dynes-deployments - Re: [dynes-deployments] PVST+ and DYNES
Subject: DYNES-Deployments
List archive
- From: Linda Winkler <>
- To:
- Cc: , "Dale W. Carder" <>
- Subject: Re: [dynes-deployments] PVST+ and DYNES
- Date: Fri, 26 Jul 2013 16:38:09 -0500
Byron,
What hardware is LEARN using? Did implementing the PVST+ BPDU filter
alleviate the problem?
lw
On May 17, 2013, at 6:06 PM, Byron L. Hicks
<>
wrote:
> On 05/17/2013 04:51 PM, Dale W. Carder wrote:
>
>> This has absolutely nothing to do with one protocol being proprietary
>> or not.
>
> Maybe. But if the Internet2 device was a Cisco Switch, would the vlan
> translation also modify the peer vlan id on the BPDU? Or, if the
> Juniper could speak PVST+, would it know to modify the peer vlan id on
> the BPDU. I'm more of a Juniper geek than a Cisco geek, so I don't know
> the answer to the questions. I think the proprietary nature of PVST+
> had some part to play.
>
> On the other hand, if the protocol chosen was RSTP or MSTP, would the
> BPDU just die at the Juniper. I'm not sure of that answer, either.
>
>> When any two interdomain sites are peering you need to pay attention
>> to the fine details. This is true whether for BGP or in this case
>> Spanning Tree. Both give you the tools to inflict damage.
>
> I agree. However, BGP has a little better defined borders. In this
> particular case, the two domains that didn't agree were Vanderbilt and
> SMU. Internet2 didn't strip the BPDU, nor did LEARN. Nor did we
> realize that we needed to until this week.
>
> Should Internet2 be looking for those BPDUs, or is this just up to the
> RoNs to take care of? Or the end sites? In the case of most of my
> DYNES connected community here in Texas, they are using the same path
> for commodity, Internet2, NLR, TR-CPS, and DYNES vlans. They may have a
> legitimate need to run spanning tree across that link, and to not filter
> all BPDUs.
>
>> For example, you probably don't want to accept arbitrary BPDU's any more
>> than you would accept arbitrary NLRI's.
>
> Yes, I agree, and will be pushing to implement the PVST+ BPDU filter on
> all my DYNES connections within LEARN.
>
> --
> Byron Hicks
> Lonestar Education and Research Network
> office: 972-883-4645
> google: 972-746-2549
> aim/skype: byronhicks
>
- Re: [dynes-deployments] PVST+ and DYNES, Linda Winkler, 07/26/2013
- Re: [dynes-deployments] PVST+ and DYNES, Byron Hicks, 07/29/2013
- Re: [dynes-deployments] PVST+ and DYNES, Jay Ford, 07/29/2013
- Re: [dynes-deployments] PVST+ and DYNES, Byron Hicks, 07/29/2013
- Re: [dynes-deployments] PVST+ and DYNES, Jay Ford, 07/29/2013
- Re: [dynes-deployments] PVST+ and DYNES, Byron Hicks, 07/29/2013
Archive powered by MHonArc 2.6.16.