Friday, December 21, 2012

Guideline for XenServer Switch Ports


Guidelines

  1. If using Spanning Tree Protocol (STP), use either Rapid Spanning Tree Protocol (RSTP) or enable PortFast on XenServer connected ports, depending on switch hardware support. PortFast allows a switch port running Spanning Tree Protocol (STP) to go directly from blocking to forwarding mode by skipping the learning and listening modes. PortFast should only be enabled on ports connected to a single host.
    WARNING: Use caution when enabling PortFast, and do so only on ports that do not connect to multi-homed devices such as hubs or switches.

  2. Disable Port Security or equivalent on XenServer connected ports.
    Port security prevents multiple MAC addresses from being presented to the same port. In a virtual environment, you see multiple MAC addresses presented from Virtual Machines to the same port. If you have enabled Port Security, it shuts down the port.

Troubleshooting

  1. Disable BPDU guard on XenServer connected ports.
    BPDU is a protection setting part of the STP that prevents you from attaching a network device to a switch port. When you attach a network device, the port shuts down and has to be enabled by an administrator. A PortFast port should never receive configuration BPDUs.

    Note: When BPDUs are received by a PortFast port, it indicates another bridge is connected to the port, and that there is a possibility of a bridging loop formation during the Listening and Learning phases. In a valid PortFast configuration, configuration BPDUs should never be received. Some Cisco switches support a feature called PortFast BPDU Guard, which is a feature that shuts down a PortFast-enabled port in the event a BPDU is received. This feature ensures that a bridging loop is not formed, because the port is shut down by the switch and removes the possibility of a loop forming.

  2. If you are using a 10/100 switch, change the port speed settings to Static
    If you are connecting to a 100 MBP/s port, set the PIF speeds to 100 MBPs Static with full duplex.

    Note: It is not necessary to change the speed or duplex settings when connecting to 1GB switches.

at No comments:
Labels:
Subscribe to: Posts (Atom)