I wonder if someone could clarify somethign for me please regarding STP root guard.
My study material and this Cisco document (http://www.cisco.com/warp/public/473/74.html) states that a port configured with root guard will place that port into root inconsistent state if a superior BPDU is received on the port. Ok no problem here.
It then states that when the switch sending the superior BPDU ceases to send them, then the port with root guard configured will come out of root inconsistent state and transition to listening, learning and then forwarding mode.
What I don't understand is under what condition will the switch sending the superior BPDU ceasse to send them?
Will it except that a switch which has a higher BID (the administratively configured root bridge)is the route bridge and stop sending it's own BPDU's?
If the newly connected switch sends a better (superior) bpdu than the current root bridge, then without bpduguard the new switch will become the root switch, which is generally inacceptable.
So it will not cease sending its own bpdus, because they are superior to the current root's bpdus.
Instead the current root switch will cease sending its own bpdus, because it will hear a better bpdu.
The newly introduced switch will cease sending its own bpdus into the network if you:
1. disconnect it
2. configure it with an inferior bridge priority (higher priority value than the current root switch).
[Edit] After adjusting the bridge priority, when you reconnect this new switch to the network, it will hear a superior bpdu from the current root switch and will cease to send its own bpdus. This is the normal STP behavior.
If a port with root guard configured receives a superior BPDU from a new switch added to the network, the port will go into root inconsistent state, the superior BPDU will be ignored and the current root bridge will remain the root bridge.
The new switch which is sending the superior BPDU's will continue to send them until I:
1. Disconnect it
2. Configure it with a higher priority then the currect root bridge, thus making its BPDU inferior.
And without either of these two options be taken, the new switch will continue sending its superior BPDU and the port with root guard configured will remain in root inconsistent state, thus blocking this BPDU.
The new switch will NOT accept the current (manually configured) root bridge with the higher BID root bridge.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...