cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4942
Views
4
Helpful
2
Replies

Loop Guard - Thoughts on Best Practices, Where to Use

Nickolus Looper
Level 1
Level 1

Hi All -

I'm looking for thoughts on best practices w.r.t. which interfaces 'spanning-tree guard loop' should be configured on.

If a particular access switch has two uplinks to the same distro switch, and these are bundled in a Port Channel, is there a benefit to configuring loop guard on each of the physical ports which make up the Po?  Under the config of the Po interface?

Thanks

Nick

1 Accepted Solution

Accepted Solutions

Mohamed Sobair
Level 7
Level 7

Hello,

Loop Guard is a feature intended to provide additional check to prevent STP bridging loop, in order for a port to remian on blocking STP state, it needs to continously recieves BPDU from the upstream designated port. If the Blocking port for any reason fails to recieve STP BPDUs, the port will move to STP forwarding State and would therfore create a loop. So, where STP Loop Guard Feature should be configured, the most obvious answer is on the Blocking STP ports.

Its the ports (Alternate Blocking) and (Root Ports) where STP Loop Guard should be enabled.

However, if you have a single portchannel to a distribution Switch, you Dont need Loop Guard feature here. You would need it if your Access Switch has 2 uplinks to two different distribution Switches.

HTH

Mohamed

View solution in original post

2 Replies 2

Mohamed Sobair
Level 7
Level 7

Hello,

Loop Guard is a feature intended to provide additional check to prevent STP bridging loop, in order for a port to remian on blocking STP state, it needs to continously recieves BPDU from the upstream designated port. If the Blocking port for any reason fails to recieve STP BPDUs, the port will move to STP forwarding State and would therfore create a loop. So, where STP Loop Guard Feature should be configured, the most obvious answer is on the Blocking STP ports.

Its the ports (Alternate Blocking) and (Root Ports) where STP Loop Guard should be enabled.

However, if you have a single portchannel to a distribution Switch, you Dont need Loop Guard feature here. You would need it if your Access Switch has 2 uplinks to two different distribution Switches.

HTH

Mohamed

Thanks for the reply and info - much appreciated!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco