On 2/19/2011 7:32 PM, Tom Judge wrote:
In this setup it does not matter where the root bridge is, each of the
firewalls will always have on port in disguarding state as both ports
lead back to the same peer bridge. With states such as:
fw 1 - 1: forwarding
fw 2 - 1: forwarding
fw 1 - 2: disguarding - backup
fw 2 - 2: disguarding - backup
If I got the topology correctly, it is supposed to be like this:
(Broadcast domain 1)
| |
| |
| |
(fw1) (fw2)
| |
| |
| |
(Broadcast domain 2)
If fw1 is the root bridge, then it'll look like this:
(Broadcast domain 1)
| |
| |
D R
(fw1) (fw2)
D B
| |
| |
(Broadcast domain 2)
fw2 will have one root port and one backup, and the fw1 will
have two designated ports. Since the switch will not take part
in the STP, there is no single bridge. If I get the topology
correctly...
There is a also the caveat: The switch will probably _not_ forward the
STP BPDU's from one port to another. This is because if the switch is a
properly compliant bridge it will not forwards the frames as they are
marked as link local ethernet multicast frame which is not allowed to
forwarded by a bridge per the ethernet spec. If this is indeed the case
you will make an instant forwarding loop in your network when you try to
make it work.
Yes this is true, but when a port is not running STP it is not considered
to be part of a compliant bridge so there should be mechanism to allow
forwarding BPDUs to the other bridges that run STP. Like when one combines
simple unmanaged switches(with no STP functionality) with managed ones.
The unmanaged ones simply forward everything they receive and the STP ones
can detect and break the loops.
Nikos
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
