cancel
Showing results for 
Search instead for 
Did you mean: 

What would you to do mitigate/prevent loops in this scenario?

What would you to do mitigate/prevent loops in this scenario?

Ron_Prague
New Contributor II
I've got a challenging situation and I'd love to hear opinions on the right way to deal with it.

The variables:
Understaffed currently, anything requiring a lot of administrative time/effort will be hard to maintain.
We have a large number of small unmanaged switches that don't send out BPDU packets when plugged in. These will be replaced, but this will take time due to budget restraints/end of year timing.
Large complex network supporting a manufacturing floor where equipment/workstations move often, far too often. Sometimes several times in a week.

Last week we had an outage when a helpful person on the floor saw a stray cable lying on a desk and plugged it into a small knockoff 5 port gig switch. This caused a loop that became very difficult to track down due to other issues.

The stack in question was a 6 switch stack, EAPS ring connected to the core via 20gb LAG ports.

ELRP seems like a good idea, except that requires constant updates of ELRP when vlans are moved between ports when manufacturing moves desks/test equipment/printers around. This feels really prone to human error.

BPDU guard seems like a good idea, except these chinese knockoff switches don't send out BPDU packets and happily just loop away.

STP doesn't work without BPDU being sent.

Broadcast limits seem reasonable, maybe on the uplink ports? I've noticed setting broadcast/multicast limits on large stacks (300+ ports) can cause a sustained CPU load that makes me uncomfortable.

Thoughts? I'd like to have a sustainable solution to this problem that will get us through the next 3 months when I can replace all these little desk switches with managed 430-8 models.
9 REPLIES 9

Sounds like the edge switches might not forward BPDUs at all. I think David's suggestion might be worth a shot, assuming these edge switches will forward tagged frames.

That's interesting. Can you send us the "show config stp" and "show stp " from one of the switches you were testing with?

Yeah Patrick, that's the behavior I expected to see but in testing on Sunday STP never brought the loop port down and there were not STP events logged.

davidj_cogliane
Contributor
You should be able to run ELRP on a "NoLoop" VLAN that you tag on every port. This way when you change the user VLAN you do not need to do anything to the ELRP config.

I hadn't considered that option David, thank you.
GTM-P2G8KFN