Enabling root guard, Setting the root guard timeout period, Checking if root guard is configured – Brocade Multi-Service IronWare Switching Configuration Guide (Supporting R05.6.00) User Manual

Multi-Service IronWare Switching Configuration Guide

323

53-1003036-02

IEEE 802.1D Spanning Tree Protocol (STP)

12

Enabling Root Guard

Root Guard is configured on a per interfaces basis. To enable Root Guard, enter a command such
as the following.

Brocade(config)# interface ethernet 5/5

Brocade(config-if-e10000-5/5) spanning-tree root-protect

Syntax: [no] spanning-tree root-protect

Enter the no form of the command to disable Root Guard on the port.

Setting the Root Guard timeout period

To configure the Root Guard timeout period globally, enter a command such as the following.

Brocade(config)# spanning-tree root-protect timeout 120

Syntax: [no] spanning-tree root-protect timeout timeout in seconds

The timeout in seconds parameter allows you to set the timeout period. The timeout period may be
configured to anything between 5 and 600 seconds. Default is 30 seconds.

Checking if Root Guard is configured

To determine if Root Guard is configured, enter the following command.

Brocade#show interface ethernet 1/4

10GigabitEthernet1/4 is up, line protocol is up

STP Root Guard is enabled, STP BPDU Guard is disabled

Syntax: show interface ethernet slot/port

Displaying the Root Guard state

To display the Root Guard state, enter the show spanning-tree root-protect command.

Brocade#show spanning-tree root-protect

Port VLAN Current State

13/6 3 Consistent state

13/9 2 Inconsistent state (29 seconds left on timer)

Syntax: show spanning-tree root-protect

Reconfiguring the timeout period

The timeout period timer is activated whenever a port encounters a superior BPDU, which then
results in a Root Guard violation. If the timeout period is reconfigured while a timer is in use, the
timer on that port is set to the new timeout period, minus the time elapsed since the superior BPDU
was received.