- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- Re: STP disabled for Websense?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2013 09:25 AM
04-09-2013 09:25 AM
STP disabled for Websense?
We use Websense as our webfilter. I'm in the process of installing a new server. Our core routers are 3Com 5500G's. The old server has two NICs but one of them was completely disabled. The other NIC was plugged in to a port that had port mirroring enabled.
I plugged the new server into the two ports that the old server was using, this time I'm going to use both NICs (one for the port mirroring and the other to access the server remotely). I left the port that was doing the port mirroring unplugged while I finished doing updates and getting the server ready. After about 30 minutes of downloading on the new server the network started to become sluggish. Knowing that was the only change on the network I powered down the new Websense server. Shortly the network went back to normal.
I looked at the configs and and the two ports that the old websense server was using had stp disabled (both the port that was configured for mirroring and the other port that I was going to use for remote access). Is there any reason to have STP disabled on ports for a Websense server? Obviously I'm assuming that STP being disabled on the port I was using to download updates was the cause for the network to become sluggish. Should I enable STP on both ports or just leave it disabled on the port that will be doing the mirroring for Websense? Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2013 04:30 AM
04-10-2013 04:30 AM
Re: STP disabled for Websense?
Hi,
I am not sure how the websense actually operates (inline or just inspecting via a port mirror), but it is typically an endpoint device, so there is no need for stp on these ports.
However, it is not best practice to disable stp, rather to configure it to be an stp edge port (so the port will transition to forwarding directly after being UP, as opposed to waiting 30 seconds), this will ensure that you will still send stp packets, so in case there is a loop, it can still be detected.
This rule may not be applicable if the websense is internally 'bridging' traffic back to the switch (through 2 bridge vlan interfaces for example). In that case, it is better to actually disable stp, since the websense may be relaying the switch stp packets back to the same switch ...
Not sure however what was causing the network slowdown however ...
Best regards,Peter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2013 12:02 PM
04-10-2013 12:02 PM
Re: STP disabled for Websense?
Websense uses a port that is set to mirroring to see all the http/s and protocol traffic. One NIC will be set to promiscuous mode with no IP and connected to the port that is set to mirror. The other port in question will be connected to the other NIC that will be used to access and manage the server. Looks like STP should never have been disabled on latter port. And it also looks like on my 3Com 5500G that STP can NOT be enabled on a port that is set to mirror/monitor.
Regarding ports being set as edge ports....neither port was set to an edge port. I've enabled that on both ports now...or should that not be enabled on a port that is set to mirror with STP off? Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2013 06:45 AM
04-11-2013 06:45 AM
Re: STP disabled for Websense?
well, if STP is off, then the edge port function has no effect ... (since port is just forwarding anyway without stp)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2013 05:11 AM
05-30-2013 05:11 AM
Re: STP disabled for Websense?
http://learningmynetworks.blogspot.in/
Please configure the port as both ports
stp edged-port :- Use the stp edged-port command to configure the current Ethernet port as either an edge port or a
non-edge port.
Office: +91-9538888834
anoopp3com@gmail.com
http://learningmynetworks.blogspot.in/