Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
954
Views
2
Helpful
4
Replies

Why should Loop Guard be also enabled on root ports in STP?

Go to solution
Mitrixsen
Level 1
Level 1

‎07-25-2024 05:02 AM

Hello, everyone.

I am studying about Loop Guard at the moment and I came across this Cisco Doc.

https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol-stp-8021d/218321-configure-stp-with-loop-guard-and-bpdu-s.html

Where the following information was mentioned:

On which ports is the loop guard be enabled? The most obvious answer is on the blocking ports. However, this is not totally correct. Loop guard must be enabled on the non-designated ports (more precisely, on root and alternate ports) for all possible combinations of active topologies.

Before I read this, I thought that Loop Guard should only be enabled for all active topologes on switches that have an alternate port. Since it's the alternate port that can cause a loop if it stops receiving BPDUs and transitions into forwarding, correct? So why does this Cisco document also include root ports? How can a root port cause a loop when its already forwarding?

Thank you.

David

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎07-25-2024 05:08 AM - edited ‎07-25-2024 05:24 AM

If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop.

which port is send and which port is receive in STP ?
root port and Blk port is only receive 
designated port is send 

so since the loop guard work on detect bpdu receive then it can config in both root and blk and prevent loop if root or blk not receive bpdu 

MHM 

View solution in original post

Go to solution
Martin L
VIP
VIP

‎07-25-2024 05:23 AM

Note that port selection has something to do with the flow of BPDUs; that is one-direction; from Root switch to other switches; Without Loop Guard, port wants to send BPDU in opposite direction; aka "against traffic". The link u provided has pretty good explanation. 

Regards, ML
**Please Rate All Helpful Responses **

View solution in original post

0 Helpful
4 Replies 4

Go to solution
MHM Cisco World
VIP
VIP

‎07-25-2024 05:08 AM - edited ‎07-25-2024 05:24 AM

If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop.

which port is send and which port is receive in STP ?
root port and Blk port is only receive 
designated port is send 

so since the loop guard work on detect bpdu receive then it can config in both root and blk and prevent loop if root or blk not receive bpdu 

MHM 

Go to solution
Martin L
VIP
VIP

‎07-25-2024 05:23 AM

Note that port selection has something to do with the flow of BPDUs; that is one-direction; from Root switch to other switches; Without Loop Guard, port wants to send BPDU in opposite direction; aka "against traffic". The link u provided has pretty good explanation. 

Regards, ML
**Please Rate All Helpful Responses **

0 Helpful

Go to solution
M02@rt37
VIP
VIP

‎07-25-2024 05:28 AM

Hello @Mitrixsen 

While root ports are indeed forwarding in the current active topology, there are scenarios where they could erroneously transition to a forwarding state in an alternate topology. This situation can occur if BPDUs from the root bridge cease to be received, leading the switch to wrongly believe it has lost connectivity to the root bridge in the current topology. If this happens and the root port transitions to forwarding in the alternate topology without BPDUs, a loop could form. Loop Guard on root ports monitors the reception of BPDUs specifically on these ports to prevent such incorrect transitions to forwarding. Therefore, by enabling Loop Guard on root ports, Cisco ensures that these ports remain stable and do not cause unintended loops due to topology changes or failures in BPDUs from the root bridge.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎07-25-2024 10:06 AM

My apologies to @Mitrixsen as I continue to beat a dead horse.

Again, various Cisco STP enhancements imply the inherent deficiencies within STP.

When possible, modern networks should only use STP for precluding accidental L2 loops from taking out a L2 segment.

That said, you may need to know these enhancements for Cisco certifications and/or be stuck supporting an old network.

Also again, some of Cisco's STP enhancements are included in rapid STP variants.  For those enhanced STP config statements, they're no-ops.

0 Helpful
Customers Also Viewed These Support Documents