This situation can be prevented by enabling the Root Guard feature. For
example, you could enable Root Guard on SP-side switch interfaces that connect to a customer-side switch.
With the Root Guard feature implemented, if a switch outside the SP network becomes the root switch, the
interface is put in a blocked state, and spanning tree will select a new root switch. The customer's switch does
not become the root switch and is not in the path to the root.
With the Root Guard feature, a Layer 2 interface is set as the designated port, and if any device through this
port becomes the root bridge, the interface is placed into the blocked (root-inconsistent) state. The Root Guard
feature can be enabled by using the spanning-tree guard root command in interface configuration mode.
EtherChannel Guard
The EtherChannel Guard feature is used to detect EtherChannel misconfigurations between the switch and a
connected device. An example of a misconfiguration is when the channel parameters are not identical and do
not match on both sides of the EtherChannel. Another example could be when only one side is configured with
channel parameters. EtherChannel parameters must be the same on both sides for the guard to work.
Pages:
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188