Configuring Spanning Tree Portfast
Waiting on Spanning Tree to place a port into forwarding can cause problems with fast booting machines requesting DHCP IP Addresses. This lab will discuss and demonstrate the configuration and verification of STP PortFast.
Real World Application & Core Knowledge
So lets say an end user just bought this super fast computer that boots up in few seconds, or perhaps maybe you have a thin client on the network that boots up and request an IP address within 5 seconds. What happens when that traffic gets to the switch port?
It gets dropped. Why you ask? Because the switchport takes 15 seconds to transition from blocking to forwarding as it is listening to determinate rather or not a loop on the network exist. Once determined that no loops exist, the port is placed in learning then designated (forwarding) if the port is an access port.
So if you’re device boots up in 5 seconds and requests an IP address with the timeout of 8 seconds then you will fail to receive an IP Address as the switchport is not forwarding traffic yet.
The simple explanation is that PortFast will immediately transition a port to the forwarding state and not attempt to detect a switching loop unless a BPDU is received on the port with PortFast enabled. So plugging in multiple links on hubs, switches or bridges to the network can temporary switching loops.
Another major advantage of PortFast is that a TCN (Topology Change Notification) is not generated by spanning-tree each time a port goes up or down. This conserves resources as spanning-tree does not have to reprocess the tree every time a TCN is generated.
There are two ways to enable PortFast on a Cisco Catalyst Series switch. One way is by enabling portfast in interface configuration mode and the other way is to globally enable portfast across the entire switch.
Note that Portfast is supported on the Cisco NM-16ESW however the spanning tree portfast default feature is not.
In this lab you’ll familiarize yourself with the following commands;
| Command | Description |
|---|---|
| spanning-tree portfast | This command is executed in interface configuration mode and enables portfast on a per interface basis |
| spanning-tree portfast default | This command is executed in global configuration and enables PortFast across the entire switch by default. |
| show spanning-tree interfaceinterface#/# portfast | This command is executed in privileged mode and shows rather or not portfast is enabled on the specific interface. |
| show spanning-tree summary | This command is executed in privileged mode to display the current status of default STP configurations including PortFast. |
| show spanning-tree | This command is executed in privileged mode to display a table of ports assigned to a particular VLAN and the current port status rather its FWD or BLK. |
Lab Prerequisites
- If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1.
- Establish a console session with devices R1 and SW1 than configure the devices respected hostname(s).
- Configure SW1 to run Rapid-PVST.
Lab Objectives
- By default, interfaces on routers are administratively shut down. Enable FastEthernet0/0 which is connected to Fa0/1 then observe the switches spanning-tree behavior via the show spanning-tree command.
- Shutdown R1’s FastEthernet0/0 interface then configure PortFast on SW1’s FastEthernet0/1. Afterward; re-enable the Fa0/0 interface on R1 and ensure that Fa0/1 on SW1 is immediately transitioned to forwarding status by viewing the spanning-tree output on SW1.
- Enable PortFast on all interfaces of the switch by default and do not use the spanning-tree portfast command in interface configuration mode. Verify your configuration.
Lab Instruction
Step 1. – By default, interfaces on routers are administratively shut down. Enable FastEthernet0/0 which is connected to Fa0/1 then observe the switches spanning-tree behavior via the show spanning-tree command.
R1 con0 is now available Press RETURN to get started. *Mar 15 23:38:09.097: %SYS-5-CONFIG_I: Configured from console by console R1#enable R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface fa0/0 R1(config-if)#no shut R1(config-if)# %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up R1(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up R1(config-if)#end R1# %SYS-5-CONFIG_I: Configured from console by console R1#
The observation is shown below;
SW1#show spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 0014.f2d2.4180 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 24577 (priority 24576 sys-id-ext 1) Address 0014.f2d2.4180 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- --------------------------- Fa0/1 Desg BLK 19 128.3 P2p SW1#show spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 0014.f2d2.4180 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 24577 (priority 24576 sys-id-ext 1) Address 0014.f2d2.4180 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- --------------------------- Fa0/1 Desg LRN 19 128.3 P2p SW1#show spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 0014.f2d2.4180 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 24577 (priority 24576 sys-id-ext 1) Address 0014.f2d2.4180 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- --------------------------- Fa0/1 Desg FWD 19 128.3 P2p SW1#
As you’ll notice in the observation of spanning-tree the port is first blocking all traffic, then learning which still blocks traffic but learns MAC addresses from frames and processes BPDU’s from connected devices to determine potential switching loops then finally the port is placed into FWD (forwarding) if no layer two loop is detected by spanning tree.
Step 2. – Shutdown R1’s FastEthernet0/0 interface then configure PortFast on SW1’s FastEthernet0/1. Afterward; ee-enable the Fa0/0 interface on R1 and ensure that Fa0/1 on SW1 is immediately transitioned to forwarding status by viewing the spanning-tree output on SW1.
R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface fa0/0 R1(config-if)#shutdown R1(config-if)#
As shown below is the PortFast configuration on SW1 Fa0/1;
SW1 con0 is now available Press RETURN to get started. SW1>enable SW1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#interface fa0/1 SW1(config-if)#spanning-tree portfast %Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION %Portfast has been configured on FastEthernet0/1 but will only have effect when the interface is in a non-trunking mode. SW1(config-if)#end SW1#
And now to re-enable FastEthernet0/0 on R1;
R1(config-if)#no shut
R1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up
R1(config-if)#
Now if you quickly view spanning-tree on SW1 you should notice that Fa0/1 is placed into FWD immediately;
SW1#show span
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 24577
Address 0014.f2d2.4180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0014.f2d2.4180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- ---------------------------
Fa0/1 Desg FWD 19 128.3 P2p Edge
SW1#
Step 3. – Enable PortFast on all interfaces of the switch by default and do not use the spanning-tree portfast command in interface configuration mode. Verify your configuration.
SW1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#spanning-tree portfast default %Warning: this command enables portfast by default on all interfaces. You should now disable portfast explicitly on switched ports leading to hubs, switches and bridges as they may create temporary bridging loops. SW1(config)#end SW1#
And to verify that PortFast is enabled by default use the show spanning-tree summary command as shown below;
SW1#show spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: VLAN0001
Extended system ID is enabled
Portfast Default is enabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is enabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 0 0 0 1 1
---------------------- -------- --------- -------- ---------- ----------
1 vlan 0 0 0 1 1
SW1#
