Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

rootguard feature

Hi every body!

I find in chapter 4 of cisco press book that by default cisco switch detect all the following causes among others and put the port in erridisable state if it finds any:

rootguard,loopguard,bpduguard. etc

Once the port is in errdisable state, we need to enable it manually or we configure aotomatic recovery.

thanks a lot!

Then in same book , in chapter 10, my book says" rootguard feature reanable the port once the superior bpdu stop appearing on the port"

My point is it is only possible automatic recovery is configured by" erridisable recovery cause" command.

Am i correct?

thanks a lot!

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: rootguard feature

Hello Sarah,

loop guard and root guard are able to recover by themselves see for example this fresh log:

Jan 16 21:47:33: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet0/1 on VLAN0032.

Jan 16 21:47:34: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet0/1 on VLAN0019.

Jan 16 21:47:47: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port GigabitEthernet0/1 on VLAN0019.

instead bpdu guard puts the port in errordisable and so it requires manual change or automatically recover time.

one key point is that loop guard and I think also root guard are Vlan specific (see the messages above) and put the ports in spannning tree inconsistent state (again per vlan)

bpdu guard is thought for an access port and its action is port based not vlan based

Hope to help

Giuseppe

2 REPLIES
Hall of Fame Super Silver

Re: rootguard feature

Hello Sarah,

loop guard and root guard are able to recover by themselves see for example this fresh log:

Jan 16 21:47:33: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet0/1 on VLAN0032.

Jan 16 21:47:34: %SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet0/1 on VLAN0019.

Jan 16 21:47:47: %SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port GigabitEthernet0/1 on VLAN0019.

instead bpdu guard puts the port in errordisable and so it requires manual change or automatically recover time.

one key point is that loop guard and I think also root guard are Vlan specific (see the messages above) and put the ports in spannning tree inconsistent state (again per vlan)

bpdu guard is thought for an access port and its action is port based not vlan based

Hope to help

Giuseppe

Bronze

Re: rootguard feature

Thanks a lot!

157
Views
0
Helpful
2
Replies
CreatePlease to create content