AdvisorAdvisorThis is generally not something you will be able to do from LM directly, though there is the BRIDGE-MIB you could scan for unexpected BPDU reception (bear in mind the BRIDGE-MIB is not directly VLAN-aware and you must use indexes or contexts to select VLANs other than VLAN 1).
The way you would normally protect the network depends on the platform, but the general solution is to set all edge ports to edge mode (sometimes manual, for example Cisco with spanning-tree portfast and similar, sometimes automatic, for example Procurve auto-edge detection). You then ensure any port receiving a BPDU that is on an edge port (how loops happen) either converts back to normal mode (for auto-edge) or shuts down (bpduguard).
The trick for Cisco bpduguard is there is no MIB to tell you this happened, but you can see from ‘show interface status err-disabled’ We wrote an eventsource to detect err-disabled ports via the CLI using SSH. It works well, but because the eventsource system in LM is so horrible you get inundated with repeated alerts you cannot ACK (though the system pretends you can). As long as you know that, you can workaround it using SDT.
Something along the lines of detecting a status change like that on the ports sounds like a good idea.
The challenge for my environment is that we have end users that may plug things in to network ports that they shouldn’t and they end up causing loops. We also have a a very mixed environment where things aren’t necessarily configured correctly and for some of the orgs we watch we only provide support when there are issues (so we can’t always go in and configure these settings the way they should be unfortunately). Finally, we also sometimes get a vendor that misconfigures things and it isn’t always obvious at first.
I really wish this all wasn’t the case but it is what it is. Any other ideas are welcome
Thank you!
