Additional UserPort security by deploying Loopback-Detection

The function Loopback-Detection (LBD) detects and avoids similar to UserPorts-Security (aka „BPDUShutdown“) loops in the network. In contrast to BPDUShutdown/UserPorts-Security this feature will also detect loops if STP/BPDUs are disabled or somehow filtered by the adjacent device, this happens if the Smarter-SOHO-Switch processes the BPDU and sends it to its own software stack / CPU but doesn't have an implementation for STP/BPDU.

The feature is based on Multicast-frames that will be forwarded even by the Smarter-SOHO-Switches and let us securely detect and avoid network loops by shutting down the ports:

loopback-detection enable
loopback-detection port 1/1 enable
loopback-detection port 1/x-y enable

You can achieve a good baseline of UserPorts security by following the example in this TechTip: Configuration example for UserPort security

english/deploy-loopback-detection-lbd.txt · Zuletzt geändert: 2014/06/19 15:29 von benny

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki