Administrator Guide
In STP topology 3 (shown in the lower middle), if you have enabled the root guard feature on the STP port on Switch C that connects to
device D, and device D sends a superior BPDU that would trigger the election of device D as the new root bridge, the BPDU is ignored and
the port on Switch C transitions from a forwarding to a root-inconsistent state (shown by the green X icon). As a result, Switch A becomes
the root bridge.
Figure 127. STP Root Guard Prevents Bridging Loops
Conguring Root Guard
Enable STP root guard on a per-port or per-port-channel basis.
Dell Networking OS Behavior: The following conditions apply to a port enabled with STP root guard:
• Root guard is supported on any STP-enabled port or port-channel interface except when used as a stacking port.
• Root guard is supported on a port in any Spanning Tree mode:
• Spanning Tree Protocol (STP)
• Rapid Spanning Tree Protocol (RSTP)
• Multiple Spanning Tree Protocol (MSTP)
• Per-VLAN Spanning Tree Plus (PVST+)
• When enabled on a port, root guard applies to all VLANs congured on the port.
• You cannot enable root guard and loop guard at the same time on an STP port. For example, if you congure root guard on a port on
which loop guard is already congured, the following error message displays: • % Error: LoopGuard is configured.
Cannot configure RootGuard.
• When used in an MSTP network, if root guard blocks a boundary port in the CIST, the port is also blocked in all other MST instances.
To enable the root guard on an STP-enabled port or port-channel interface in instance 0, use the following command.
932
Spanning Tree Protocol (STP)