Root Guard, BPDU Guard, etc

mikearamamikearama Member Posts: 749
Ok then techies... having a hard time keeping this straight. Hopefully one of you has worked out a simpler method.

Portfast I get... ideally suited for ports connecting to one node. Doesn't share in STP.

BPDU Guard... again, for end user devices. Question: if run globally on a switch where a port is already connected to a downstream switch, does the port errdisable? or does BPDU Guard not enable for that one port?

Root Guard... if BPDU Guard is already configured on all end user ports, is there a reason to enable Root Guard? Seems like BPDU Guard will prevent bpdu's already, so a new switch on the port could never become the root, right?

Loop Guard... doesn't this effectively prevent creation of a new root switch if the existing one goes down? As I read it, BPDU's are expected on the BLK'd port. When they stop appearing (ie, the root switch is down), Loop Guard prevents the port from Listening/Learniing. Huh? The root went down... shouldn't the port come up?

Preciate your thoughts,
Mike
There are only 10 kinds of people... those who understand binary, and those that don't.

CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110

Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Enabling BPDU guard globaly only applys to portfast ports.

    You apply root guard on ports connecting to non root switches on switches other than the root, not end user ports.

    Loop guard prevents the port from trasitioning to forwarding when it stops receiving BPDUs so a loop is not formed.
    An expert is a man who has made all the mistakes which can be made.
  • mikearamamikearama Member Posts: 749
    I'm clear then on everything except:
    Loop guard prevents the port from trasitioning to forwarding when it stops receiving BPDUs so a loop is not formed.

    Again, what if the root REALLY does go down. I want this port to transition, don't I? How does Loop Guard know the difference?
    There are only 10 kinds of people... those who understand binary, and those that don't.

    CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110

    Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Loop guard prevents blocked ports from transitioning to forwarding. If the port is blocking than it must mean it is receiving BPDUs on another port from the root (the root port). If the root fails the stp will be recalulated.
    An expert is a man who has made all the mistakes which can be made.
  • mikearamamikearama Member Posts: 749
    Oh... my... god. How'd I miss that!??! Thanks bro.
    There are only 10 kinds of people... those who understand binary, and those that don't.

    CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110

    Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    No problem, those all got kinda blurred together for me at first also.
    An expert is a man who has made all the mistakes which can be made.
Sign In or Register to comment.