Note:

The port status of one port in different spanning tree instances can be different.

Global configuration Procedure for Spanning Tree function:

Step

Operation

 

 

 

Description

 

 

 

 

 

 

 

 

 

 

 

1

Make clear roles the switches

Preparation.

 

 

 

 

 

play

in

spanning

tree

 

 

 

 

 

 

 

instances:

root

bridge

or

 

 

 

 

 

 

 

designated bridge

 

 

 

 

 

 

 

 

 

 

 

 

2

Globally

configure MSTP

Required. Enable Spanning Tree function on the switch

 

parameters

 

 

and

configure

MSTP

parameters

on

Spanning

 

 

 

 

 

 

Tree→STP Config→STP Config page.

 

 

 

 

 

 

 

3

Configure

MSTP

parameters

Required. Configure MSTP parameters for ports on

 

for ports

 

 

 

Spanning Tree→Port Config→Port Config page.

 

 

 

 

4

Configure the MST region

 

Required. Create MST region and configure the role the

 

 

 

 

 

 

switch

plays

in the

MST region

on

Spanning

 

 

 

 

 

 

Tree→MSTP Instance→Region Config and Instance

 

 

 

 

 

 

Config page.

 

 

 

 

 

 

 

 

 

5

Configure

MSTP

parameters

Optional. Configure different instances in the MST region

 

for instance ports

 

 

and configure MSTP parameters for instance ports on

 

 

 

 

 

 

Spanning Tree→MSTP Instance→Instance Port

 

 

 

 

 

 

Config page.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

7.4 STP Security

Configuring protection function for devices can prevent devices from any malicious attack against STP features. The STP Security function can be implemented on Port Protect and TC Protect pages.

Port Protect function is to prevent the devices from any malicious attack against STP features.

7.4.1 Port Protect

On this page you can configure loop protect feature, root protect feature, TC protect feature, BPDU protect feature and BPDU filter feature for ports. You are suggested to enable corresponding protection feature for the qualified ports.

¾Loop Protect

In a stable network, a switch maintains the states of ports by receiving and processing BPDU packets from the upstream switch. However, when link congestions or link failures occurred to the network, a down stream switch does not receive BPDU packets for certain period, which results in spanning trees being regenerated and roles of ports being reselected, and causes the blocked ports to transit to forwarding state. Therefore, loops may be incurred in the network.

The loop protect function can suppresses loops. With this function enabled, a port, regardless of the role it plays in instances, is always set to blocking state, when the port does not receive BPDU packets from the upstream switch and spanning trees are regenerated, and thereby loops can be prevented.

¾Root Protect

A CIST and its secondary root bridges are usually located in the high-bandwidth core region.

91

Page 100
Image 100
TP-Link TL-SG3424P manual STP Security, Port Protect

TL-SG3424P specifications

The TP-Link TL-SG3424P is a high-performance managed switch designed to meet the needs of small to medium-sized businesses. Offering 24 Gigabit Ethernet ports, this device is an ideal solution for improving network efficiency and ensuring seamless data transfer across multiple devices. The switch not only facilitates connectivity but also provides robust management features to enhance the performance and security of your network.

One of the standout features of the TL-SG3424P is its Power over Ethernet (PoE) capability, which allows it to deliver power and data over the same Ethernet cable. This feature is particularly beneficial for deploying devices such as IP cameras, VoIP phones, and wireless access points without the need for additional power sources. With a total power budget of 250W, the TL-SG3424P can support a diverse range of PoE devices, providing convenience and flexibility in deployment.

In terms of management, the TL-SG3424P offers a user-friendly web interface, allowing network administrators to configure and monitor the switch with ease. It supports advanced Layer 2 features, including VLANs, Quality of Service (QoS), and Link Aggregation. These features enhance network performance by optimizing traffic flow and prioritizing essential applications. The switch also includes comprehensive security features, such as Port Security and Access Control Lists (ACL), which help protect against unauthorized access and ensure data integrity.

The build quality of the TL-SG3424P is robust, designed to handle demanding network environments. It includes a fanless design, which ensures silent operation, making it suitable for office environments where noise can be a distraction. The metal chassis is durable and built for longevity, ensuring that the device will withstand rigorous usage over time.

Furthermore, the TL-SG3424P supports SNMP (Simple Network Management Protocol), allowing for centralized network monitoring and management. This makes it easier for IT teams to keep track of network health and performance, enabling timely interventions when necessary.

In conclusion, the TP-Link TL-SG3424P is a versatile and powerful managed switch that combines PoE capabilities with advanced network management features, making it a perfect choice for businesses looking to upgrade their network infrastructure. With its reliable performance and robust features, it provides an excellent solution for enhancing productivity and connectivity in any office setting.