules.

Does anybody out there who can help?

Best regards,
Axel

3 REPLIES 3

Dave_Hammers
Extreme Employee

‎10-26-2017 09:46 AM

ezspantree only works with mstp on the EXOS s0.
One of our SEs developed something for LLDP that you might find interesting. I'll make sure he is aware of this post.
0 Kudos

ar1
Contributor

‎10-26-2017 05:54 AM

Hi Dave,
thanks for your great help.
The ezspantree is working fine and it's not necessary that I have to configure a port to a VLAN.

Will this work if I would change the stp mode from mstp to rstp, too (all our systems are running rstp and we don't want to use mstp)?

And is there a script like this one available for LLDP, too?
I've got some informations to use a UPM script for LLDP if I use MAC- and 802.1X. But this is not so well, because if I add a non-phone to the port (or make a loop) the UPM script will run and add the VoIP-VLAN tagged to the port although it is not necessary.
Best regards,
Axel

0 Kudos

Dave_Hammers
Extreme Employee

‎10-25-2017 11:56 AM

Have you tried ezSpanningTree. https://github.com/extremenetworks/EXOS_Apps/tree/master/EZ_SpanningTree

Depending on the EXOS release, it may already be included on your X460-G2
GTM-P2G8KFN