Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

951

952

953

954

955

956

957

958

959

960

Configuring Root Guard

Enable STP root guard on a per-port or per-port-channel basis.

Dell Networking OS Behavior: The following conditions apply to a port enabled with STP root guard:

● Root guard is supported on any STP-enabled port or port-channel interface.

● Root guard is supported on a port in any Spanning Tree mode:

○ Spanning Tree Protocol (STP)

○ Rapid Spanning Tree Protocol (RSTP)

○ Multiple Spanning Tree Protocol (MSTP)

○ Per-VLAN Spanning Tree Plus (PVST+)

● When enabled on a port, root guard applies to all VLANs configured on the port.

● You cannot enable root guard and loop guard at the same time on an STP port. For example, if you configure root guard on a

port on which loop guard is already configured, the following error message displays: • % Error: LoopGuard is

configured. Cannot configure RootGuard.

● When used in an MSTP network, if root guard blocks a boundary port in the CIST, the port is also blocked in all other MST

instances.

To enable the root guard on an STP-enabled port or port-channel interface in instance 0, use the following command.

● Enable root guard on a port or port-channel interface.

INTERFACE mode or INTERFACE PORT-CHANNEL mode

spanning-tree {0 | mstp | rstp | pvst} rootguard

○ 0: enables root guard on an STP-enabled port assigned to instance 0.

○ mstp: enables root guard on an MSTP-enabled port.

○ rstp: enables root guard on an RSTP-enabled port.

○ pvst: enables root guard on a PVST-enabled port.

To disable STP root guard on a port or port-channel interface, use the no spanning-tree 0 rootguard command in an

interface configuration mode.

To verify the STP root guard configuration on a port or port-channel interface, use the show spanning-tree 0 guard

[interface interface] command in a global configuration mode.

Enabling SNMP Traps for Root Elections and

Topology Changes

To enable SNMP traps individually or collectively, use the following commands.

● Enable SNMP traps for spanning tree state changes.

snmp-server enable traps stp

● Enable SNMP traps for RSTP, MSTP, and PVST+ collectively.

snmp-server enable traps xstp

STP Loop Guard

The STP loop guard feature provides protection against Layer 2 forwarding loops (STP loops) caused by a hardware failure,

such as a cable failure or an interface fault.

When a cable or interface fails, a participating STP link may become unidirectional (STP requires links to be bidirectional) and an

STP port does not receive BPDUs. When an STP blocking port does not receive BPDUs, it transitions to a Forwarding state.

This condition can create a loop in the network.

For example, in the following example (STP topology 1, upper left), Switch A is the root switch and Switch B normally transmits

BPDUs to Switch C. The link between Switch C and Switch B is in a Blocking state. However, if there is a unidirectional link

failure (STP topology 1, lower left), Switch C does not receive BPDUs from Switch B. When the max-age timer expires, the

960

Spanning Tree Protocol (STP)