Scribd
Upload
176 views20 pages

Spanning Tree Enhancements

This document discusses several STP enhancements including BPDU guard, root guard, BPDU filter, and loop guard. BPDU guard shuts down ports that receive BPDUs when PortFast is enabled. Root guard prevents switches from becoming the root bridge. BPDU filter blocks BPDUs from being sent on PortFast ports. Loop guard prevents ports from transitioning to a forwarding state if BPDUs are no longer received due to a potential loop. These features are demonstrated through packet tracer examples.

Uploaded by

wingenius
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
176 views20 pages

Spanning Tree Enhancements

This document discusses several STP enhancements including BPDU guard, root guard, BPDU filter, and loop guard. BPDU guard shuts down ports that receive BPDUs when PortFast is enabled. Root guard prevents switches from becoming the root bridge. BPDU filter blocks BPDUs from being sent on PortFast ports. Loop guard prevents ports from transitioning to a forwarding state if BPDUs are no longer received due to a potential loop. These features are demonstrated through packet tracer examples.

Uploaded by

wingenius
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 20

Michel TANNOURY Instructor

Outline
Introduction
BPDU guard Root guard

BPDU filter
Loop guard

Quick review of STP

STP enhancements
STP is designed to never create a loop.
Based on assumptions, that sometimes might not be

valid. BPDU guard, Root guard, BPDU filter, and loop guard:
Filter sent/received BPDU Control network reactions when unexpected topology

changes occur

STP enhancements
Supported by: PVST+ MST PVRST+

BPDU guard
Shuts down a Portfast enabled interface when a BPDU

is received.

BPDU guard
Packet tracer demo

Root guard
Forces an interface to become designated in order to

prevent a switch from becoming a root switch.

Root guard

Root guard

Root guard
With root guard enabled:

Root guard
Packet tracer demo

BPDU filter
Prevents switches from sending BPDU on Portfast-

enabled interfaces. Can be enabled:


Globally Per interface basis

BPDU filter enabled on an interface


S: Show spanning-tree int fa0/0 detail BPDU: sent x, received 0 R: conf terminal
R(config)# bridge 1 protocol ieee Exit R(config)# int fa0/0 R(config-if)# bridge-group 1 // the router is now participating in bridging and sending BPDU to The switch On the switch now: S# show spanning-tree int fa0/0 detail BPDU: sent x, received y Now enable bpdu filter: S(config)#Int fa0/1 S(config-if)#Spanning-tree bpdufilter enable Now issue again the command show spanning-tree int fa0/1 detail You will see that number of received BPDUs is not increasing anymore

BPDU filter enabled globally


On the switch enable BPDU filter and portfast
S(config)# spanning-tree portfast bpdufilter default S(config)# spanning-tree portfast default

S#show spanning-tree summary S#show spanning-tree interface fa0/1 portfast

On the router: R(config)# bridge 1 protocol ieee R(config)# int fa0/0 R(config-if)# bridge-group 1
On the switch: S# show spanning-tree int fa0/1 portfast Disabled We can use also debug spanning-tree bpdu

BPDU filter
Demo using real equipement

Loop guard
Used to prevent bridging loops
STP blocking port erroneously transitions to

forwarding state => bridging loop A blocking port stops receiving bpdu => transitions to forwarding state => bridging loop Loop guard feature : additional check before transitioning a blocking port to the forwarding state (loop inconsistent state)

Loop guard demo

Loop guard demo


Enable bpdu filter on fa0/2 on switch2. Fa0/2 on switch3 wont receive bpdu anymore, transitions to forwarding state, => loop

Loop guard demo


Enable loopguard globally on the switches Spanning-tree loopguard default Bpdu filter enabled on Fa0/2 on Switch2 Fa0/2 on Switch3 will go to loop Inconsistent state

You might also like