Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1683
Views
0
Helpful
2
Replies

guard root on VPC port-channel

Amafsha1
Level 2
Level 2

‎03-23-2019 09:59 AM

Hello, I'm trying to find an article that explains configuring root guard on VPC port-channels...which I cannot find anything on. 

I have a switch that connects to 2 nexus vpc peer link core switches via VPC (picture attached).  I want to make sure that this switch A does not become the root for any VLAN ever.  From my understanding, i should configure root guard on the interfaces trunks off the cores that connect to Switch A.  Are there any caveats for doing this on VPC port-channels?  So I go into Nexus A and configure the following:

 

 

conf t

int po12

spann tree guard root

 

then I repeat the same in the other Nexus B correct?

 

Thank you

Labels:
Preview file
45 KB
0 Helpful
2 Replies 2

marce1000
Hall of Fame
Hall of Fame

‎03-23-2019 10:17 AM

 

 = The correct way is still to assign correct bridge priority to the intended root bridge (albeid per vlan or not) , stay away from root guard, controlled network management is better.

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame

‎03-23-2019 11:18 AM

Hi,

I agree that you should just make sure that nexus-a is the root for all vlans and nexus-b is the backup root to all vlans and leave the other switch at default stp priority. No need for guard root.

HTH

0 Helpful
Customers Also Viewed These Support Documents