02-13-2008 02:31 AM - edited 03-05-2019 09:07 PM
Hi ,
Please let me know where do we configure Root Guard & designated part means on which switch.
Also please let me know where do we configure Ip Helper Address on a switch/Router?
Solved! Go to Solution.
02-15-2008 01:33 AM
Goutam,
Go ahead and configure the switch port as layer-3 port by issuing " no switchport " command. This should work for your and will be able to put the ip helper command on it.
HTH,
-amit singh
02-13-2008 02:51 AM
Hi,
I think the following links will help you for root guard placement.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml
http://conft.com/univercd/cc/td/doc/product/lan/cat2960/12244se/scg1/swstpopt.htm
In the routers ip helper address is configured in the interface config mode, where as in switches its configured on layer 3 vlan and if any layer 3 physical interfaces.
Like...
interface Vlan11
ip address 10.0.0.2 255.255.255.0
ip helper-address 10.0.0.100
I hope it helps you.
Regards,
*aijaz*
02-13-2008 02:52 AM
Hi,
For Root Guard, pls visit:
http://cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml
ip helper-address : IP helper-address is an interface configuration command and which is disable by default. To enable the forwarding of User Datagram Protocol (UDP) broadcasts, including BOOTP received on an interface.
As per Cisco: Forwards UDP broadcasts, including BOOTP, received on an interface.
Thanks & Regards
Goutam
Pls rate if it helps
02-13-2008 08:06 PM
Hi,
Root Guard is a feature to prevent another switch newly attached to the network from becoming a root bridge, and protect the network to reconverge.
You have to configure root guard on those ports where root bridge BPDUs are not expected at all, like user access ports.
Don't configure root guard on ports where BPDUs from the root are expected, otherwise you will block that port.
Helper address:
The "ip helper-address" command should be configured on the router interface which is directly connected to the LAN segment where DHCP hosts reside.
In other words it is the incoming interface for the DHCP discover and request packets (not the outgoing).
If you have more routers between the given LAN segment and the DHCP server, you do not need to configure "ip helper-address" on each router along the way:
The first router with its directly connected interface will convert DHCP broadcasts to unicasts and forward them to the DHCP server.
Of course, you need to have the approriate routes in the routers that will direct the packets between the DHCP hosts and the DHCP server.
Cheers:
Istvan
02-14-2008 09:48 PM
Appreciate for the valuable information!
I)But I have a query on Ip-Helper Address as you said we can configre "Ip-Helper on a Router interface which is directly connected to the LAN segment where DHCP hosts reside" along with this i believe you can keep the DHCP server in the other network segment as well to perform the same function if proper routing is enabled .
Also can we configure Ip-Helper address on L3 switch inteface ?
II) what is the diffrence in Root Guard and Loop Guard ?
Thanks,
Akber.
02-14-2008 10:18 PM
Hi,
I) No you can not at L3 Switches.
II) As per Cisco : BPDU guard and root guard are similar, but their impact is different. BPDU guard disables the port upon BPDU reception if PortFast is enabled on the port. The disablement effectively denies devices behind such ports from participation in STP. You must manually reenable the port that is put into errdisable state or configure errdisable-timeout.
Root guard allows the device to participate in STP as long as the device does not try to become the root. If root guard blocks the port, subsequent recovery is automatic. Recovery occurs as soon as the offending device ceases to send superior BPDUs.
thanks
Goutam
Pls rate if it helps.
02-14-2008 11:16 PM
hi Goutan,
If i am not wrong we can configure Ip-Helper address on switch layer 3 interface.
Ex:-
Interface vlan 10
ip address 10.200.2.10 255.255.255.0
ip helper address x.x.x.x
Please answer me.
Regds,
Akber.
02-14-2008 11:39 PM
Hi Akber,
The question is "Also can we configure Ip-Helper address on L3 switch interface?" if I go for the physical interface then as per my knowledge it is not possible. If I go as per u then its possible. Pls find the below:
SW_L3(config)#int gi 0/4
SW_L3(config-if)#ip ?
Interface IP configuration subcommands:
access-group Specify access control for packets
arp Configure ARP features
dhcp DHCP
igmp IGMP interface commands
verify verify
SW_L3(config-if)#ip
SW_L3(config-if)#int vlan1
SW_L3(config-if)#ip ?
SW_L3(config-if)#ip helper-address ?
A.B.C.D IP destination address
Goutam :)
02-15-2008 01:33 AM
Goutam,
Go ahead and configure the switch port as layer-3 port by issuing " no switchport " command. This should work for your and will be able to put the ip helper command on it.
HTH,
-amit singh
02-15-2008 01:49 AM
Hi Amit,
I just realised that one can always learn something or other from a good company. Thanks :)
Goutam
02-15-2008 01:55 AM
Amit,
I believe we can configure ip-helper on L3 switch port with out no switch port command.( I have performed on a 6509 L3 switch)
Ex:-
interface gi 0/1
ip address x.x.x.x x.x.x.x
ip-helper address x.x.x.x
I think we cant perform a ip helper address with no switch port comand on l3 port.
Thnks,
Akber.
02-15-2008 04:08 AM
Appreciate if somebody can answer the above query.
Rgds,
Akber.
02-15-2008 05:05 AM
Akber,
Bydefault on Cisco 6500 switch running IOS all the ports are Layer-3 ports, so you dont need to put " no switchport " command. That's why you are also able to put an IP address on it because it is a layer 3 port. On other switches like 4500/3750/3560's your ports are L2 bydefault and you need to put " no switchport " command to make it L3 port and work the things out.
HTH, Please rate if it does.
-amit singh
02-17-2008 08:33 PM
Thanks for the inputs!
So that means Ip-Helper Address command on a Router and L2 switch as well with no switch port coomand .
Also i believe we can perform ip-helper on a l3 switch port.
Please confirm.
Thanks,
Akber.
02-17-2008 10:20 PM
Akber,
You can put an Ip-helper on a layer-3 interface br it on a router or L3 switch with SVI's or the L3 switchport.
HTH,
-amit singh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: