Manualshelf

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch
191192193194195196197198199200
Send feedback to nx5000-docfeedback@cisco.com
10-12
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 10 Configuring STP Extensions
Configuring STP Extensions
Enabling Loop Guard Globally
You can enable Loop Guard globally by default on all point-to-point spanning tree normal and network
ports. Loop Guard does not run on edge ports.
Loop Guard provides additional security in the bridge network. Loop Guard prevents alternate or root
ports from becoming the designated port because of a failure that could lead to a unidirectional link.
Note Entering the Loop Guard command for the specified interface overrides the global Loop Guard
command.
Before you configure this feature, you should do the following:
Ensure that STP is configured.
Ensure that you have spanning tree normal ports or have configured some network ports.
To enable Loop Guard globally, perform this task:
This example shows how to enable Loop Guard on all spanning tree normal or network ports:
switch# configure terminal
switch(config)# spanning-tree loopguard default
Enabling Loop Guard or Root Guard on Specified Interfaces
Note You can run Loop Guard on spanning tree normal or network ports. You can run Root Guard on all
spanning tree ports: normal, edge, or network.
You can enable either Loop Guard or Root Guard on specified interfaces.
Enabling Root Guard on a port means that port cannot become a root port, and LoopGuard prevents
alternate or root ports from becoming the designated port because of a failure that could lead to a
unidirectional link.
Both Loop Guard and Root Guard enabled on an interface apply to all VLANs to which that interface
belongs.
Note Entering the Loop Guard command for the specified interface overrides the global Loop Guard
command.
Before you configure this feature, you should do the following:
Ensure that STP is configured.
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# spanning-tree loopguard
default
Enables Loop Guard by default on all spanning tree
normal and network ports. By default, global Loop
Guard is disabled.