26-2
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 26 Configuring Optional STP Features
About Root Guard
About Root Guard
Spanning Tree root guard forces an interface to become a designated port, to protect the current root
status and prevent surrounding switches from becoming the root switch.
When you enable root guard on a per-port basis, it is automatically applied to all of the active VLANs
to which that port belongs. When you disable root guard, it is disabled for the specified port and the port
automatically goes into the listening state.
When a switch that has ports with root guard enabled detects a new root, the ports enter the
root-inconsistent state. The switch no longer detects a new root and its ports automatically go into the
listening state.
Enabling Root Guard
To enable root guard on a Layer 2 access port (to force it to become a designated port), perform this task:
This example shows how to enable root guard on Fast Ethernet interface 5/8:
Switch(config)# interface fastethernet 5/8
Switch(config-if)# spanning-tree guard root
Switch(config-if)# end
Switch#
This example shows how to verify the configuration:
Switch# show running-config interface fastethernet 5/8
Building configuration...
Current configuration: 67 bytes
!
interface FastEthernet5/8
switchport mode access
spanning-tree guard root
end
Switch#
Command Purpose
Step 1
Switch(config)# interface {{fastethernet |
gigabitethernet | tengigabitethernet} slot/port}
Specifies an interface to configure.
Step 2
Switch(config-if)# [no] spanning-tree guard root
Enables root guard.
Use the no keyword to disable root guard.
Step 3
Switch(config-if)# end
Exits configuration mode.
Step 4
Switch# show spanning-tree
Verifies the configuration.
To Next Page
Loading...
