as I understand it, the root guard feature is not meant to be implemented on trunk ports that are under your own administrative control, but rather on edge ports connecting e.g. an ISP to external devices. Since root guard applies to all VLANs, it would block a trunk port trying to become the root port. I guess the idea is that you, as the administrator of your network, need to be protected against external switches trying to become the root, but that your internal STP configuration should not be affected...
GP, thanks for the information. I really don't like this command because in the Cisco text I can find, they only give examples of its use within a 3 or 4 switch network, and mention nothing about proper use of it within vlans.
Rootguard can only be configured per port, but it is applied on a per instance basis. So basically, if rootguard is configured on a trunk, only vlans receiving superior information would be blocked (assuming you are running PVST).
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...