Design Review Template - NETS
Design Review Template - NETS
Design Review Template - NETS
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Hierarchical (MultiLayer) Network <strong>Design</strong><br />
set spantree enable all<br />
! default<br />
PortFast<br />
PortFast is used to bypass normal spanning-tree operation on access-ports to speed up connectivity<br />
between end-stations and the services they need to connect to after link initialization.<br />
AS recommend STP PortFast be set on for all enabled host ports. Must be diligent to catch<br />
all ports!!!<br />
AS recommends using the “host” macro to configure PortFast on Access ports:<br />
Set port host ! macro for the following commands<br />
set spantree portfast enable<br />
set trunk off<br />
set channel mode off<br />
Note that PortFast doesn’t mean that we do not run spanning-tree at all on those ports: BPDUs are still<br />
sent, received and processed. It must also be understood that PortFast will not work on trunks since these<br />
ports are typically not access-ports. This may cause confusion on access-ports running ISL or dot1q<br />
connected to multi-homed trunking capable end-stations.<br />
PortFast BPDU-Guard provides a method for preventing loops by moving a non-trunking port into an<br />
ErrDisable state when a BPDU is received on that port.<br />
Under “normal” conditions we should never receive a BPDU packet on an access-port configured for<br />
PortFast, so if we for some reason should see a BPDU coming in, it indicates an invalid hence dangerous<br />
configuration and the action we take upon this is to shut down the access-port. When the BPDU Guard<br />
feature is enabled on the switch spanning tree shuts down PortFast-configured interfaces that receive<br />
BPDUs instead of putting them into the spanning-tree blocking state<br />
set spantree portfast bpdu-guard enable<br />
UplinkFast<br />
UplinkFast is a solution for Access Layer switches to move it’s blocking link almost instantaneously to<br />
forwarding if there is a direct link failure to the root switch. Access Layer switches using UplinkFast<br />
forward their CAM table over the new root port, preventing unknown unicasts to flood. UplinkFast feature<br />
uses uplink group, which consists of the root port and all the ports that provide an alternate connection to<br />
the root bridge (blocking redundant links). If the root port fails (primary uplink failure), a port from the<br />
uplink group is selected to immediately replace it. Uplinkfast feature is only useful when there is a<br />
redundant blocking link. Uplinkfast and the following Cross stack uplinkfast feature are not necessary if a<br />
design with no layer 2 loops is implemented<br />
NCAR <strong>Design</strong> <strong>Review</strong> and Recommendations v1.0 19