Guest

Cisco Catalyst 6500 Series Switches

Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays

Document ID: 10553

Updated: Dec 19, 2008

   Print

Introduction

This document addresses initial connectivity delays that occur when workstations that are connected to switches have one of these two issues:

  • Unable to log in to a network domain, either Microsoft Windows NT or Novell

  • Unable to obtain a DHCP address

The steps in this document are easy to implement and address the most common causes of workstation connectivity delays that you encounter during the workstation initialization/startup phase.

Prerequisites

Requirements

As more and more customers deploy switching to the desktop and replace shared hubs with switches, an initial connectivity delay is often introduced in client/server environments. Most commonly, Windows 95/98/NT, Novell, Banyan Virtual Integrated Network Service (VINES), IBM NetworkStation/IBM Thin Clients, and AppleTalk clients are unable to connect to their servers. If the software on these clients is not persistent during the startup procedure, the clients give up on attempts to connect to a server before the switch has even allowed traffic to pass through the switch to the client.

Note: This initial connectivity delay often manifests itself as errors that appear when you first boot a workstation. These are several examples of error messages and errors you may see:

  • A Microsoft networking client displays No Domain Controllers Available.

  • DHCP reports No DHCP Servers Available.

  • A Novell Internetwork Packet Exchange (IPX) networking workstation does not have the Novell Login screen upon bootup.

  • An AppleTalk networking client displays Access to your AppleTalk network has been interrupted. To re-establish your connection, open and close the AppleTalk control panel. There is also a possibility that the AppleTalk client Chooser application either does not display a zone list or displays an incomplete zone list.

  • IBM Network Stations can have one of these messages:

    • NSB83619--Address resolution failed

    • NSB83589--Failed to boot after 1 attempt

    • NSB70519--Failed to connect to a server

    IBM has created fixes to help deal with this problem. IBM included the fixes in the PTF 7 for V2R1 code. Customers should be at Network Station Firmware level B3052500 (as of May 25, 2000) before they attempt to connect to the switches that this document lists.

The initial connectivity delay also frequently occurs in a switched environment in which a network administrator updates software or drivers. Often in this case, a vendor optimizes the drivers so that network initialization procedures happen earlier in the client startup process (before the switch is ready to process the packets).

With the various features that some switches now include, nearly a minute is sometimes necessary before a switch begins to service a newly connected workstation. This delay affects the workstation every time you turn on or reboot the workstation. The four main features that cause this delay are:

  • Spanning Tree Protocol (STP)

  • EtherChannel negotiation

  • Trunking negotiation

  • Link speed/duplex negotiation between the switch and the workstation

These four features are listed in order of the delay they cause. STP causes the greatest delay and speed/duplex negotiation causes the least delay. A workstation that connects to a switch usually does not cause spanning tree loops, usually does not need EtherChannel, and usually does not need to negotiate a trunking method. The disablement of link speed/detection negotiation can also reduce port delay if you need to optimize your startup time as much as possible.

This document shows how to implement startup speed-optimization commands on three Cisco Catalyst switch platforms. The timing sections show how the switch port delay is reduced, and by how much.

Components Used

The examples in this document were created with this equipment:

  • A console cable that is suitable for the Supervisor Engine in the switch

    Note: Refer to Connecting a Terminal to the Console Port on Catalyst Switches.

  • A Catalyst 5505 switch that runs Catalyst OS (CatOS) software version 4.5(1)

  • A Catalyst 6000 switch that runs Cisco IOS® Software Release 12.1(6)E

  • A Catalyst 4000 switch that runs Cisco IOS Software Release 12.1(11b)EW

  • A Catalyst 2948G-L3 switch

  • A Catalyst 2900XL switch that runs Cisco IOS Software Release 11.2(8.2)SA6

  • A Catalyst 1900 switch that runs Enterprise Edition software version 8

  • A Fast Ethernet module that is capable of Port Aggregation Protocol (PAgP) and trunking

  • An RJ-45 Ethernet crossover cable to connect to the switch

  • A PC to connect to the switch

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

This document uses the terms "workstation", "end station", and "server" interchangeably. These terms refer to any device that directly connects to a switch with a single network interface card (NIC). The terms can also refer to devices with multiple NICs, in which the NIC is used only for redundancy. In other words, the workstation or server is not configured to act as a bridge, but the workstation/server has multiple NICs for redundancy.

Note: There are some server NICs that support trunking and/or EtherChannel. There are situations in which the server needs to live on several VLANs at the same time (trunking) or the server needs more bandwidth on the link that connects the server to the switch (EtherChannel). In these cases, you do not turn PAgP off and do not turn trunking off. Also, these devices are rarely turned off or reset. The instructions in this document do not apply to these types of devices.

Background

This section describes four features that some switches have which cause initial delays when you connect a device to the switch. A workstation typically does not cause the spanning tree problem (loops) or does not need the feature, commonly PAgP and/or Dynamic Trunking Protocol (DTP), so the delay is unnecessary.

Spanning Tree

If you have recently migrated from a hub environment to a switch environment, startup connectivity delays can appear because a switch works much differently than a hub. A switch provides connectivity at the data link layer, not at the physical layer. The switch uses a bridging algorithm in order to decide if packets that are received on a port need to be transmitted out other ports. The bridging algorithm is susceptible to physical loops in the network topology. Because of this susceptibility to loops, switches run the protocol STP that causes loops to be eliminated in the topology. When you run STP, all ports that are included in the spanning tree process become active much slower than they otherwise become active as STP detects and blocks loops. A bridged network that has physical loops, without STP, breaks. Despite the time that the process involves, STP is beneficial. STP that runs on Catalyst switches is an industry-standard specification (IEEE 802.1D).

After a port on the switch has linked and joined the bridge group, STP runs on that port. A port that runs STP can be in one of five states:

  • blocking

  • listening

  • learning

  • forwarding

  • disabled

STP dictates that the port starts out blocking, and then immediately moves through the listening and learning phases. By default, the port spends approximately 15 seconds listening and 15 seconds learning. During the listening state, the switch tries to determine where the port fits in the spanning tree topology. The switch especially wants to know whether this port is part of a physical loop. If the port is part of a loop, the port can be chosen to go into blocking mode. The blocking mode means that the port does not send or receive user data in order to eliminate loops. If the port is not part of a loop, the port proceeds to the learning state, in which the port learns which MAC addresses live off this port. This entire STP initialization process takes about 30 seconds.

If you connect a workstation or a server with a single NIC card or an IP phone to a switch port, the connection cannot create a physical loop. These connections are considered leaf nodes. There is no reason to make the workstation wait 30 seconds while the switch checks for loops if the workstation cannot cause a loop. Cisco added the PortFast or fast-start feature. With this feature, the STP for this port assumes that the port is not part of a loop and immediately moves to the forwarding state and does not go through the blocking, listening, or learning states. This command does not turn STP off. This command makes STP skip a few initial steps (unnecessary steps, in this circumstance) on the selected port.

caution Caution:  Never use the PortFast feature on switch ports that connect to other switches, hubs, or routers. These connections can cause physical loops, and spanning tree must go through the full initialization procedure in these situations. A spanning tree loop can bring your network down. If you turn on PortFast for a port that is part of a physical loop, there can be a window of time when packets are continuously forwarded (and can even multiply) in such a way that the network cannot recover.

EtherChannel

Other features that you can enable on switches are EtherChannel, Fast EtherChannel (FEC), or Gigabit EtherChannel (GEC). These features allow multiple links between the same two devices to work as if the links were one fast link, with the traffic load balanced among the links. A switch can form these bundles automatically with a neighbor with the use of PAgP. Switch ports that can run PAgP usually default to a passive mode called auto mode. In auto mode, the switches form a bundle if the neighbor device across the link requests it. If you run the protocol in auto mode, a port delay of up to 15 seconds can occur before the pass of control to the spanning-tree algorithm (STA). PAgP runs on a port before STP does. There is no reason for you to run PAgP on a port that connects to a workstation. If you set the switch port PAgP mode to off, you eliminate this delay.

Trunking

Another switch feature is the ability for a port to form a trunk. A trunk is configured between two devices when they need to carry traffic from multiple VLANs. A VLAN is what switches create in order to make a group of workstations appear to be on its own segment or broadcast domain. Trunk ports make these VLANs extend across multiple switches so that a single VLAN can cover an entire campus. In order to extend the VLANs in this way, the trunk ports add tags to the packets that indicate the VLAN to which the packet belongs.

There are different types of trunking protocols. If a port can become a trunk, there is a possibility that the port can trunk automatically. And, in some cases, the port can even negotiate the type of trunking to use on the port. DTP provides this ability to negotiate the trunking method with the other device. The precursor to DTP is a protocol named Dynamic Inter-Switch Link Protocol (ISL) (DISL). If these protocols run, they can delay when a port on the switch becomes active.

Usually, a port that connects to a workstation belongs to only one VLAN. Therefore, the port does not need to trunk. If a port has the ability to negotiate the formation of a trunk, the port usually defaults to the auto mode. If you change the port trunking mode to off, you can further reduce the delay of when a switch port becomes active.

Speed and Duplex Negotiation

If you turn on PortFast and turn off PAgP (if PAgP is present), you can usually solve an initial connectivity delay. If you need to eliminate every possible second, you can also set the port speed and duplex manually on the switch, if the port is a multispeed port (10/100 Mbps). While autonegotiation is a nice feature, you can save 2 seconds if you turn it off on a Catalyst 5500/5000. Autonegotiation does not help much on the Catalyst 2800 or Catalyst 2900XL.

Note: If you turn off autonegotiation on the switch but leave autonegotiation active on the workstation, the switch does not negotiate with the client. Potentially, the client can fail to choose the same duplex setting that the switch uses. Refer to Configuring and Troubleshooting Ethernet 10/100/1000Mb Half/Full Duplex Auto-Negotiation for additional information on the caveats of autonegotiation.

Catalyst 4500/4000, 5500/5000, and 6500/6000 Switches That Run CatOS

The commands in this section show how to turn on PortFast, turn off PAgP negotiation, and turn off trunking negotiation (DISL, DTP). You can issue the set spantree portfast command for a range of ports if you issue, for example, set spantree portfast 2/1-12 enable. Usually, you must use a valid group of channel-capable ports in order to turn off the set port channel command. In the example in this section, module 2 has the ability to channel with ports 2/1-2 or with ports 2/1-4. Either of these groups of ports is valid to use.

Note: Switch software version 5.2 for the Catalyst 4500/4000 and 5500/5000 switches has a new command. The set port host command is a macro that combines the commands that the Configuration section shows into one easy-to-use command. Issue the set port host command in order to reduce the time that is necessary to start up packet forwarding. In order to optimize the port configuration, the set port host command sets the channel mode to off, enables spanning tree PortFast, sets the trunk mode to off, and disables the IEEE 802.1Q (dot1q) tunnel feature. If spanning tree PortFast is enabled, issue the set port host command only on ports that connect to a single host. If you connect hubs, concentrators, switches, and bridges to a fast-start port, temporary spanning tree loops can result.

Configuration

Switch -A> (enable) set spantree portfast 2/1 enable

Warning: Spantree port fast start should only be enabled on ports connected to
a single host. Connecting hubs, concentrators, switches, bridges, etc. to a
fast start port can cause temporary spanning tree loops. Use with caution.
		
Spantree port 2/1 fast start enabled.
Switch-A> (enable) set port channel 2/1-2 off
Port(s) 2/1-2 channel mode set to off.

Switch-A> (enable) set trunk 2/1 off
Port(s) 2/1 trunk mode set to off.

The changes to the configuration are automatically saved to NVRAM.

Verification

The version of the switch software that this document uses is 4.5(1). For the full output of the show version command and the show module commands, see the Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500 section of this document.

Switch-A> (enable) show version
WS-C5505 Software, Version McpSW: 4.5(1) NmpSW: 4.5(1)

The show port spantree command shows how to view the current state of a port with regard to STP. Currently, the port is in the STP forwarding state (sends and receives packets), and the Fast-Start column shows that PortFast is currently disabled. The port takes at least 30 seconds to move to the forwarding state whenever it initializes.

Switch-A> (enable) show port spantree 2/1

Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-Method
--------  ----  -------------  -----  --------  ----------  ------------
 2/1      1     forwarding        19        32  disabled

Enable PortFast on this switch port. The switch warns you that you should use this command only on ports that connect to a single host (a workstation, server, and so on) and never on ports that connect to other hubs or switches. With a single host, PortFast is enabled, and the port starts forwarding immediately. A workstation or server does not cause a network loop.

Switch-A> (enable) set spantree portfast 2/1 enable

Warning: Spantree port fast start should only be enabled on ports connected
to a single host.  Connecting hubs, concentrators, switches, bridges, etc. to
a fast start port can cause temporary spanning tree loops.  Use with caution.

Spantree port 2/1 fast start enabled.

In order to verify that PortFast is enabled for this port, issue this command:

Switch-A> (enable) show port spantree 2/1

Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-Method
--------  ----  -------------  -----  --------  ----------  ------------
 2/1      1     forwarding        19        32  enabled

Another way to view the PortFast settings for one or more ports is to view the STP information for a specific VLAN. The Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500 of this document shows how to have the switch report each stage of STP that it moves through in real time. This output of the show spantree command also shows the forward delay time (15 seconds). This time is the length of time that STP will be in the listening state and the length of time that STP will be in the learning state for each port in the VLAN:

Switch-A> (enable) show spantree 1
VLAN 1
Spanning tree enabled
Spanning tree type          ieee

Designated Root             00-e0-4f-94-b5-00
Designated Root Priority    8189
Designated Root Cost        19
Designated Root Port        2/24
Root Max Age   20 sec    Hello Time 2  sec   Forward Delay 15 sec

Bridge ID MAC ADDR          00-90-92-b0-84-00
Bridge ID Priority          32768
Bridge Max Age 20 sec    Hello Time 2  sec   Forward Delay 15 sec

Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-Method
--------- ----  -------------  -----  --------  ----------  ------------

 2/1      1     forwarding        19        32   enabled              

!--- Output suppressed.

In order to verify that PAgP is off, use the show port channel command. Be sure to specify the module number so that the command shows you the channel mode even if there is no channel formed. If you issue the show port channel with no channels formed, the output reports that there are no ports channeling. You need to go further and see the current channel mode.

Here is an example of the show port channel command. The example specifies the module number 2:

Switch-A> (enable) show port channel
No ports channeling
Switch-A> (enable) show port channel 2
Port  Status     Channel   Channel     Neighbor                  Neighbor
                 mode      status      device                    port
----- ---------- --------- ----------- ------------------------- ----------
 2/1  notconnect auto      not channel
 2/2  notconnect auto      not channel

!--- Output suppressed.

Switch-A> (enable) set port channel 2/1-2 off
Port(s) 2/1-2 channel mode set to off.

Switch-A> (enable) show port channel 2
Port  Status     Channel   Channel     Neighbor                  Neighbor
                 mode      status      device                    port
----- ---------- --------- ----------- ------------------------- ----------
 2/1  connected  off       not channel
 2/2  connected  off       not channel

!--- Output suppressed.

In order to verify that trunking negotiation is off, issue the set trunk off command. The example output of the set trunk off command in this section shows:

  • The default state

  • That trunking is off

  • The resulting state

The example specifies module number 2 so that you can see the current channel mode for the ports in this module:

Switch-A> (enable) show trunk 2
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 2/1      auto         negotiate      not-trunking  1
 2/2      auto         negotiate      not-trunking  1

!--- Output suppressed.

 
Switch-A> (enable) set trunk 2/1-2 off
Port(s) 2/1-2 trunk mode set to off.

Switch-A> (enable) show trunk 2
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 2/1      off          negotiate      not-trunking  1
 2/2      off          negotiate      not-trunking  1 

!--- Output suppressed.

This document does not show an example that turns off speed/duplex autonegotiation via the manual set of the speed and duplex on the switch. This step is not necessary, except in the rarest of cases.

Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500

The test in this section shows what happens with switch port initialization timing as you apply the various commands. The default settings of the port are used first in order to give a benchmark. These settings are:

  • PortFast is disabled.

  • The PAgP (EtherChannel) mode is set to auto.

    Note: The port will channel if it is asked to channel.

  • The trunking mode (DTP) is set to auto.

    Note: The port will trunk if it is asked to trunk.

The test then proceeds in this way:

  1. Turn PortFast on and measure the time.

  2. Turn PAgP off and measure the time.

  3. Turn trunking off and measure the time.

  4. Turn autonegotiation off and measure the time.

All of these tests are done on a Catalyst 5500 with a 10/100-Mbps Fast Ethernet card that supports DTP and PAgP.

Note: To turn PortFast on is not the same as if you turn STP off, as the Spanning Tree section of this document explains. With PortFast on, STP still runs on the port. The blocking, listening, and learning states are skipped, and the port immediately goes to the forwarding state. Do not turn STP off because it affects the entire VLAN and can leave the network vulnerable to physical topology loops. Serious network problems can result.

Complete these steps:

  1. Issue the show version command and the show module command in order to show the switch software version and configuration.

    Switch-A> (enable) show version
    WS-C5505 Software, Version McpSW: 4.5(1) NmpSW: 4.5(1)
    Copyright (c) 1995-1999 by Cisco Systems
    NMP S/W compiled on Mar 29 1999, 16:09:01
    MCP S/W compiled on Mar 29 1999, 16:06:50
    
    System Bootstrap Version: 3.1.2
    
    Hardware Version: 1.0  Model: WS-C5505  Serial #: 066507453
    
    Mod Port Model      Serial #  Versions
    --- ---- ---------- --------- ----------------------------------------
    1   0    WS-X5530   006841805 Hw : 1.3
                                  Fw : 3.1.2
    
                                  Fw1: 3.1(2)
                                  Sw : 4.5(1)
    2   24   WS-X5225R  012785227 Hw : 3.2
                                  Fw : 4.3(1)
                                  Sw : 4.5(1)
    
           DRAM                    FLASH                   NVRAM
    Module Total   Used    Free    Total   Used    Free    Total Used  Free
    ------ ------- ------- ------- ------- ------- ------- ----- ----- -----
    1       32640K  13648K  18992K   8192K   4118K   4074K  512K  119K  393K
    
    Uptime is 28 days, 18 hours, 54 minutes
    
    Switch-A> (enable) show module
    Mod Module-Name         Ports Module-Type           Model    Serial-Num Status
    --- ------------------- ----- --------------------- --------- --------- -------
    1                       0     Supervisor III        WS-X5530  006841805 ok
    2                       24    10/100BaseTX Ethernet WS-X5225R 012785227 ok
    
    Mod MAC-Address(es)                        Hw     Fw         Sw
    --- -------------------------------------- ------ ---------- -----------------
    1   00-90-92-b0-84-00 to 00-90-92-b0-87-ff 1.3    3.1.2      4.5(1)
    2   00-50-0f-b2-e2-60 to 00-50-0f-b2-e2-77 3.2    4.3(1)     4.5(1)
    
    Mod Sub-Type Sub-Model Sub-Serial Sub-Hw
    --- -------- --------- ---------- ------
    1   NFFC     WS-F5521  0008728786 1.0
  2. Issue the set logging level spantree 7 command in order to set logging for STP to the most verbose.

    This example shows the default logging level (2) for STP, which means that only critical situations are reported:

    Switch-A> (enable) show logging
    
    Logging buffer size:          500
            timestamp option:     enabled
    Logging history size:         1
    Logging console:              enabled
    Logging server:               disabled
            server facility:      LOCAL7
            server severity:      warnings(4)
    
    Facility            Default Severity         Current Session Severity
    -------------       -----------------------  ------------------------
    
    !--- Output suppressed.
    
    spantree            2                        2                    
    
    !--- Output suppressed.
    
    0(emergencies)        1(alerts)             2(critical)           
    3(errors)             4(warnings)           5(notifications)      
    6(information)        7(debugging)

    Change the level for STP to 7 (debug) in order to view the STP state change on the port. This configuration change lasts only for the current terminal session.

    Switch-A> (enable) set logging level spantree 7
    System logging facility <spantree> for this session set to severity 7(debugging)
    
    Switch-A> (enable) show logging
    
    !--- Output suppressed.
    
    
    Facility            Default Severity         Current Session Severity
    -------------       -----------------------  ------------------------
    
    !--- Output suppressed.
    
    spantree            2                        7                    
    
    !--- Output suppressed.
    
    
  3. Issue the set port disable command in order to shut down the port.

    Switch-A> (enable) set port disable 2/1
    Port 2/1 disabled.
  4. Check the time and enable the port in order to determine the length of time that the switch stays in each state.

    This example uses the show time command and the set port enable 2/1 command. In order to get the most accurate timing information, issue the commands as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch.

    Switch-A> (enable) show time
    Fri Feb 25 2000, 12:20:17
    Switch-A> (enable) set port enable 2/1
    Port 2/1 enabled.
    Switch-A> (enable)
    2000 Feb 25 12:20:39 %PAGP-5-PORTTOSTP:
       Port 2/1 joined bridge port 2/1
    2000 Feb 25 12:20:39 %SPANTREE-6-PORTBLK: 
       port 2/1 state in vlan 1 changed to blocking.
    2000 Feb 25 12:20:39 %SPANTREE-6-PORTLISTEN: 
       port 2/1 state in vlan 1 changed to Listening.
    2000 Feb 25 12:20:53 %SPANTREE-6-PORTLEARN: 
       port 2/1 state in vlan 1 changed to Learning.
    2000 Feb 25 12:21:08 %SPANTREE-6-PORTFWD: 
       port 2/1 state in vlan 1 changed to forwarding.

    In this example, about 22 seconds (from 20:17 to 20:39) passed before the port began the STP blocking stage. During this time, the port joined the bridge group and completed DTP and PAgP negotiation. After blocking is started, you enter the STP realm. After blocking, STP went immediately to the listening state (20:39 to 20:39). The listening state took approximately 14 seconds (from 20:39 to 20:53). The learning state (until the forwarding state began) took 15 seconds (from 20:53 to 21:08). The total time before the port actually became functional for traffic was about 51 seconds (from 20:17 to 21:08).

    Note: Technically, the listening and learning stages should both be 15 seconds, which is how the forward delay parameter is set for this VLAN. The learning stage would be 15 seconds (rather than 14 seconds) if there were more accurate measurements. None of the measurements here are perfectly accurate.

  5. Issue the show port capabilities command and the show trunk command.

    As the output in Step 4 and the show spantree command output shows, STP is active on this port. There are other factors that can slow the port as it reaches the forwarding state. The show port capabilities command shows that this port has the ability to trunk and to create an EtherChannel. The show trunk command shows that this port is in auto mode and that the port is set to negotiate the type of trunking to use, either ISL or 802.1Q. The type of trunking to use is negotiated through DTP.

    Switch-A> (enable) show port capabilities 2/1
    Model                    WS-X5225R
    Port                     2/1
    Type                     10/100BaseTX
    
    Speed                    auto,10,100
    Duplex                   half,full
    Trunk encap type         802.1Q,ISL
    Trunk mode   on,off,desirable,auto,nonegotiate
    Channel      2/1-2,2/1-4
    Broadcast suppression    percentage(0-100)
    Flow control             receive-(off,on),send-(off,on)
    Security                 yes
    Membership               static,dynamic
    Fast start               yes
    Rewrite                  yes
    Switch-A> (enable) show trunk 2/1
    Port      Mode         Encapsulation  Status        Native vlan
    --------  -----------  -------------  ------------  -----------
     2/1      auto         negotiate      not-trunking  1
    
    !--- Output suppressed.
    
    
  6. Enable PortFast on the port.

    Trunking negotiation (DTP) and EtherChannel (PAgP) are still in the auto mode.

    Switch-A> (enable) set port disable 2/1
    Port 2/1 disabled.
    
    Switch-A> (enable) set spantree portfast 2/1 enable
    
    Warning: Port fast start should only be enabled on ports connected to a
    single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast
    start port can cause temporary spanning tree loops. Use with caution. 
    			 
    Spantree port 2/1 fast start enabled.
    
    Switch-A> (enable) show time
    Fri Feb 25 2000, 13:45:23
    Switch-A> (enable) set port enable 2/1
    Port 2/1 enabled.
    Switch-A> (enable) 
    Switch-A> (enable)
    2000 Feb 25 13:45:43 %PAGP-5-PORTTOSTP:
       Port 2/1 joined bridgeport 2/1
    2000 Feb 25 13:45:44 %SPANTREE-6-PORTFWD: 
       port 2/1 state in vlan 1 change to forwarding.

    There is a total time of 21 seconds. Twenty seconds passed before the port joined the bridge group (from 45:23 to 45:43). Because PortFast is enabled, only 1 second passed before STP started forwarding (instead of 30 seconds). You save 29 seconds when you enable PortFast. Now, try to reduce the delay further.

  7. Turn the PAgP mode to off.

    The show port channel command shows that the PAgP mode is set to auto, which means that the port will channel if a neighbor that runs PAgP asks the port to channel. You must turn off channeling for at least a group of two ports. You cannot turn off channeling for an individual port.

    Switch-A> (enable) show port channel 2/1
    Port  Status     Channel   Channel     Neighbor                  Neighbor
                     mode      status      device                    port
    ----- ---------- --------- ----------- ------------------------- ---------- 
     2/1  connected  auto      not channel
    
    Switch-A> (enable) set port channel 2/1-2 off
    Port(s) 2/1-2 channel mode set to off.
  8. Shut down the port and repeat the test.

    Switch-A> (enable) set port disable 2/1
    Port 2/1 disabled.
    
    Switch-A> (enable) show time
    Fri Feb 25 2000, 13:56:23
    Switch-A> (enable) set port enable 2/1
    Port 2/1 enabled.
    Switch-A> (enable)
    2000 Feb 25 13:56:32 %PAGP-5-PORTTOSTP:
       Port 2/1 joined bridgeport 2/1
    2000 Feb 25 13:56:32 %SPANTREE-6-PORTFWD: 
       port 2/1 state in vlan 1 changed to forwarding.

    Notice that, now, only 9 seconds are necessary to reach the forwarding state (from 56:23 to 56:32), instead of 21 seconds as in the test in Step 6. When you change PAgP from auto to off in this test, you save about 12 seconds.

  9. Turn trunking to off (instead of auto) and determine how that affects the time that is necessary for the port to reach the forwarding state.

    Turn the port off and on, and record the time.

    Switch-A> (enable) set trunk 2/1 off
    Port(s) 2/1 trunk mode set to off.
    Switch-A> (enable) set port disable 2/1
    Port 2/1 disabled.

    Start the test with trunking set to off (instead of auto).

    Switch-A> (enable) show time
    Fri Feb 25 2000, 14:00:19
    Switch-A> (enable) set port enable 2/1
    Port 2/1 enabled.
    Switch-A> (enable)
    2000 Feb 25 14:00:22 %PAGP-5-PORTTOSTP:
       Port 2/1 joined bridge port 2/1
    2000 Feb 25 14:00:23 %SPANTREE-6-PORTFWD: 
       port 2/1 state in vlan 1 change for forwarding.

    You saved a few seconds at the start because only 4 seconds passed before the port reached the STP forwarding state (from 00:19 to 00:22). You save about 5 seconds with the change of trunking mode from auto to off.

    If the switch port initialization time was the problem, you should have solved the problem at this point. If you need to reduce the time by a few more seconds, perform step 10.

  10. (Optional) Set the port speed and duplex manually instead of using autonegotiation in order to reduce the time by a few more seconds.

    Note: This step is not usually necessary in order to resolve startup delay issues.

    If you set the speed and duplex manually on one side, you must set the speed and duplex on the other side as well. When you set the port speed and duplex, you disable autonegotiation on the port, and the connecting device does not see autonegotiation parameters. The connecting device connects only at half duplex. This duplex mismatch results in poor performance and port errors. Remember to set speed and duplex on both sides in order to avoid these problems.

    In order to view the port status after you set the speed and duplex, issue the show port command.

    Switch-A> (enable) set port speed 2/1 100
    Port(s) 2/1 speed set to 100Mbps.
    Switch-A> (enable) set port duplex 2/1 full
    Port(s) 2/1 set to full-duplex.
    Switch-A> (enable) show port
    Port  Name               Status     Vlan       Level  Duplex Speed Type
    ----- ------------------ ---------- ---------- ------ ------ ----- ------------
     2/1                     connected  1          normal   full   100 10/100BaseTX
    
    !--- Output suppressed.
    
    

    This example shows the timing results:

    Switch-A> (enable) show time
    Fri Feb 25 2000, 140528 Eastern
    Switch-A> (enable) set port enable 2/1
    Port 2/1 enabled.
    Switch-A> (enable)
    2000 Feb 25 140529 Eastern -0500 %PAGP-5-PORTTOSTP:
       Port 2/1 joined bridgeport 2/1
    2000 Feb 25 140530 Eastern -0500 %SPANTREE-6-PORTFWD: 
       port 2/1 state in vlan 1 changed to forwarding.

    The final result gives a time of 2 seconds (from 0528 to 0530).

  11. Complete these steps to perform another visually timed test (with use of your watch):

    1. Issue a continuous ping (ping -t), directed to the switch, on a PC that is attached to the switch.

    2. Disconnect the cable from the switch.

      The pings start to fail.

    3. Reconnect the cable to the switch, and check your watch to determine the length of time that passes before the switch responds to the pings from the PC.

    The length of time is about 5 to 6 seconds with autonegotiation for speed and duplex turned on, and about 4 seconds with autonegotiation for speed and duplex turned off. There are a lot of variables in this test, such as PC initialization, PC software, the switch console port response to requests, and others. However, this test provides an idea of the length of time that is necessary to get a response from the PC point of view. All the other tests in this procedure are from the switch internal debug message point of view.

Catalyst 6500/6000 Switch That Runs Cisco IOS System Software

This section presents the commands to turn on spanning tree PortFast and turn off trunking negotiation (DISL, DTP). With this operating system, PAgP is not active until you add a port to an EtherChannel. You do not need to turn it off. You can issue the interface range command in order to apply these commands to a group of ports at one time. The interface range command in this example allows you to apply the commands to ports 3/2 through 3/4 at the same time:

Note: There is a space between the 2 and the - in the interface range fastethernet 3/2 -4 command. This space is mandatory in order to avoid a syntax error.

Native_IOS#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.

Native_IOS(config)#interface range fastethernet 3/2 -4
Native_IOS(config-if-range)#

This example uses only one port. A port in Cisco IOS Software defaults to be a routed port (Layer 3 [L3]), as you would encounter on a router. You only need to add the commands to ports that are configured to be switch ports (Layer 2 [L2]) because these are the ports that run L2 protocols (spanning tree and DTP) and are subject to startup delay as a result. In order to make a routed port a switched port, issue the switchport command (with no parameters after it) in interface mode.

Configuration

Start with a port in the default (L3) state and complete these steps:

  1. Issue the switchport command in order to configure the port as a switch port.

    Note: Issue the command on a line by itself.

  2. In order to turn off DTP, configure the port as an access port (only).

  3. Turn on the spanning tree PortFast feature.

  4. Save the configuration.

The show run interface fastethernet 3/13 command in this example shows the current configuration for this port:

Native_IOS#show run interface fastethernet 3/13
Building configuration...

Current configuration : 61 bytes
!
interface FastEthernet3/13
 no ip address
 shutdown
end

Native_IOS#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Native_IOS(config)#interface fastethernet 3/13
Native_IOS(config-if)#switchport
Native_IOS(config-if)#switchport mode access
Native_IOS(config-if)#spanning-tree portfast 
%Warning: PortFast should only be enabled on ports connected to a single host.
 Connecting hubs, concentrators, switches,  bridges, etc.to this interface
 when PortFast is enabled, can cause temporary Spanning Tree loops.
 Use with CAUTION

%PortFast has been configured on FastEthernet3/13 but will only
 have effect when the interface is in a non-trunking mode.
Native_IOS(config-if)#no shutdown
Native_IOS(config-if)#^Z
Native_IOS#copy run start

Verification

The version of the switch software that this document uses is Cisco IOS Software Release 12.1(6)E. For the full output of the show version command and the show module command, refer to the Timing Tests on a Catalyst 6500/6000 That Runs Cisco IOS System Software section of this document.

Native_IOS#show version
Cisco Internetwork Operating System Software 
IOS (tm) c6sup1_rp Software (c6sup1_rp-JSV-M), Version 12.1(6)E, EARLY DEPLOYME)

This is how the configuration looks after the changes that you have made go into effect:

Native_IOS#show run interface fastethernet 3/13
Building configuration...

Current configuration : 109 bytes
!
interface FastEthernet3/13
 no ip address
 switchport
 switchport mode access
 spanning-tree portfast
end

Native_IOS#show interfaces fastethernet 3/13 switchport 
Name: Fa3/13
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001

Native_IOS#show spanning-tree interface fastethernet 3/13
 Port 141 (FastEthernet3/13) of VLAN1 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.141.
   Designated root has priority 32768, address 00d0.024f.6001
   Designated bridge has priority 32768, address 00d0.024f.6001
   Designated port id is 128.141, designated path cost 0
   Timers: message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 8984, received 0
   The port is in the PortFast mode
Native_IOS#

Timing Tests on a Catalyst 6500/6000 That Runs Cisco IOS System Software

The test in this section shows what happens with switch port initialization timing as you apply the various commands. The default settings of the port are used first in order to give a benchmark. These settings are:

  • PortFast is disabled.

  • The trunking mode (DTP) is set to auto.

    Note: The port will trunk if it is asked to trunk.

Note: PAgP is not active by default in this operating system.

The test then proceeds in this way:

  1. Turn PortFast on and measure the time.

  2. Turn trunking off and measure the time.

  3. Turn autonegotiation off and measure the time.

Note: To turn PortFast on is not the same as if you turn STP off, as the Spanning Tree section of this document explains. With PortFast on, STP still runs on the port. The blocking, listening, and learning states are skipped, and the port immediately goes to the forwarding state. Do not turn STP off because it affects the entire VLAN and can leave the network vulnerable to physical topology loops. Serious network problems can result.

Complete these steps:

  1. Issue the show version command and the show module command in order to show the switch software version and configuration.

    Native_IOS#show version
    Cisco Internetwork Operating System Software 
    IOS (tm) c6sup1_rp Software (c6sup1_rp-JSV-M), Version 12.1(6)E, EARLY DEPLOYME)
    TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support
    Copyright (c) 1986-2001 by cisco Systems, Inc.
    Compiled Sat 17-Mar-01 00:14 by eaarmas
    Image text-base: 0x60020950, data-base: 0x6165E000
    
    ROM: System Bootstrap, Version 12.0(3)XE, RELEASE SOFTWARE 
    BOOTFLASH: MSFC Software (C6MSFC-BOOT-M), Version 12.1(6)E, EARLY DEPLOYMENT RE)
    
    Native_IOS uptime is 12 hours, 36 minutes
    System returned to ROM by reload (SP by reload)
    System image file is "sup-bootflash:c6sup11-jsv-mz.121-6.E"
    
    cisco Catalyst 6000 (R5000) processor with 114688K/16384K bytes of memory.
    Processor board ID SAD04281AF6
    R5000 CPU at 200Mhz, Implementation 35, Rev 2.1, 512KB L2 Cache
    Last reset from power-on
    Bridging software.
    X.25 software, Version 3.0.0.
    SuperLAT software (copyright 1990 by Meridian Technology Corp).
    TN3270 Emulation software.
    24 Ethernet/IEEE 802.3 interface(s)
    1 Virtual Ethernet/IEEE 802.3  interface(s)
    48 FastEthernet/IEEE 802.3 interface(s)
    4 Gigabit Ethernet/IEEE 802.3 interface(s)
    381K bytes of non-volatile configuration memory.
    4096K bytes of packet SRAM memory.
    
    16384K bytes of Flash internal SIMM (Sector size 256K).
    Configuration register is 0x2102
    
    Native_IOS#show module
    Slot Ports Card Type                                 Model                 Serir
    ---- ----- ----------------------------------------- --------------------- -----
     1     2   Cat 6000 sup 1 Enhanced QoS (active)      WS-X6K-SUP1A-2GE      SAD0 
     2     2   Cat 6000 sup 1 Enhanced QoS (other)       WSSUP1A-2GE           SAD0 
     3    48   48 port 10/100 mb RJ45                    WS-X6348-RJ-45        SAD0 
     6    24   24 port 10baseFL                          WS-X6024-10FL-MT      SAD0 
    
    Slot MAC addresses                      Hw    Fw           Sw
    ---- ---------------------------------- ----- ------------ ----------
     1   00d0.c0d2.5540 to 00d0.c0d2.5541   3.2   unknown      6.1(0.105)OR
     2   00d0.bceb.8bb4 to 00d0.bceb.8bb5   5.0   unknown      unknown     
     3   0002.7ef1.36e0 to 0002.7ef1.370f   1.1   5.3(1) 1999- 6.1(0.105)OR
     6   00d0.9738.5338 to 00d0.9738.534f   0.206 5.3(1) 1999- 6.1(0.105)OR
  2. Turn on debugging in order to see the various spanning tree states and determine when the port is ready to send and receive data, and turn on timestamps in order to see timing information in the messages that display.

    In Cisco IOS Software, the Switch Processor (SP) and the Route Processor (RP) work together to present one command-line interface (CLI) to the user, with the RP in charge of the CLI. Each module is responsible for different functions behind the scenes. In order to see debugs for spanning tree that run on a port that is configured as a switch port (L2), you need to turn on debugging on the SP. Complete these steps:

    1. Issue the remote login command in order to access the SP.

      Note: The prompt changes in order to let you know that you are on the SP.

    2. In order to return to the RP, issue the exit command.

      Note: Although the message in the output indicates otherwise, do not enter "^C^C^C".

    3. Limit the debugging information to only the port of interest.

      Issue the debug interface fastethernet 3/13 command.

    4. Turn on spanning tree debugging on the SP.

    5. Return to the RP in order to continue the test.

      The switch defaults to sending debug output to the console.

    Native_IOS#configure terminal
    Native_IOS(config)#service timestamps debug datetime msec
    Native_IOS(config)#service timestamps log datetime msec
    
    !--- If you turn on timestamps, the time displays whenever debug and/or
    !--- log messages are produced. This allows you to measure the time
    !--- between various messages.
    
    Native_IOS(config)#exit
    Native_IOS#remote login
    Trying Switch ...
    Entering CONSOLE for Switch
    Type "^C^C^C" to end this session
    
    Switch-sp#debug interface fastethernet 3/13
    Condition 1 set
    Switch-sp#debug spanning-tree events
    spanning tree event debugging is on
    Switch-sp#exit
    
    [Connection to Switch closed by foreign host]
    Native_IOS#
  3. Issue these commands in order to shut down the port:

    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#shutdown
    Native_IOS(config-if)#^Z                 
    Native_IOS#
  4. Check the time and enable the port in order to determine the length of time that the switch stays in each state.

    This example uses the show clock command, the configure terminal command, the interface fastethernet 3/13 command, and the no shut command. In order to get the most accurate timing information, issue the commands as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch.

    Native_IOS#show run interface fastethernet 3/13 
    Building configuration...
    
    Current configuration : 71 bytes
    !
    interface FastEthernet3/13
     no ip address
     shutdown
     switchport
    end
    
    Native_IOS#show clock
    *08:35:55.059 UTC Sun Jan 2 2000
    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#no shut
    *Jan  2 08:36:00.847: SP: STP: VLAN1 Fa3/13 -> listening
    *Jan  2 08:36:15.847: SP: STP: VLAN1 Fa3/13 -> learning
    *Jan  2 08:36:30.847: SP: STP: VLAN1 Fa3/13 -> forwarding

    In this example, about 5.8 seconds (from 35:55 to 36:00) passed before the port began the STP listening stage. During this time, the port joined the bridge group and completed DTP negotiation. The listening state took 15 seconds (from 36:00 to 36:15). The learning state (until the forwarding state began) took 15 seconds (from 36:15 to 36:30). The total time before the port actually became functional for traffic was about 35 seconds (from 35:55 to 36:30).

  5. Issue the show interfaces fastethernet 3/13 switchport command.

    As the output in Step 4 shows, STP is active on this port. There are other factors that can slow the port as it reaches the forwarding state. The show interfaces fastethernet 3/13 switchport command shows that this port will dynamically become a trunk if the other side of the link will. In this case, the administrative mode is dynamic desirable. However, the current operational mode is static access, which means that the other side is not willing to trunk. Notice that the negotiation of trunking is on and should remain on for the duration of the test.

    Native_IOS#show interfaces fastethernet 3/13 switchport
    Name: Fa3/13
    Switchport: Enabled
    Administrative Mode: dynamic desirable
    Operational Mode: static access
    Administrative Trunking Encapsulation: negotiate
    Operational Trunking Encapsulation: native
    Negotiation of Trunking: On
    Access Mode VLAN: 1 (default)
    Trunking Native Mode VLAN: 1 (default)
    Trunking VLANs Enabled: ALL
    Pruning VLANs Enabled: 2-1001
  6. Enable PortFast on the port.

    Trunking negotiation (DTP) is still in the auto mode.

    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#spanning-tree portfast 
    %Warning: PortFast should only be enabled on ports connected to a single host.
     Connecting hubs, concentrators, switches,  bridges, etc.to this interface
     when PortFast is enabled, can cause temporary spanning tree loops.
     Use with CAUTION
    
    %PortFast has been configured on FastEthernet3/13 but will only
     have effect when the interface is in a non-trunking mode.
    Native_IOS(config-if)#shutdown
    Native_IOS(config-if)#^Z
    Native_IOS#

    Perform the test.

    Native_IOS#show clock
    *08:41:09.531 UTC Sun Jan 2 2000
    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#no shut
    *Jan  2 08:41:15.175: SP: STP: VLAN1 Fa3/13 ->jump to forwarding from blocking

    There is a total time of about 5.7 seconds (from 41:09 to 41:15). You save about 30 seconds when you enable PortFast. Try to reduce the delay further.

  7. Turn trunking to off (instead of auto) and determine how that affects the time that is necessary for the port to reach the forwarding state.

    Turn the port off and on, and record the time. In order to turn trunking off in Cisco IOS Software, issue the switchport mode access command.

    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#switchport mode access
    Native_IOS(config-if)#shutdown
    Native_IOS(config-if)#^Z
    Native_IOS#

    Start the test with trunking set to off (instead of auto).

    Native_IOS#show clock
    *08:42:01.767 UTC Sun Jan 2 2000
    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#no shut
    *Jan  2 08:42:04.363: SP: STP: 
       VLAN1 Fa3/13 ->jump to forwarding from blocking

    You saved a few seconds at the start because only about 3 seconds passed before the port reached the STP forwarding state (from 00:19 to 00:22). You save about 2 seconds with the change of trunking mode from auto to off.

    If the switch port initialization time was the problem, you should have solved the problem at this point. If you need to reduce the time by a few more seconds, perform step 8.

  8. (Optional) Set the port speed and duplex manually instead of using autonegotiation in order to reduce the time by a few more seconds.

    Note: This step is not usually necessary in order to resolve startup delay issues. This step can, in fact, lead to performance problems if you do not take the other side of the link out of autonegotiation and manually set the other side with the same settings.

    If you set the speed and duplex manually on one side, you must set the speed and duplex on the other side as well. When you set the port speed and duplex, you disable autonegotiation on the port, and the connecting device does not see autonegotiation parameters. The connecting device connects only at half duplex. This duplex mismatch results in poor performance and port errors. Remember to set speed and duplex on both sides in order to avoid these problems.

    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#speed 100  
    Native_IOS(config-if)#duplex full
    Native_IOS(config-if)#shutdown
    Native_IOS(config-if)#^Z
    Native_IOS#

    This example shows the timing results:

    Native_IOS#show clock
    *08:43:47.367 UTC Sun Jan 2 2000
    Native_IOS#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    Native_IOS(config)#interface fastethernet 3/13
    Native_IOS(config-if)#no shut
    *Jan  2 08:43:49.079: SP: STP: VLAN1 Fa3/13 ->jump to forwarding from blocking

    The final result gives a time of roughly 2 seconds (from 43:47 to 43:49).

  9. In order to turn off the debugging on the SP, issue this sequence of commands:

    Native_IOS#remote login
    Trying Switch ...
    Entering CONSOLE for Switch
    Type "^C^C^C" to end this session
    
    
    Switch-sp#undebug all
    All possible debugging has been turned off
    Switch-sp#exit
    
    [Connection to Switch closed by foreign host]
    Native_IOS#

Catalyst 4500/4000 Switch That Runs Cisco IOS System Software

The commands in this section show how to turn on spanning tree PortFast and turn off trunking negotiation (DISL, DTP). With this operating system, PAgP is not active until you add a port to an EtherChannel, so you do not need to turn PAgP off. You can issue the interface range command in order to apply these commands to a group of ports at one time. The command in this example allows you to apply the commands to ports 3/2 through 3/4 at the same time:

Note: There is a space between the 2 and the - in the interface range fastethernet 3/2 - 4 command. This space is mandatory in order to avoid a syntax error.

Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.

Switch(config)#interface range fastethernet 3/2 -4
Switch(config-if-range)#

The examples focus on one port. A port in a Catalyst 4000 switch that runs Cisco IOS system software defaults to switch ports (L2). These are the ports that run L2 protocols (spanning tree and DTP) and are subject to startup delay.

Configuration

Start with a port in the default (L2) state and complete these steps:

  1. In order to turn off DTP, configure the port as an access port (only).

  2. Turn on the spanning tree PortFast feature.

  3. Save the configuration.

The show run interface fastethernet 5/4 command in this example shows the current configuration for this port:

SwitchB#show run interface fastethernet 5/4
Building configuration...

Current configuration : 59 bytes
!
interface FastEthernet5/4
 no snmp trap link-status
end

SwitchB#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
SwitchB(config)#interface fastethernet 5/4
SwitchB(config-if)#switchport mode access
SwitchB(config-if)#spanning-tree portfast
%Warning: PortFast should only be enabled on ports connected to a single host.
 Connecting hubs, concentrators, switches,  bridges, etc.to this interface
 when PortFast is enabled, can cause temporary spanning tree loops.
 Use with CAUTION

%PortFast has been configured on FastEthernet5/4 but will only
 have effect when the interface is in a non-trunking mode.
SwitchB(config-if)#^Z
SwitchB#
SwitchB#copy run start

Verification

The version of the switch software that this document uses is Cisco IOS Software Release 12.1(11b)EW. For the full output of the show version command and the show module command, refer to the Timing Tests on a Catalyst 4500/4000 That Runs Cisco IOS System Software section of this document.

Switch#show version
Cisco Internetwork Operating System Software 
IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(11b)EW,

This is how the configuration looks after the changes that you have made:

SwitchB#show run interface fastethernet 5/4
Building configuration...
 
Current configuration : 107 bytes
!
interface FastEthernet5/4
 switchport mode access
 no snmp trap link-status
 spanning-tree portfast
end
 
SwitchB#show interfaces fastethernet 5/4 switchport 
Name: Fa5/4
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Appliance trust: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
 
SwitchB#show spanning-tree interface fastethernet 5/4
 Port 260 (FastEthernet5/4) of VLAN1 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 129.4.
   Designated root has priority 1, address 0060.8355.7b00
   Designated bridge has priority 32768, address 0001.96d9.f300
   Designated port id is 129.4, designated path cost 38
   Timers: message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state: 109
   BPDU: sent 148, received 0
   The port is in the PortFast mode

Timing Tests on a Catalyst 4500/4000 That Runs Cisco IOS System Software

The test in this section shows what happens with switch port initialization timing as you apply the various commands. The default settings of the port are used first in order to give a benchmark. These settings are:

  • PortFast is disabled.

  • The trunking mode (DTP) is set to auto.

    Note: The port will trunk if it is asked to trunk.

Note: PAgP is not active by default in this operating system.

The test then proceeds in this way:

  1. Turn PortFast on and measure the time.

  2. Turn trunking off and measure the time.

  3. Turn autonegotiation off and measure the time.

Note: To turn PortFast on is not the same as if you turn STP off, as the Spanning Tree section of this document explains. With PortFast on, STP still runs on the port. The blocking, listening, and learning states are skipped, and the port immediately goes to the forwarding state. Do not turn STP off because it affects the entire VLAN and can leave the network vulnerable to physical topology loops. Serious network problems can result.

Complete these steps:

  1. Issue the show version command and the show module command in order to show the switch software version and configuration.

    Here is an example:

    SwitchB#show version
    Cisco Internetwork Operating System Software 
    IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(11b)EW,
       EARLY DEPLOYMENT RELEASE SOFTWARE (fc2)
    TAC Support: http://www.cisco.com/tac
    Copyright (c) 1986-2002 by cisco Systems, Inc.
    Compiled Tue 14-May-02 13:31 by hqluong
    Image text-base: 0x00000000, data-base: 0x00B1C1F8
     
    ROM: 12.1(11br)EW
    SwitchB uptime is 4 minutes
    System returned to ROM by reload
    System image file is "bootflash:cat4000-is-mz.121-11b.EW"
    
    cisco WS-C4006 (MPC8245) processor (revision 5) with 262144K bytes of memory.
    Processor board ID FOX04169082
    Last reset from Reload
    32 FastEthernet/IEEE 802.3 interface(s)
    4 Gigabit Ethernet/IEEE 802.3 interface(s)
    467K bytes of non-volatile configuration memory.
    
    Configuration register is 0x2102
    
    SwitchB#show module
    
    Mod  Ports Card Type                              Model             Serial No.
    ----+-----+--------------------------------------+-----------------+-----------
     1      2  1000BaseX (GBIC) Supervisor Module WS-X4014 JAB054109FE 
     5     34  10/100BaseTX (RJ45), 1000BaseX (GBIC)  WS-X4232          JAB0253010D 
    
     M MAC addresses                    Hw  Fw           Sw               Status
    --+--------------------------------+---+------------+----------------+---------
     1 0001.96d9.f300 to 0001.96d9.f6ff 0.5 12.1(11br)EW 12.1(11b)EW, EAR Ok       
     5 0050.730a.da18 to 0050.730a.da39 1.0                               Ok
  2. Turn on debugging in order to see the various spanning tree states and determine when the port is ready to send and receive data, and turn on timestamps in order to see timing information in the messages that display.

    Issue the debug interface fastethernet 5/4 command in order to limit the debugging information to only the port that you are interested in. The switch defaults to sending debug output to the console.

    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#service timestamps debug datetime msec
    SwitchB(config)#service timestamps log datetime msec
    SwitchB(config)#end
    
    !--- If you turn on timestamps, the time displays whenever debug and/or
    !--- log messages are produced. This allows you to measure the time
    !--- between various messages.
    
    
    SwitchB#debug interface fastethernet 5/4
    Condition 1 set
    SwitchB#debug spanning-tree events 
    Spanning Tree event debugging is on
  3. Issue these commands in order to shut down the port:

    SwitchB#configure terminal           
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4
    SwitchB(config-if)#shutdown 
    SwitchB(config-if)#end
    SwitchB#
  4. Check the time and enable the port in order to determine the length of time that the switch stays in each state.

    This example uses the show clock command, the configure terminal command, the interface fastethernet 5/4 command, and the no shut command. In order to get the most accurate timing information, issue the commands as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch.

    SwitchB#show running-config interface fastethernet 5/4
    Building configuration...
    
    Current configuration : 69 bytes
    !
    interface FastEthernet5/4
     shutdown
     no snmp trap link-status
    end
    
    SwitchB#show clock
    21:31:34.027 UTC Thu Jul 25 2002
     
    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4
    SwitchB(config-if)#no shut
    Jul 25 21:31:38.187: set portid: VLAN1 Fa5/4: new port id 8104
    Jul 25 21:31:38.187: STP: VLAN1 Fa5/4 -> listening
    Jul 25 21:31:53.187: STP: VLAN1 Fa5/4 -> learning
    Jul 25 21:32:08.187: STP: VLAN1 sent Topology Change Notice on Fa5/34
    Jul 25 21:32:08.187: STP: VLAN1 Fa5/4 -> forwarding

    In this example, about 4.2 seconds (from 34.02 to 38.18) passed before the port began the STP listening stage. During this time, the port joined the bridge group and completed DTP negotiation. The listening state took 15 seconds (from 38.18 to 53.18). The learning state (until the forwarding state began) took 15 seconds (from 53.18 to 08:18). The total time before the port actually became functional for traffic was about 34 seconds (from 34:02 to 08.18).

  5. Issue the show interfaces fastethernet 5/4 switchport command.

    STP is active on this port. There are other factors that can slow the port as it reaches the forwarding state. The show interfaces fastethernet 5/4 switchport command shows that this port is in passive negotiating state and will become trunk if the other side of the link initiates negotiation. The administrative mode is dynamic auto. Currently, the operational mode is static access, which means that the other side is not willing to trunk.

    Notice that negotiation of trunking is on and should remain on for the duration of the test:

    SwitchB#show interfaces fastethernet 5/4 switchport
    Name: Fa5/4
    Switchport: Enabled
    Administrative Mode: dynamic auto
    Operational Mode: static access
    Administrative Trunking Encapsulation: negotiate
    Operational Trunking Encapsulation: native
    Negotiation of Trunking: On
    Access Mode VLAN: 1 (default)
    Trunking Native Mode VLAN: 1 (default)
    Voice VLAN: none
    Appliance trust: none
    Administrative private-vlan host-association: none 
    Administrative private-vlan mapping: none 
    Operational private-vlan: none 
    Trunking VLANs Enabled: ALL
    Pruning VLANs Enabled: 2-1001
  6. Enable PortFast on the port.

    Trunking negotiation (DTP) is still in the auto mode.

    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4
    SwitchB(config-if)#spanning-tree portfast
    %Warning: PortFast should only be enabled on ports connected to a single host
     Connecting hubs, concentrators, switches,  bridges, etc.to this interface
     when PortFast is enabled, can cause temporary spanning tree loops.
     Use with CAUTION
    
    %PortFast has been configured on FastEthernet5/4 but will only
     have effect when the interface is in a non-trunking mode.
    SwitchB(config-if)#shutdown 
    SwitchB(config-if)#^Z
    SwitchB#

    The total time was about 4.7 seconds (from 16.41 to 21:15). You save about 30 seconds when you enable PortFast. Try to reduce the delay further.

  7. Turn trunking to off (instead of auto) and determine how that affects the time that is necessary for the port to reach the forwarding state.

    Turn the port off and on, and record the time. In order to turn trunking off in Cisco IOS system software, issue the switchport mode access command.

    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4
    SwitchB(config-if)#switchport mode access
    SwitchB(config-if)#shutdown
    SwitchB(config-if)#^Z
    SwitchB#

    Start the test with trunking set to off (instead of auto). Here is an example:

    SwitchB#show clock
    22:06:11.947 UTC Thu Jul 25 2002
    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4
    SwitchB(config-if)#no shut
    Jul 25 22:06:16.143: set portid: VLAN1 Fa5/4: new port id 8104
    Jul 25 22:06:16.143: STP: VLAN1 Fa5/4 ->jump to forwarding from blocking

    You saved a small amount of time at the start because about 4 seconds passed before the port reached the STP forwarding state (from 12.00 to 16.10). You save about 0.5 second with the change of trunking mode from auto to off.

    If the switch port initialization time was the problem, you should have solved the problem at this point. If you need to reduce the time by a few more seconds, perform step 8.

  8. (Optional) Set the port speed and duplex manually instead of using autonegotiation in order to reduce the time by a few more seconds.

    Note: This step is not usually necessary in order to resolve startup delay issues. This step can lead to performance problems if you do not take the other side of the link out of autonegotiation and manually set the other side with the same settings.

    If you set the speed and duplex manually on this side, you must set the speed and duplex on the other side as well. When you set the port speed and duplex, you disable autonegotiation on the port, and the connecting device does not see the autonegotiation parameters. The connecting device connects only at half duplex. This duplex mismatch results in poor performance and port errors. Remember to set the speed and duplex on both sides in order to avoid these problems.

    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4       
    SwitchB(config-if)#speed 100
    SwitchB(config-if)#duplex full
    SwitchB(config-if)#shutdown
    SwitchB(config-if)#^Z
    SwitchB#

    This example shows the timing results:

    SwitchB#show clock
    22:14:49.219 UTC Thu Jul 25 2002
    SwitchB#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    SwitchB(config)#interface fastethernet 5/4
    SwitchB(config-if)#no shut
    Jul 25 22:14:53.135: set portid: VLAN1 Fa5/4: new port id 8104
    Jul 25 22:14:53.135: STP: VLAN1 Fa5/4 ->jump to forwarding 
    from blocking

    The final result gives a time of roughly 3.9 seconds (from 49.21 to 53.13).

  9. In order to turn off the debugging on the SP (which you turned on earlier), issue this sequence of commands:

    SwitchB#undebug all
    All possible debugging has been turned off
    SwitchB#exit
    

Catalyst 2948G-L3/4908G-L3/4840G Switches

The 2948G-L3/4908G-L3/4840G series switches are another group of switches that run Cisco IOS Software. These switches do not have the ability to make ports into switch ports like the Cisco IOS Software on the Catalyst 6500/6000. These are some things to understand about these switches:

  • From a configuration standpoint, the Catalyst 2948G-L3 is a router. This switch uses a Cisco IOS configuration interface and, by default, all interfaces are routed interfaces.

  • The Catalyst 2948G-L3 does not extend your VLANs. This switch terminates them on a routed interface. But, with the use of bridging commands, you can simulate the functionality of VLANs to a certain degree.

  • The Catalyst 2948G-L3 does not support several L2-oriented protocols, such as VLAN Trunk Protocol (VTP), DTP, and PAgP, that you find on other Catalyst switches.

If you decide to configure ports for bridging on these devices, the spanning tree is active on these ports and you have the normal 30-second startup delay as the port moves through the blocking, listening, and learning stages. If you know that only end stations will be connected to these ports, you can turn off spanning tree on these ports in order to reduce the startup delay. This is different and more dangerous than use of PortFast. However, PortFast is not available on these devices.

Note: To disable spanning tree on a bridged router interface is not the same as if you enable spanning tree PortFast on a switch port. The router does not block the port if bridge protocol data units (BPDUs) are received from a switch or if a bridge is mistakenly connected to the interface. Be careful to connect only workstations or other end hosts to interfaces with spanning tree disabled. Do not disable spanning tree on the port to which you connect a hub or switch.

This output shows how to configure the Catalyst 2948G-L3 for bridging. This configuration assigns all the Fast Ethernet interfaces to a single bridge group and disables spanning tree in order to prevent various end station startup issues:

2948G-L3#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
2948G-L3(config)#bridge irb
2948G-L3(config)#bridge 1 protocol ieee
2948G-L3(config)#bridge 1 route ip
2948G-L3(config)#interface bvi 1 
2948G-L3(config-if)#ip add 10.1.1.1 255.255.255.0
2948G-L3(config-if)#exit
2948G-L3(config)#interface fastethernet 1
2948G-L3(config-if)#no shutdown
2948G-L3(config-if)#bridge-group 1
2948G-L3(config-if)#bridge-group 1 spanning-disabled
2948G-L3(config-if)#exit
2948G-L3(config)#interface fastethernet 2
2948G-L3(config-if)#no shutdown
2948G-L3(config-if)#bridge-group 1
2948G-L3(config-if)#bridge-group 1 spanning-disabled
. . .

For more information on how to configure 2948G-L3 switches, refer to Catalyst 2948G-L3 Sample Configurations - Single VLAN, Multi-VLAN, and Multi-VLAN Distribution Layer Connecting to Network Core.

Catalyst 2900XL/3500XL/2950/3550 Switch

You can configure the Catalyst 2900XL/3500XL and Catalyst 2950/3550 models from a web browser with either Simple Network Management Protocol (SNMP) or CLI. The recommendation is to use the CLI. This section provides an example in which you view the STP state of a port, turn on PortFast, and then verify that PortFast is on. The 2900XL/3500XL does support EtherChannel and trunking, but the switch does not support dynamic EtherChannel creation (PAgP) or DTP. There is no need to turn these protocols off in this test. Also, after you turn on PortFast, the elapsed time for the port to come up is less than 1 second. So you do not need to try to change the speed/duplex negotiation settings in order to speed things up. By default, PortFast is off on the switch ports. The 2950/3550 does support both PAgP and DTP. PAgP is not active by default in these switches, but DTP is active. The 2950 does not support DTP or PAgP if the switch runs Cisco IOS Software Release 12.0. The Configuration section provides the commands to turn PortFast on.

Configuration

2900XL#configure terminal
2900XL(config)#interface fastethernet 0/1
2900XL(config-if)#spanning-tree portfast
2900XL(config-if)#exit
2900XL(config)#exit
2900XL#copy run start

Note: The Catalyst 2950 and 3550 support DTP. Issue the switchport mode access command as well. This command turns off DTP.

This platform is like a Cisco IOS router. You must issue the copy run start command in order to save the configuration permanently.

Verification

In order to verify that PortFast is enabled, issue this command:

2900XL#show spanning-tree interface fastethernet 0/1
Interface Fa0/1 (port 13) in Spanning tree 1 is FORWARDING
   Port path cost 19, Port priority 128
   Designated root has priority 8192, address 0010.0db1.7800
   Designated bridge has priority 32768, address 0050.8039.ec40
   Designated port is 13, path cost 19
   Timers: message age 0, forward delay 0, hold 0
   BPDU: sent 2105, received 1
   The port is in the PortFast mode

You can also view the switch configuration if you issue this command:

2900XL#show running-config
Building configuration...

Current configuration:
!
version 11.2

!--- Output suppressed.

!
interface VLAN1
 ip address 172.16.84.5 255.255.255.0
 no ip route-cache
!
interface FastEthernet0/1
 spanning-tree portfast
!
interface FastEthernet0/2
!

!--- Output suppressed.

Timing Tests on the Catalyst 2900XL

Perform these steps in order to execute timing tests on the Catalyst 2900XL:

  1. Issue the show version command in order to show the software version.

    This example uses Cisco IOS Software Release 11.2(8.2)SA6 on the 2900XL:

    Switch#show version
    Cisco Internetwork Operating System Software
    IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 11.2(8.2)SA6, 
    MAINTENANCE INTERIM SOFTWARE
    Copyright (c) 1986-1999 by cisco Systems, Inc.
    Compiled Wed 23-Jun-99 16:25 by boba
    Image text-base: 0x00003000, data-base: 0x00259AEC
    
    ROM: Bootstrap program is C2900XL boot loader
    
    Switch uptime is 1 week, 4 days, 22 hours, 5 minutes
    System restarted by power-on
    System image file is "flash:c2900XL-c3h2s-mz-112.8.2-SA6.bin", 
    booted via console
    
    cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) with
    8192K/1024K bytes of memory.
    Processor board ID 0x0E, with hardware revision 0x01
    Last reset from power-on
    
    Processor is running Enterprise Edition Software
    Cluster command switch capable
    Cluster member switch capable
    24 Ethernet/IEEE 802.3 interface(s)
    
    32K bytes of flash-simulated non-volatile configuration memory.
    Base ethernet MAC Address: 00:50:80:39:EC:40
    Motherboard assembly number: 73-3382-04
    Power supply part number: 34-0834-01
    Motherboard serial number: FAA02499G7X
    Model number: WS-C2924-XL-EN
    System serial number: FAA0250U03P
    Configuration register is 0xF
  2. Issue these commands in order to determine what occurs on the switch:

    2900XL(config)#service timestamps debug uptime
    2900XL(config)#service timestamps log uptime
    2900XL#debug spantree events
    Spanning Tree event debugging is on
    2900XL#show debug
    General spanning tree:
      Spanning Tree event debugging is on
  3. Shut down the port in question.

    2900XL#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    2900XL(config)#interface fastethernet 0/1
    2900XL(config-if)#shut
    2900XL(config-if)#
    00:31:28: ST: sent Topology Change Notice on FastEthernet0/6
    00:31:28: ST: FastEthernet0/1 -> blocking
    00:31:28: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to 
    administratively down
    00:31:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, 
    changed state to down
    2900XL(config-if)#exit
    2900XL(config)#exit
    2900XL#
  4. Check the time, turn the port back on, and determine the length of time that the switch stays in each state.

    In order to get the most accurate timing information, issue the commands in this step as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch:

    show clock
    configure terminal
    interface fastethernet 0/1
    no shut
    
  5. Confirm that PortFast is off.

    Note: PortFast is off by default.

    You can confirm that PortFast is off in one of these two ways:

    • Issue the show spanning-tree interface command. If PortFast is off, the output does not mention PortFast.

      2900XL#show spanning-tree interface fastethernet 0/1
      Interface Fa0/1 (port 13) in Spanning tree 1 is FORWARDING
         Port path cost 19, Port priority 128
         Designated root has priority 8192, address 0010.0db1.7800
         Designated bridge has priority 32768, address 0050.8039.ec40
         Designated port is 13, path cost 19
         Timers: message age 0, forward delay 0, hold 0
         BPDU: sent 887, received 1

      Note: There is no message that states you are in PortFast mode in this spot.

    • Look at the running configuration. If PortFast is off, you do not see the spanning-tree portfast command under the interface.

      2900XL#show running-config
      Building configuration...
      
      !--- Output suppressed.
      
      !
      interface FastEthernet0/1
      
      !--- There is no spanning-tree portfast command under this interface.
      
      !
      
      !--- Output suppressed.
      
      
  6. Conduct the first timing test with PortFast off.

    2900XL#show clock
    *00:27:27.632 UTC Mon Mar 1 1993
    2900XL#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    2900XL(config)#interface fastethernet 0/1
    2900XL(config-if)#no shut
    2900XL(config-if)#
    00:27:27: ST: FastEthernet0/1 -> listening
    00:27:27: %LINK-3-UPDOWN: Interface FastEthernet0/1, 
    changed state to up
    00:27:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
    FastEthernet0/1, changed state to up
    00:27:42: ST: FastEthernet0/1 -> learning
    00:27:57: ST: sent Topology Change Notice on FastEthernet0/6
    00:27:57: ST: FastEthernet0/1 -> forwarding
    

    The total time from shutdown until the port started forwarding was 30 seconds (from 27:27 to 27:57).

  7. In order to turn on PortFast, issue these commands:

    2900XL#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    2900XL(config)#interface fastethernet 0/1
    2900XL(config-if)#spanning-tree portfast
    2900XL(config-if)#exit
    2900XL(config)#exit
    2900XL#

    In order to verify that PortFast is enabled, issue the show spanning tree interface command. At the end of the command output, the output states that PortFast is enabled.

    2900XL#show spanning tree interface fastethernet 0/1
    Interface Fa0/1 (port 13) in Spanning tree 1 is FORWARDING
       Port path cost 19, Port priority 128
       Designated root has priority 8192, address 0010.0db1.7800
       Designated bridge has priority 32768, address 0050.8039.ec40
       Designated port is 13, path cost 19
       Timers: message age 0, forward delay 0, hold 0
       BPDU: sent 1001, received 1
       The port is in the PortFast mode.
    

    You can also see that PortFast is enabled in this configuration output:

    2900XL#show run
    Building configuration...
    
    !--- Output suppressed.
    
    interface FastEthernet0/1
     spanning-tree portfast
    
    !--- Output suppressed.
    
    
  8. Perform the timing test with PortFast enabled.

    2900XL#show clock
    *00:23:45.139 UTC Mon Mar 1 1993
    2900XL#configure terminal
    Enter configuration commands, one per line.  End with CNTL/Z.
    2900XL(config)#interface fastethernet 0/1
    2900XL(config-if)#no shut
    2900XL(config-if)#
    00:23:45: ST: FastEthernet0/1 ->jump to forwarding from blocking
    00:23:45: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
    00:23:45: %LINEPROTO-5-UPDOWN: 
       Line protocol on Interface FastEthernet0/1, changed state to up

    In this case, the total time was under 1 second. If port initialization delay on the switch was the problem, PortFast should solve the problem. Remember that the switch does not currently support trunk negotiation or PAgP, so you do not need to turn them off. The switch does support autonegotiation of speed and duplex. But because the delay is so short, delay would not be a reason to turn it off.

  9. Perform the ping test from a workstation to the switch.

    Note: See Step 11 of the Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500 section of this document for the ping test.

    The length of time that is necessary for the response to come from the switch is about 5 to 6 seconds. This time is the same whether autonegotiation for speed and duplex is on or off.

Catalyst 1900/2800 Switch

The Catalyst 1900 and Catalyst 2820 call PortFast "spantree start-forwarding". For the 8.01.05 version of software, the switch default is to have PortFast enabled on the Ethernet (10-Mbps) ports, and PortFast disabled on the FastEthernet (uplink) ports. When you issue the show run command in order to view the configuration and an Ethernet port does not indicate PortFast, PortFast is enabled. If a port reports no spantree start-forwarding in the configuration, PortFast is disabled. On a Fast Ethernet (100-Mbps) port, the reporting is the opposite. For a Fast Ethernet port, PortFast is on only if the port shows spantree start-forwarding in the configuration.

This section provides an example that sets PortFast on a Fast Ethernet port. The example uses Enterprise Edition software, version 8. The Catalyst 1900 automatically saves the configuration after changes have been made to NVRAM. Remember that you do not want PortFast to be enabled on any port that connects to another switch or hub. You only want PortFast to be enabled on a port that attaches to an end station.

Configuration

1900#show version
Cisco Catalyst 1900/2820 Enterprise Edition Software
Version V8.01.05    
Copyright (c) Cisco Systems, Inc.  1993-1998
1900 uptime is 0day(s) 01hour(s) 10minute(s) 42second(s) 
cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memory
Hardware board revision is 5
Upgrade Status: No upgrade currently in progress. 
Config File Status: No configuration upload/download is in progress 
27 Fixed Ethernet/IEEE 802.3 interface(s)
Base Ethernet Address: 00-50-50-E1-A4-80
1900#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z
1900(config)#interface fastethernet 0/26
1900(config-if)#spantree start-forwarding 
1900(config-if)#exit
1900(config)#exit
1900#

Verification

One way to verify that PortFast is on is to look at the configuration. Remember that a Fast Ethernet port must indicate that PortFast is on. An Ethernet port has PortFast on unless the configuration shows that PortFast is off. Here is an example:

1900#show running-config 
Building configuration...

!--- Output suppressed.

!
interface Ethernet 0/1

  no spantree start-forwarding
!
interface Ethernet 0/2

!

!--- Output suppressed.

!
interface FastEthernet 0/26
  spantree start-forwarding
!

In this configuration, you can see that:

  • Interface Ethernet 0/1 has PortFast turned off. You can see the command to turn it off.

  • Interface Ethernet 0/2 has PortFast on. You see no statements about PortFast, which means that it is on.

  • Interface Fast Ethernet 0/26 (which is port A in the menu system) has PortFast on. You can see the command to turn it on.

The easiest way to view the PortFast status is through the menu system. If you select (P) for Port Configuration from the main menu and select a port, the output tells you if the PortFast mode is enabled. This example output is for port Fast Ethernet 0/26 (which is port A on this switch):

Catalyst 1900 - Port A Configuration

        Built-in 100Base-FX
        802.1d STP State:  Blocking     Forward Transitions:  0

    ----------------------- Settings ---------------------------------------
     [D] Description/name of port                                        
     [S] Status of port                              Suspended-no-linkbeat
     [I] Port priority (spanning tree)               128 (80 hex)
     [C] Path cost (spanning tree)                   10
     [H] Port fast mode (spanning tree)              Enabled 
     [E] Enhanced congestion control                 Disabled             
     [F] Full duplex / Flow control                  Half duplex             

    ----------------------- Related Menus ----------------------------------
     [A] Port addressing           [V] View port statistics
     [N] Next port                 [G] Goto port
     [P] Previous port             [X] Exit to Main Menu

Enter Selection:

Timing Tests on the Catalyst 1900

The timing values are hard to verify on a Catalyst 1900/2820 because of the lack of debugging tools. Complete these steps:

  1. Start a ping that is directed to the switch on a PC that is connected to the switch.

  2. Disconnect the cable from the switch.

  3. Reconnect the cable, and record the length of time that passes before the switch responds to the ping.

Perform this procedure with PortFast on and with PortFast off. For an Ethernet port with PortFast on (the default state), the PC receives a response within 5 to 6 seconds. With PortFast off, the PC receives a response in 34 to 35 seconds.

An Additional Benefit of PortFast

There is another STP-related benefit of the use of PortFast in your network. Every time that a link becomes active and moves to the forwarding state in STP, the switch sends a special STP packet named a Topology Change Notification (TCN). The TCN is passed up to the root of the spanning tree where the TCN is propagated to all the switches in the VLAN. This causes all the switches to age out their table of MAC addresses with use of the forward delay parameter, which is usually set to 15 seconds. So, every time that a workstation joins the bridge group, the MAC addresses on all the switches are aged out after 15 seconds instead of the normal 300 seconds.

When a workstation becomes active, it does not change the topology to any significant degree. There is no need for all the switches in the VLAN to go through the fast-aging TCN period. If you turn on PortFast, the switch does not send TCN packets when a port becomes active.

Related Information

Updated: Dec 19, 2008
Document ID: 10553