RE: Consensus

From: Voss, David (dvoss@heidrick.com)
Date: Wed Sep 25 2002 - 21:49:58 GMT-3

• Next message: Balaji Siva: "RE: Consensus"
• Previous message: Chuck Church: "RE: Advice sought on wearing CCIE on sleeve"
• Maybe in reply to: Voss, David: "Consensus"
• Next in thread: Balaji Siva: "RE: Consensus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Root Guard Feature:

So, the way this works, I enable it on one switch so that another switch
cannot become root. For example, on Port 2/4 which hosts vlans 20 and 30, I
set spantree guard root.

SWITCH 1 - PORT 2/4----------------SWITCH 2 (WHICH I DON'T WANT TO BECOME
ROOT FOR VLAN 20 OR 30)

Now that I have enabled root guard on Port 2/4, switch 2 cannot become root
for vlans 20 and 30.

I believe I remember reading that this feature exists because if you add a
switch to a network, you want to ensure that an access switch does not
become ROOT. If you set root guard on your distribution switch, you can
ensure that your STP environment is stable.

Preventing Switches from Becoming the Root Switch
You may want to prevent switches from becoming the root switch. The root
guard feature forces a port to become a designated port so that no switch on
the other end of the link can become a root switch.

When you enable root guard on a per-port basis, it automatically applies to
all of the active VLANs to which that port belongs. When you disable root
guard, it is disabled for the specified port. If a port goes into the
root-inconsistent state, it automatically goes into the listening state.

To prevent switches from becoming root, perform this task in privileged
mode.

Task Command
Step 1
Enable root guard on a port.
set spantree guard {root | none} {mod_num/port_num}
 
Step 2
Verify that root guard is enabled.
show spantree guard {root | none}{mod_num/port_num | vlan}
 

-----Original Message-----
From: Nick Shah [mailto:nshah@connect.com.au]
Sent: Wednesday, September 25, 2002 7:42 PM
To: Voss, David; ccielab@groupstudy.com
Subject: Re: Consensus

Set spantree guard is the ONLY sure shot way.

I am willing to bet my $$$ on this one.

To raise the odds on the bet :)

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_1/config/s
pantree.htm#xtocid2856623

rgds
Nick
----- Original Message -----
From: "Voss, David" <dvoss@heidrick.com>
To: <ccielab@groupstudy.com>
Sent: Thursday, September 26, 2002 9:51 AM
Subject: Consensus

> I've been going through the threads on spanning tree and one thread that
> never had a consensus was how to ensure a switch would "never" become
root.
> There is not a text I have found that addresses this. From what I can
tell,
> one option is to turn off spanning tree completely, the other to set
> priority to 65535. Neither sounds appropriate to me.

• Next message: Balaji Siva: "RE: Consensus"
• Previous message: Chuck Church: "RE: Advice sought on wearing CCIE on sleeve"
• Maybe in reply to: Voss, David: "Consensus"
• Next in thread: Balaji Siva: "RE: Consensus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:44:03 GMT-3