Foundation Summary

The Foundation Summary is a collection of information that provides a convenient review of many key concepts in this chapter. If you are already comfortable with the topics in this chapter, this summary could help you recall a few details. If you just read this chapter, this review can help solidify some key facts. If you are doing your final preparation before the exam, these tables and figures are a convenient way to review the day before the exam.

With so many similar and mutually exclusive STP protection features available, you might have a hard time remembering which ones to use where. Use Figure 10-1 as a quick reference.

Figure 10-1 Guidelines for Applying STP Protection Features in a Network

Figure 10-1 Guidelines for Applying STP Protection Features in a Network

Micro Motion What Type Meter

Root guard: Apply to ports where root is never expected.

BPDU guard: Apply to all user ports where PortFast is enabled.

Root guard: Apply to ports where root is never expected.

BPDU guard: Apply to all user ports where PortFast is enabled.

Loop guard: Apply to nondesignated ports but okay to apply to all ports.

UDLD: Apply to all fiber-optic links between switches (must be enabled on both ends).

Permissible combinations on a switch port: Loop guard and UDLD Root guard and UDLD

Not permissible on a switch port:

Root guard and Loop guard Root guard and BPDU guard

Figure 10-1 shows two backbone switches (Catalyst A and B), along with an access-layer switch (Catalyst C), with redundant uplinks. Users are connected to the access switch, where PortFast is in use. An additional access switch (Catalyst D) has an uplink to access-layer switch C. All switch-to-switch links are fiber-based Gigabit Ethernet. Obviously, a Root Bridge never should appear out of Catalyst D.

Table 10-3 STP Protection Configuration Commands

Task

Global Command Syntax

Interface Command Syntax

Enable root guard

Switch(config-if)# spanning-tree guard root

Enable BPDU guard

Switch(config)# spanning-tree portfast bpduguard default

Switch(config-if)# spanning-tree bpduguard enable

Enable loop guard

Switch(config)# spanning-tree loopguard default

Switch(config-if)# spanning-tree guard loop

Enable UDLD

Switch(config)# udld {enable I aggressive I message time seconds}

Switch(config-if)# udld {enable I aggressive I disable}

Enable BPDU filtering

Switch(config)# spanning-tree bpdufilter default

Switch(config-if)# spanning-tree bpdufilter enable

Table 10-4 STP Protection Activity Commands

Task

Command Syntax

Look for ports that have been put in an inconsistent state

Switch# show spanning-tree inconsistentports

Display the global BPDU guard, BPDU filter, and loop guard states

Switch# show spanning-tree summary

Show UDLD status

Switch# show udld [type mod/num]

Re-enable all ports that UDLD has errdisabled

Switch# udld reset

Was this article helpful?

0 0

Post a comment