Configuring STP loop guard
Spanning tree is used to ensure a loop-free topology over the LAN. Occasionally a hardware or software failure can cause STP to fail, creating STP/ forwarding loops that can cause network failures where unidirectional links are used. The non-designated port transitions in a faulty manner because the port is no longer receiving STP BPDUs.
STP Loop Guard causes the non-designated port to go into the STP loop inconsistent state instead of the forwarding state. In the loop-inconsistent state, the port prevents data traffic through the link, therefore avoiding the loop creation. When BPDUs again are received on the inconsistent port, it resumes normal STP operation automatically.
Syntax:
[no] spanning-tree <port-list> loop-guard
Enables STP Loop Guard on a particular port or ports. STP Loop Guard is best applied on blocking or forwarding ports.
The
noform of the command disables STP Loop Guard.Default: Disabled
Before configuring loop guard
Before configuring Loop Guard on port 20, the status of VLAN 20 appears as follows:
switch(config)#: show spanning-tree vlan 20
Spanning Tree Information
STP Enabled [No] : Yes
Mode : RPVST
Extended System ID : Enabled
Ignore PVID Inconsistency : Disabled
Switch MAC Address : 002347-c651c0
VLAN ID : 20
RPVST Enabled : Enabled
Root MAC Address : 0024a8-d13a40
Root Priority : 32,768
Root Path Cost : 20,000
Root Port : 1
Operational Hello Time (secs) : 2
Topology Change Count : 2
Time Since Last Change : 9 secs
Designated
Port Type Cost Priority Role State Bridge
----- ---------- ------ --------- ---------- ---------- ---------------
1 100/1000T 20000 128 Root Forwarding 0024a8-d13a40
20 10/100TX 200000 128 Alternate Blocking 002347-587b80
After configuring loop guard
This example shows that, by executing spanning-tree
20 loop-guard, loop guard has been configured on port 20
of Switch 2:
switch(config)#: show spanning-tree Spanning Tree Information STP Enabled [No] : Yes Mode : RPVST Extended System ID : Enabled Ignore PVID Inconsistency : Disabled RPVST Enabled VLANs : 20 Switch MAC Address : 002347-c651c0 Root Guard Ports : Loop Guard Ports : 20 TCN Guard Ports : BPDU Protected Ports : BPDU Filtered Ports : Auto Edge Ports : 1-24 Admin Edge Ports : VLAN Root Mac Root Root Root Hello ID Address Priority Path-Cost Port Time(sec) ----- --------------- ---------- ---------- -------------------- --------- 100 0024a8-d13a40 32,768 20,000 1 2
Switch ceasing to send BPDUs
With switch 1 ceasing to send BPDUs through port
20 to switch 2, port 20 goes into the “inconsistent” state and ceases
to forward traffic, as displayed in the following show spanning-tree output
for VLAN 20.
switch(config)#: show spanning-tree vlan 20
Spanning Tree Information
STP Enabled [No] : Yes
Mode : RPVST
Extended System ID : Enabled
Ignore PVID Inconsistency : Disabled
Switch MAC Address : 002347-c651c0
VLAN ID : 20
RPVST Enabled : Enabled
Root MAC Address : 0024a8-d13a40
Root Priority : 32,768
Root Path Cost : 20,000
Root Port : 1
Operational Hello Time (secs) : 2
Topology Change Count : 3
Time Since Last Change : 42 hours
Designated
Port Type Cost Priority Role State Bridge
----- ---------- ------ --------- ---------- ---------- ---------------
1 100/1000T 20000 128 Root Forwarding 0024a8-d13a40
20 10/100TX 200000 128 Alternate Inconsi... 002347-587b80 Displaying config file with loop guard enabled
The following example displays show
spanning-tree config output with loop guard enabled on Port
20:
switch(config)#: show spanning-tree config
Spanning Tree Information
STP Enabled [No] : Yes
Mode : RPVST
Extended System ID : Enabled
Ignore PVID Inconsistency : Disabled
RPVST Enabled VLANs : 100
Switch MAC Address : 002347-c651c0
Root Guard Ports :
Loop Guard Ports : 20
TCN Guard Ports :
BPDU Protected Ports :
BPDU Filtered Ports :
Auto Edge Ports : 1-24
Admin Edge Ports :
Max Age Forward Hello Admin Root
VLAN Priority (sec) Delay(sec) Time(sec) Bridge
---- -------- ------- ---------- --------- ----------------
100 32768 20 15 2 Not Configured