Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

LAN switch

How to avoid layer2 loop?.

some of our end user connected to core siwtch. due to some physical port limitation they were connecting hub own. after sometime it gets looped.

i would like to know if there is any to control to from switch to avoid layer two loops...

due to windows limiatation we have enabled portfast on default all acces layer switches.

even i have enabled rootguard and loop as well on the trunk port.

can any one suggest to resolve the issue.

thanks in advance


Re: LAN switch

Spanning Tree was designed to create a loop free L2 network.

Portfast feature should be enabled only on edge ports, where clients and/or servers connect to the network. Do not configure shared or trunk ports with portfast. This can cause loops in your switched networks.

Please post your configuration for further assistance.



* Please rate useful posts

Re: LAN switch

STP used for the loop avoidance in switching network...

first of all make sure about the should not be enable on your trunk links...




Re: LAN switch

You also want to put the bpduguard option on your portfast ports. This will cause the port to be disabled when it see a bridge pdu.

The other common way to prevent hubs in general is to mac limit your access ports. There are many variations from hard locking the port to a mac address to just allowing any mac addresses but only 1 at a time

Re: LAN switch


Can u verify weather u have two links from the switch connected in the HUB this might also cause the loop.



New Member

Re: LAN switch

depend on what kind of switch you have... your switch should support BPDU-GUARD and BPDU-FILTER...

I have BPDU-GUARD enabled by default ( global ) so all portfast enabled ports automatically has BPDU-Guard enabled.

Do be careful with BPDU-FILTER. You probably want to make sure your switch doesn't stop sending BPDU out to the client. Otherwise, BPDU-guard won't work and your switch will never detect a loop.

even with bpdu-guard enabled, there is still a chance to have a bridging loop. once a broadcast storm starts, your switch might be too busy to err-disable a port.



New Member

Re: LAN switch

i have already enabled bpdu gurad on portfast enabled port. But any enduser connect any hub (cables are connected on the port) siwtch will never detect the loop.

is there any way to crontrol layer2 loop....

New Member

Re: LAN switch

Portfast must be enabled on edge ports. If enabled in ports connected to a hub or switch, you will have problem.

BPDU filter should not be the best choice if you want to avoid loops, as described by Eric. BPDU Guard is not a "fair" solution - from the user point of view..

STP is the way to control layer 2 loops.

In this case, the best practise is do not connect end users in a Core Switch.