Content filters configured as transparent bridges and spanning tree

Discussion in 'Cisco' started by pfisterfarm, Jun 24, 2011.

  1. pfisterfarm

    pfisterfarm Guest

    I've got a situation where I need to connect two switches, a 4507R
    (our core switch) to a 3560, using two devices which are functioning
    as transparent bridges, connected in parallel. The devices are
    actually content filters (they're Lightspeed Rocket appliances if that
    makes any difference), and we'd like to have one online as a standby
    unit in case the first one fails. The only other thing connected to
    the 3560 is two PIX firewalls (active/standby) which are in a vlan
    from the core network. The two switch are EIGRP neighbors.

    I was hoping that spanning-tree would take care of selecting one
    device for production use and the other as a standby. When we tried
    it, there was no connectivity at all. It seemed like the switches were
    not agreeing on which device to use. Is there any way to maybe have
    the 4507R take care of the forwarding/blocking decisions and turn off
    spanning-tree on the 3560?
     
    pfisterfarm, Jun 24, 2011
    #1
    1. Advertising

  2. pfisterfarm

    Mark Huizer Guest

    Re: Content filters configured as transparent bridges and spanningtree

    The wise pfisterfarm enlightened me with:
    > I've got a situation where I need to connect two switches, a 4507R
    > (our core switch) to a 3560, using two devices which are functioning
    > as transparent bridges, connected in parallel. The devices are
    > actually content filters (they're Lightspeed Rocket appliances if that
    > makes any difference), and we'd like to have one online as a standby
    > unit in case the first one fails. The only other thing connected to
    > the 3560 is two PIX firewalls (active/standby) which are in a vlan
    > from the core network. The two switch are EIGRP neighbors.
    >
    > I was hoping that spanning-tree would take care of selecting one
    > device for production use and the other as a standby. When we tried
    > it, there was no connectivity at all. It seemed like the switches were
    > not agreeing on which device to use. Is there any way to maybe have
    > the 4507R take care of the forwarding/blocking decisions and turn off
    > spanning-tree on the 3560?


    What I've remember from quite a similar setup (but with different boxes,
    not sure anymore, Astaro or something like that) is that the boxes
    needed to specifically have spanning tree configured, which makes sense
    since SPT is a point-to-point thingy.
    I would ask your vendor or the producer of this appliance how to
    configure that.

    Mark
     
    Mark Huizer, Jun 24, 2011
    #2
    1. Advertising

  3. pfisterfarm

    alexd Guest

    Meanwhile, at the comp.dcom.sys.cisco Job Justification Hearings,
    pfisterfarm chose the tried and tested strategy of:

    > I've got a situation where I need to connect two switches, a 4507R
    > (our core switch) to a 3560, using two devices which are functioning
    > as transparent bridges, connected in parallel. The devices are
    > actually content filters (they're Lightspeed Rocket appliances if that
    > makes any difference)


    Do the content filters participate in STP at all? Ie, do they pass STP, do
    they block STP and not emit their own, or do they emit their own and not
    pass STP?

    --
    <http://ale.cx/> (AIM:troffasky) ()
    00:24:24 up 5 days, 6:58, 5 users, load average: 0.12, 0.19, 0.22
    "People believe any quote they read on the internet
    if it fits their preconceived notions." - Martin Luther King
     
    alexd, Jun 25, 2011
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Amy L.
    Replies:
    0
    Views:
    2,421
    Amy L.
    Jul 24, 2003
  2. Amy L.
    Replies:
    1
    Views:
    1,453
  3. Yannick CHAMPS

    etherchannel and spanning tree cost

    Yannick CHAMPS, Aug 6, 2004, in forum: Cisco
    Replies:
    0
    Views:
    746
    Yannick CHAMPS
    Aug 6, 2004
  4. NNTP
    Replies:
    3
    Views:
    23,091
    mathew
    Oct 2, 2008
  5. Replies:
    0
    Views:
    376
Loading...

Share This Page