5.5 Redundant Links
5.5.5 Configuring PortFast
PortFast is a feature that is primarily designed to optimize switch ports that are connected to end-station devices. By using PortFast, these devices can be granted instant access to the Layer 2 network without going through the spanning tree listening and learning stages.

Think what happens when a PC boots.  When power is applied, the monitor energizes and the machine beeps. During that process the network interface card (NIC) asserts Ethernet link, causing a switch port to jump from not connected to the STP learning state.  Thirty seconds later, the Catalyst Switch puts the port into forwarding mode, and the PC can access the network.

Normally, this sequence goes unnoticed because it takes your PC at least 30 seconds to boot. However, in two cases this might not be true.

First, some NICs do not enable a link until the MAC-layer software driver is actually loaded. Because most operating systems try to use the network almost immediately after loading the driver, this can create an obvious problem. Several years ago, this problem was fairly common with certain Novell Open Data-Link Interface (ODI) NIC drivers. With more modern NICs, this problem is fairly common with PC Card (PCMCIA) NICs used in laptop computers.

Second, there is a race between operating systems and CPUs. CPU manufacturers are designing faster chips.  At the same time, operating systems keep slowing down.  However, the chips are increasing speed faster than operating systems are slowing down.  As a result, PCs are booting faster than ever. In fact, some modern machines are finished booting (or at least far enough along in the process) and need to use the network before the STP 30-second countdown has finished. Dynamic Host Configuration Protocol (DHCP) and NT Domain Controller authentication are two common activities that occur late in the initialization process.

In both cases, the STP default settings can create a problem.  A classic symptom is a PC that has problems when first booting in the morning, but never has problems when a warm boot is attempted. One common fix has been to plug both the PC and the Catalyst port into a hub. This provides a constant link to the Catalyst Switch and keeps the port in forwarding mode, whether the PC is booted or not. However, this is not the most efficient solution.

This problem motivates some network administrators to disable STP altogether. This certainly fixes any STP booting problems, but it can easily create other problems. If this strategy is employed, it requires that all physical loops be eliminated.  This will, in all likelihood, result in a network with no redundancy. Keep in mind that STP cannot be disabled for a single port. The set spantree disable [vlan] is a per-VLAN global command that disables STP for every port that participates in the specified VLAN. In short, rather than disabling STP, consider using the PortFast feature. This feature provides the best of both worlds- immediate end-station access and the safety net of STP.

PortFast works by making a fairly simple change in the STP process. Rather than starting out at the bottom of the blocking to listening to learning to forwarding hierarchy of states as with normal STP, PortFast starts at the top. As soon as the switch sees the link, the port is placed in the forwarding state.  If STP later detects a loop, it does all the root and designated port calculations discussed earlier. If a loop is detected, the port is put in the blocking state.

It is important to note that PortFast begins only when the port first initializes. If the port is forced into the blocking state for some reason and later needs to return to the forwarding state, the usual listening and learning processing is done.

Often, administrators will recommend that PortFast be enabled only when necessary.  The stern warning issued by a switch when this feature is enabled re-enforces this recommendation:

Warning: Spantree port fast start should be enabled only on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, and so on to a fast start port can cause temporary Spanning-Tree loops. Use with caution.

However, to the contrary, PortFast can actually improve the stability of large networks. By using PortFast on end-station ports, not only does it avoid problems when these devices boot, it reduces the number of topology change notifications in the network.

Despite all the benefits of PortFast, it should not carelessly be enabled on every port. Enable it only on ports that connect to workstations. Because servers rarely reboot, it is not necessary to enable it on ports connected to servers.

One exception to the rule of not using PortFast on server ports involves the use of fault-tolerant NICs. These NICs toggle link state during fail-over. When using one of these NICs, PortFast should be enabled on the associated server ports.

Finally, PortFast cannot be used on trunk ports. Although Catalyst Switches allow the command to be entered on trunk links, it is ignored.

Enable PortFast on a switch port connected to a single workstation or server by entering the following command in privileged mode:

Switch> (enable) set spantree portfast mod_num / port_num enable

Verify the PortFast setting by entering the following:

Switch> (enable) show spantree mod_num / port_num

This command is shown in the Figure.

Enable PortFast on a Cisco IOS Software-based switch by entering the following:

switch(config-if)# spanning-tree portfast

Interactive Lab Activity  (Flash, 333 kB)
  In this activity, you will learn how to configure PortFast on the Catalyst 4000 series switch.
Interactive Lab Activity  (Flash, 485 kB)
  In this activity, you will learn how to configure PortFast on the Catalyst 2900 series switch.