02-09-2009 05:32 AM - edited 03-06-2019 03:56 AM
Hi All,
I have a question which occurred to me while studying form my BCMSN on route guard.
Assume i had a network similar to the one described in Figure 2 of the Root Guard feature page on Cisco here:-
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml
and deployed root guard on Switch C in the interface connecting to D.
When i switch on D and when D starts to send BPDU's advertising itself as the root, Switch C will block it and put the port into root inconsistent state UNTIL it stops receiving BPDU's on that port.
Am i right in assuming that manual intervention to change the root priority on D is require before any traffic can pass through C?
The article linked seems to indicate it is somehow an automatic process. Does Switch D just give up sending superior BPDU's after a certain time or does it simply sit there claiming to be the root for its own little segment indefinitely?
Thanks
02-09-2009 06:38 AM
Hello Scott,
Switch D has to stop sending better BPDUs then current root bridge.
So a manual intervention on switch D to remove
spanning-tree vlan X priority Y
is needed
Hope to help
Giuseppe
02-09-2009 06:43 AM
Thank you - most helpful.
02-09-2009 06:50 AM
As soon as aSwitch recieves Better BPDUs claiming to be a root bridge, and the (Root Guard) feature is enabled on the Root Switch, it will block the port due to the inconsistency.
Root inconsistency is not an STP state, its a log message generated by the Switch when it occurs.
HTH
Mohamed
02-09-2009 07:25 AM
Hi Mohamed, according to the link i provided above:-
"Switch C in Figure 2 blocks the port that connects to Switch D, after the switch receives a superior BPDU. Root guard puts the port in the root-inconsistent STP state. No traffic passes through the port in this state. After device D ceases to send superior BPDUs, the port is unblocked again."
Whilst i agree that root-inconsistent is not an STP "state" as such, like listening or learning etc is, the documentation refers to the port as being in that state, hence the confusion.
I do however think you may be wrong to say that root inconsistency is just a log message generated by the Switch when it occurs. The port is blocked, denying traffic until superior BPDU's stop arriving.
Unless im looking too much into your reply.
Many Thanks
02-10-2009 11:02 AM
Scott,
In PVST+ , the Ports has well known 4 STP states as follows:
1- Blocking
2- listening
3- learning
4- forwarding
If the Switch running RSTP, then STP port states are:
1- Discarding
2- Learning
3- Forwarding
If u do agree that (Inconsistency) is not an STP state, then thats what i was pointing at, I wanted to remind u about STP Port states.
HTH
Mohamed
02-10-2009 11:37 AM
Hello Mohamed,
a port in incosistent state is not usable.
The behavior is vlan specific so the feature is smart and doesn't require a shut/no shut like bpdu guard.
You can check with
sh spanning-tree inconsistent
It is not correct to say it is a legitimate RSTP state and also it is not correct to say it is just a log message.
You can think of it as a variation of Discarding state that can move to other state if the offending BPDUs stop to be received.
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: