I've a basic > intermediate understanding of networking. I've recently been tasked with looking into what at first glance appears to be a STP issue upon our corporate network. Without going into too much detail I think I've found the cause of the issue. Within our network we have our core switching infrastructure and then a second set of switches / second much, much smaller network that "should" be completely isolated from the core network and the core network STP.
However, I've recently discovered that this second network / set of switches are not as isolated as we thought. The second, supposedly isolated network was setup by a 3rd party company - their instructions being that the network should be totally independent to our core network and the only connection between the two should be an access / management connection so that we can telnet to these switches from the core network if necessary. However, I've recently discovered that these switches on the isolated network are part of our STP! Not only that but one of these switches is acting as root (as it has the lowest MAC address). It's through the management / access ports that I believe BDPU's must be getting sent and received. Is there a way that I stop BDPU's being sent and received over these management / access connections between these two networks - therefore isolating the secondary network and in doing so creating two STP instances - one for the core network and one for the secondary. We still require the ability to telnet to these switches from the core network - I just need to block/filter STP over the internetwork access / management ports.
Many thanks in advance to anyone who takes the time to read and respond to this.
Solved! Go to Solution.
If you know that the link is not causing a loop, you can disable STP on that port.
console(config)# interface ethernet g5
console(config-if)# spanning-tree disable
If you want to manipulate priority/costs, you can do so to manipulate which switch is the root.
console(config-if)# spanning-tree cost 35000
console(config-if)# spanning-tree port-priority 96
Some good white pages on STP.
Thank you very much for your time and response! 🙂
Will disabling spanning tree filter / stop BDPU's being sent and received through that port?