Successful inter-VLAN routing has been operating on a network with multiple VLANs across multiple switches for some time. When an inter-switch trunk link fails and Spanning Tree Protocol brings up a backup trunk link, it is reported that hosts on two VLANs can access some, but not all the network resources that could be accessed previously. Hosts on all other VLANS do not have this problem. What is the most likely cause of this problem?

If the protected edge port function being disabled on the backup trunk interfaces is identified as the cause of the problem, this suggests a specific design in the network where the edge port protection plays a critical role in the accessibility of network resources.

Protected ports in a network are typically configured to isolate traffic between hosts on the same switch to prevent direct host-to-host communication. This is often used for security purposes. If these ports are part of the inter-VLAN routing process and they are disabled, it could potentially lead to a scenario where certain traffic types or flows expected to be isolated are now being transmitted or received in an unexpected manner, leading to the reported access issues.

In such a scenario, traffic that was once isolated might now be propagated due to the lack of protected port configuration, which could cause network resource accessibility issues due to potential security filters or policies being triggered by this unexpected traffic pattern.

To resolve this issue, the protected edge port function would need to be re-enabled on the backup trunk interfaces to restore the intended traffic flow and isolation as per the original network design. It’s also important to review the overall network design and understand why the protected port configuration is critical for resource access, as this is not a typical use case for protected ports.