Cisco Smartports

In troubleshooting  a network problem recently, I was reminded about a feature set which is turned on by default on their Small Business and Catalyst Express Switches called Smartports Roles, and in their larger switches and routers they are called Smartport Macros (but are not enabled by default and used in the CLI). This is a love-it or hate-it feature of Cisco SMB switches. When we think of managed switches, how much feature set are we often using other than VLAN, QoS and perhaps high-throughput? The reality is that managed switches have a lot more feature and functionality to them which we often don’t configure. Cisco had made these feature also available as templates for small businesses. Which is great, unless you don’t realize they’re in-place. If you don’t know about Smartport rules you can spend hours chasing your tail.

The biggest gotcha you need to know is that by default most ports are configured in the “Desktop” role, which permits only one Mac address per port, and it disables spanning tree to permit fast network connectivity. If you connect in a switch you may notice that only the first node will actually work, and all others will fail to connect (this is port security).

In those cases you want “Switch” mode which permits multiple IPs (disabled port security) and enabled Rapid Spanning Tree (RSTP). Continue reading “Cisco Smartports”

Spanning Tree Protocol (STP)

Many of you have probably heard about the news coverage surrounding the downtime of the WordPress.com website (link). Perhaps the biggest lessons learned here is the complexity of spanning tree (STP), and perhaps more significantly, how the technology is taken for granted. The question for the week: do you know exactly how your spanning tree is operating within your organization? Which is your root bridge?

Without specifically designing your switching network intentionally, you leave things basically up to fate to decide on which switch is your root. Sometimes the worst connected or non-redundantly connected switch ends up being the root. Imagine a level 1 technician connecting in a basic managed switch in their cubicle to provide additional ports, but because the MAC address is the smallest, it becomes elected at the root. Probably not exactly what you want to have happen, but that is exactly what I’ve seen.

Here is a quick refresher:
http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp.htm

Along with a great list of common problems:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800951ac.shtml

Powered by WordPress.com.

Up ↑