Users Guide
Use the spanning-tree disable command to disable the STP.
Backward compatibility and interoperability
Spanning tree modes are backward compatible and interoperable with the STP version.
The OS10 interoperability feature is designed to support the convergence when the peer switch is running PVST+.
When an OS10 switch running Rapid PVST+ is connected to a CISCO switch running PVST+, convergence occurs only on VLAN
1. For VLAN other than 1, STP convergence does not happen, which creates a loop and collapses the network.
For VLAN 1, the peer switch sends legacy 802.1 D PDU without any VLAN tag. For VLAN other than 1, the peer switch sends
PVST+ BPDU (802.1D BPDU with VLAN tag and Cisco specific originating VLAN ID TLV at the end of the BPDU). OS10 device
sends RSTP PDU on VLAN 1 and RPVST+ PDU (802.1w BPDU with VLAN tag and CISCO specific originating VLAN ID TLV at
the end of the BPDU) on VLAN 10.
Convergence happens only for VLAN 1 because OS10 Rapid PVST+ flavor is backward compatible with the STP flavor.
Convergence fails for VLAN 10 due to incompatible BPDU exchange between the devices.
Use the spanning-tree rapid-pvst default-behavior command to switch between the current OS10 behavior
(Rapid PVST+) and vendor behavior other than OS9 or OS10.
BPDU extensions
STP extensions provide a means to ensure efficient network convergence by securely enforcing the active network topology.
OS10 supports BPDU filtering, BPDU guard, root guard, and loop guard STP extensions.
The system discards regular data traffic after a BPDU violation.
BPDU filtering
Stops sending or receiving BPDUs from a faulty device, there by protecting the network from unexpected
flooding of BPDUs. Enabling BPDU Filtering on an interface causes the system to stop sending or
receiving BPDUs.
BPDU guard Blocks the L2 bridged ports and LAG ports connected to end hosts and servers from receiving any
BPDUs. When you enable BPDU guard and when the BPDU frames are being received on the interface,
the bridge or LAG is placed in the blocking state. In case of a LAG, ports are either STP blocked or
shutdown based on the error disable command action. The data traffic is dropped but the port continues
to forward BPDUs to the CPU that are later dropped. To prevent further reception of BPDUs, configure a
port to shut down using the error disable command. For more information on this command.
Root guard Preserves the root bridge position during network transitions. STP selects the root bridge with the lowest
priority value. During network transitions, another bridge with a lower priority may attempt to become the
root bridge and cause unpredictable network behavior. To avoid such an attempt and to preserve the
position of the root bridge, configure the spanning-tree guard root command. This configuration
places the port in an inconsistent state if the port receives superior BPDU. Root guard is enabled only on
designated ports. The root guard configuration applies to all VLANs configured on the port.
Loop guard Prevents L2 forwarding loops caused by a cable or interface hardware failure. When a hardware failure
occurs, a participating spanning-tree link becomes unidirectional and the port stops receiving BPDUs.
When the blocked port stops receiving BPDUs, it transitions to a Forwarding state causing spanning-tree
loops in the network. Enable loop guard using the spanning-tree guard loop command on an
interface so that it transitions to the Loop-Inconsistent state until it receives BPDUs. After BPDUs are
received, the port moves out of the Loop-Inconsistent or Blocking state and transitions to an appropriate
state determined by STP. Enabling loop guard on a per-port basis enables it on all VLANs configured on
the port.
NOTE:
1. Root guard and Loop guard are mutually exclusive.
2. Configuring one overwrites the other from the active configuration.
1. Enable spanning-tree BPDU filter in INTERFACE mode.
spanning-tree bpdufilter enable
596
Layer 2