Siemens S323 Manuale Utente
User Manual UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5
SURPASS hiD 6615 S223/S323 R1.5
A50010-Y3-C150-2-7619 219
8.3.7 Root
Guard
The standard STP does not allow the administrator to enforce the position of the root
bridge, as any bridge in the network with lower bridge ID will take the role of the root
bridge. Root guard feature is designed to provide a way to enforce the root bridge place-
ment in the network. Even if the administrator sets the root bridge priority to zero in an ef-
fort to secure the root bridge position, there is still no guarantee against bridge with prior-
ity zero and a lower MAC address.
bridge, as any bridge in the network with lower bridge ID will take the role of the root
bridge. Root guard feature is designed to provide a way to enforce the root bridge place-
ment in the network. Even if the administrator sets the root bridge priority to zero in an ef-
fort to secure the root bridge position, there is still no guarantee against bridge with prior-
ity zero and a lower MAC address.
Switch A
Switch B
Root Switch
Root Guard
Configuration
Service provider
Customer
Fig. 8.25
Root Guard
Software-based bridge applications launched on PCs or other switches connected by a
customer to a service-provider network can be elected as root switches. If the priority of
bridge B is zero or any value lower than that of the root bridge, device B will be elected as
a root bridge for this VLAN. As a result, network topology could be changed. This may
lead to sub-optimal switching. But, by configuring root guard on switch A, no switches be-
hind the port connecting to switch A can be elected as a root for the service provider’s
switch network. In which case, switch A will block the port connecting switch B.
customer to a service-provider network can be elected as root switches. If the priority of
bridge B is zero or any value lower than that of the root bridge, device B will be elected as
a root bridge for this VLAN. As a result, network topology could be changed. This may
lead to sub-optimal switching. But, by configuring root guard on switch A, no switches be-
hind the port connecting to switch A can be elected as a root for the service provider’s
switch network. In which case, switch A will block the port connecting switch B.
To configure Root-Guard, use the following command.
Command Mode
Description
stp pvst root-guard
VLAN-RANGE PORTS
Configures Root Guard on PVST network.
stp mst root-guard
MSTID-RANGE PORTS
Configures Root Guard on MST network.
no stp pvst root-guard
VLAN-RANGE PORTS
no stp mst root-guard
MSTID-RANGE PORTS
Bridge
Disables Root Guard.
8.3.8 Restarting
Protocol Migration
There are two switches which configured as STP and RSTP. Usually, in this case, STP
protocol is used between two switches. But if someone configures the STP switch to
RSTP mode, what happens? Because the RSTP switch already received STP protocol
packet, the two switches still can work with STP mode even though RSTP is enabled at
both. If you enable this command, the switch checks STP protocol packet once again.
protocol is used between two switches. But if someone configures the STP switch to
RSTP mode, what happens? Because the RSTP switch already received STP protocol
packet, the two switches still can work with STP mode even though RSTP is enabled at
both. If you enable this command, the switch checks STP protocol packet once again.