Root Guard:
--> Root Guard is similar to BPDU Guard used for STP protection.
--> Basically Root Guard is used to prevent other switch in the network becoming Root Switch.
--> Root Guard can be configured only in interface mode.
--> Root Guard should be configured on the ports that connects other switches which should not become Root Switch.
--> Root Guard not required in the network if you manage all the switches or you configure Priorities on the Switches .
--> Root Guard works based upon per vlan basis.
To configure Root Guard
Switch(config)# interface fa0/1
Switch(config-if)# spanning-tree guard root
Loop Guard:
--> Loop Guard is used to avoid loops because of Unidirectional Links.
--> Loop Guard is similar to UDLD but it uses STP BPDU's to detect unidirectional links.
--> Loop Guard can be configured in Global Configuration Mode or Interface Mode.
--> The main difference between UDLD and Loop Guard is UDLD is cisco proprietary and it is not a STP feature
--> UDLD can detect the loops because of physical wiring problem whereas Loop Guard cannot detect this and UDLD can't detect the loops because of STP.
--> Depending Upon the Scenario either we can use UDLD or Loop Guard.
Switch(config)# spanning-tree loopguard default
Switch(config)# UDLD aggressive
--> Root Guard is similar to BPDU Guard used for STP protection.
--> Basically Root Guard is used to prevent other switch in the network becoming Root Switch.
--> Root Guard can be configured only in interface mode.
--> Root Guard should be configured on the ports that connects other switches which should not become Root Switch.
--> Root Guard not required in the network if you manage all the switches or you configure Priorities on the Switches .
--> Root Guard works based upon per vlan basis.
To configure Root Guard
Switch(config)# interface fa0/1
Switch(config-if)# spanning-tree guard root
Loop Guard:
--> Loop Guard is used to avoid loops because of Unidirectional Links.
--> Loop Guard is similar to UDLD but it uses STP BPDU's to detect unidirectional links.
--> Loop Guard can be configured in Global Configuration Mode or Interface Mode.
--> The main difference between UDLD and Loop Guard is UDLD is cisco proprietary and it is not a STP feature
--> UDLD can detect the loops because of physical wiring problem whereas Loop Guard cannot detect this and UDLD can't detect the loops because of STP.
--> Depending Upon the Scenario either we can use UDLD or Loop Guard.
Switch(config)# spanning-tree loopguard default
Switch(config)# UDLD aggressive
0 comments:
Post a Comment