On 19 October 2017 at 09:38, Mark Tinka <mark.ti...@seacom.mu> wrote: > > > On 19/Oct/17 10:24, Gert Doering wrote: > > So, how do you bridge together two ports on an ASR1k, with STP? ;-) > > I do understand the bits about no global VLAN significance, etc., > and tieing bridge-groups to pseudowires, etc. - I just want the more > basic stuff to be more explosion-robust when the customer plugs in > things wrongly. OTOH, the box is doing well, circulating 330.000 PPS > in that STP loop, with barely any CPU load [these are IP/ARP broadcasts > so the CPU is at risk of being told about them]... > > > Good question, couldn't possibly tell you that. > > We typically don't support such topologies at Layer 2 in our network due to > the very problem you describe. We'd run both ports independently for the > same customer, as for such use-cases, they are either looking for redundancy > or additional bandwidth; or both.
Sometimes beggars can't be choosers but this basically ^ We wouldn't offer dual connections to the same layer 3 edge device as a "resilient" service nor have it participate in layer 2 service if it is layer 3 edge. I'd stick a switch in place, the FW could have two links to the switch and the switch can participate in STP and have one uplink to the ASR920/PE for layer 3 termination/upstream. Cheers, James. _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/