I have a doubt of how proceed in the implementation of the ROOT GUARD in my LAN
1. Its better to implement the ROOT GUARD ( per port config ) on the CORE switch (6509 ) or on the ACCESS switch ? ( 3550 )
2. Its correct to implement Root Guard and BPDU GUARD in the same switch ? The first works per port the 2nd works globally
Thanks for your suggestion !
1) The root guard must be configured on the designated port. The designated port is located in the STP Root switch.
The root port is located in the leaf switch (access switch). Root guard must not be configured there.
2) Yes, bpduguard and root guard can be configured in the same switch. Bpduguard works in the port and also globally. In global mode, all ports are affected by this setting while per port, only the configured port is affected.
Please rate helpful posts