Hi Marko,
I agree, and that is what I have done (enabled portfast etc) but we
don't have control of the switches/routers to which OpenBSD is
connected in all cases.
For example we are connected to a various providers in various
locations (we have many OpenBSD firewalls and this is only a problem in
some locations) where they wont enable port fast/configure as static
access ports.
Andy.
On Mon 22 Jul 2013 12:44:08 BST, Marko Cupać wrote:
On Mon, 22 Jul 2013 12:12:30 +0100
Andy <a...@brandwatch.com> wrote:
I.e. When a firewall boots up, the connected switch port starts STP and
is initially blocked, causing the newly booting firewall to think it is
master, the port then starts forwarding and I have double master.
Why trying to solve problem on OpenBSD side and not on switch side? If I
remember well, STP is protocol which blocks redundant paths to the same
switch in order to avoid switching loops. As your two switch ports connect
to a firewall you do not need STP there.
