Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
779
Views
0
Helpful
3
Replies

STP BPDU Detection

Go to solution
belagaligirish9
Level 1
Level 1

‎01-09-2019 07:43 AM - edited ‎03-05-2019 11:10 AM

Dear Team,

 

I have the question like how the BPDU detection works in the case of two/three vlan, whether VLAN ID included in BPDU packet/header

 

In attached diagram, How SwitchA\B\C will understand the correct BPDU to avoid the loop between SwitchF\E\D

 

If one of the Loop found the topology change then TCN packet will flood to other network also and others will be looped.

 

Please assist

 

 

Labels:
Preview file
50 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to belagaligirish9

‎01-10-2019 08:15 PM

HI,

Yes, we can and this is called Root Gaurd.

 

The administrator can set the root bridge priority to 0 in an effort to secure the root bridge position. But there is no guarantee against a bridge with a priority of 0 and a lower MAC address.

 

The root guard feature provides a way to enforce the root bridge placement in the network.

 

The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together. If the bridge receives superior STP Bridge Protocol Data Units (BPDUs) on a root guard-enabled port, root guard moves this port to a root-inconsistent STP state. This root-inconsistent state is effectively equal to a listening state. No traffic is forwarded across this port. In this way, the root guard enforces the position of the root bridge.

 

SW(config)# interface fastethernet 0/10
SW(config-if)# spanning-tree rootguard

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎01-09-2019 09:48 PM

Hi,

 

How SwitchA\B\C will understand the correct BPDU to avoid the loop between SwitchF\E\D

Here, STP Root Bridge switch is playing his role. STP will select a Root bridge switch and every switch will forward this Root Bridge ID to its neighbour with self root reachability cost (Incoming root port cost). Once the Root Bridge (Switch) is elected, every other Switch in the network must select a single port on it to reach the Root Bridge (Switch). The single selected port on a Switch with least Path Cost to the Root Bridge is called the Root Port. Root Bridge (Switch) will never have a Root Port.

 

Now, Switch will check the received root cost and select a self-root port as the lowest reachability path to the root bridge switch. If switch will receive the same cost from one or more ports then it will choose lowest interface ID (Prio.Nbr) and it 128.1 for switch's port 1. It will incase as port number is increasing as for port 2nd 128.2, for 3rd port 128.3 etc.

 

Regards,

Deepak Kumar

 

 

 

 

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
belagaligirish9
Level 1
Level 1
In response to Deepak Kumar

‎01-10-2019 06:36 PM

Hi Deepak,

 

Thanks for reply.

 

If any of the root id is superior than the other root id of the looped network and other switches receiving the superior root id then can it will change root id to superior root id?

 

Can we assign the fixed root id on switch/port so if it will receive the other BPDU then it will discard that BPDU after verifying?

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to belagaligirish9

‎01-10-2019 08:15 PM

HI,

Yes, we can and this is called Root Gaurd.

 

The administrator can set the root bridge priority to 0 in an effort to secure the root bridge position. But there is no guarantee against a bridge with a priority of 0 and a lower MAC address.

 

The root guard feature provides a way to enforce the root bridge placement in the network.

 

The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together. If the bridge receives superior STP Bridge Protocol Data Units (BPDUs) on a root guard-enabled port, root guard moves this port to a root-inconsistent STP state. This root-inconsistent state is effectively equal to a listening state. No traffic is forwarded across this port. In this way, the root guard enforces the position of the root bridge.

 

SW(config)# interface fastethernet 0/10
SW(config-if)# spanning-tree rootguard

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card