Today I activated Wireshark on my computer’s network card. Next, I bridged my computer’s loopback adapter with my network card, to test out VRRP on virtual routers from different vendors. I never got to that, however, because I suddenly noticed STP frames being captured in Wireshark.

Since my computer is currently hooked up to a Cisco 3560 switch with all ports set to Portfast, my initial thought was that I misconfigured something on the switch, or I simply misinterpreted the whole Portfast concept. But then I noticed these frames originated from my computer’s MAC address. After checking the spanning-tree status on my switch I noticed it did no longer consider himself the root, but the computer!

The conclusion was simple: Windows participates in STP when a bridge is made between network connections. I did some Google searches but it seems that it’s something that isn’t really known as I found no useful results. The only relevant reference to this feature I found was in the Microsoft MSDN Library, and even there it’s just a line explaining the registry key to toggle the setting.

I find it positive that this is included in Windows, as it may prevent bridging loops from forming (in rare cases), but I’m left with questions. Since what version is it supported, and in which editions? I’m using Windows 7 Professional. My first guess is that it’s something new to either Vista or Windows 7, as people would have noticed this in Windows XP by now. I’m also not sure which Windows Server versions support this, but a calculated guess is that the 2008 version does. I may perform more tests later.

Either way, here you have it. I thought I’d share this information, might be useful to someone someday.

Greetings!

Advertisements