03-23-2019 09:59 AM
Hello, I'm trying to find an article that explains configuring root guard on VPC port-channels...which I cannot find anything on.
I have a switch that connects to 2 nexus vpc peer link core switches via VPC (picture attached). I want to make sure that this switch A does not become the root for any VLAN ever. From my understanding, i should configure root guard on the interfaces trunks off the cores that connect to Switch A. Are there any caveats for doing this on VPC port-channels? So I go into Nexus A and configure the following:
conf t
int po12
spann tree guard root
then I repeat the same in the other Nexus B correct?
Thank you
03-23-2019 10:17 AM
= The correct way is still to assign correct bridge priority to the intended root bridge (albeid per vlan or not) , stay away from root guard, controlled network management is better.
M.
03-23-2019 11:18 AM
Hi,
I agree that you should just make sure that nexus-a is the root for all vlans and nexus-b is the backup root to all vlans and leave the other switch at default stp priority. No need for guard root.
HTH
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: