beautypg.com

Enabling loop guard, Rstp, Mstp – H3C Technologies H3C S12500-X Series Switches User Manual

Page 105: Mstp features

background image

94

region during network design. However, due to possible configuration errors or malicious attacks in the

network, the legal root bridge might receive a configuration BPDU with a higher priority. Another device
supersedes the current legal root bridge, causing an undesired change of the network topology. The

traffic that should go over high-speed links is switched to low-speed links, resulting in network

congestion.
To prevent this situation, MSTP provides the root guard function. If the root guard function is enabled on
a port of a root bridge, this port plays the role of designated port on all MSTIs. After this port receives a

configuration BPDU with a higher priority from an MSTI, it immediately sets that port to the listening state

in the MSTI, without forwarding the packet. This is equivalent to disconnecting the link connected with

this port in the MSTI. If the port receives no BPDUs with a higher priority within twice the forwarding delay,
it reverts to its original state.
On a port, the loop guard function and the root guard function are mutually exclusive.
Configure root guard on a designated port.
To enable root guard:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter Layer 2 Ethernet or

aggregate interface view.

interface interface-type interface-number

N/A

3.

Enable the root guard
function.

stp root-protection

By default, root guard is
disabled.

Enabling loop guard

By continuing to receive BPDUs from the upstream device, a device can maintain the state of the root port

and blocked ports. However, link congestion or unidirectional link failures might cause these ports to fail
to receive BPDUs from the upstream devices. The device reselects the port roles: Those ports in forwarding

state that failed to receive upstream BPDUs become designated ports, and the blocked ports transit to the

forwarding state, resulting in loops in the switched network. The loop guard function can suppress the

occurrence of such loops.
The initial state of a loop guard-enabled port is discarding in every MSTI. When the port receives BPDUs,
it transits its state. Otherwise, it stays in the discarding state to prevent temporary loops.
Do not enable loop guard on a port that connects user terminals. Otherwise, the port stays in the

discarding state in all MSTIs because it cannot receive BPDUs.
On a port, the loop guard function is mutually exclusive with the root guard function or the edge port
setting.
Configure loop guard on the root port and alternate ports of a device.
To enable loop guard:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter Layer 2 Ethernet or

aggregate interface view.

interface interface-type interface-number

N/A

This manual is related to the following products: