Advanced STP Tuning - Additional STP Protection Mechanisms

12 important questions on Advanced STP Tuning - Additional STP Protection Mechanisms

Name 4 common scenarios causing Layer 2 Forwarding loops.

1. STP Disabled on a switch
2. Misconfigured Load Balancer sending traffic out multiple interfaces with the same MAC address
3. A misconfigured Virtual Switch that bridges to physical ports.
4. End users using a dumb network switch or hub.

Root Guard puts a port in an ErrDisabled state when a superior BPDU is received on it.
What is Root Guard used for? And what does it prevent by putting the port in an ErrDisabled state

1.  When it receives a superior BPDU on a Designated Port it prevents it from becoming an Root Port.
2. It prevents a downstream switch of becoming the Root Bridge.

What are the two main features of STP Portfast

1. It disables TCN creation on access ports
2. It bypasses the 802.1D states of listening and learning and starts forwarding right away.

BPDU Guard shuts ports down configured with STP Portfast when a BPDU is received on it. As Portfast already disables Portfast on the port in this case, what value does this add?

This ensures a loop cannot be accidentally created because an unauthorized switch is added to the topology.

On which interfaces is BPDU Guard typically configured?

BPDU Guard is typically configured on host facing ports that are enabled with portfast.

A BPDU Guard ErrDisabled port is not automatically restored. The Error Recovery Service can be used to do this, reducing administrative overhead. How is this configured? And how long does it ERS take to restore the port.

1. The command "Errdisable recovery cause bpduguard" in general config context.
2. By default ERS runs every 300 seconds. Can be changed to 5 to 86400 seconds.

BPDU Filter prevents ports from sending out BPDUs. What is the difference between the Global and Interface configuration commands

With the Global command, the ports sends a series of 10 to 12 BPDUs and check if it receives any.

STP Loop Guard prevents Alt or Root ports from becoming Designated Ports when?

There is a loss of BPDUs on the Root port.

Unidirectional Link Detection is used for?

Bi-directional monitoring of fiber-optic cables.

How does UDLD monitoring work?

The switch sends packets with it's System ID and Port ID of the interface transmitting the UDLD packets. The receiving device repeats that information and includes it's own System ID and Port ID.
It needs to be enabled on both switches.

What are the 2 UDLD modes?

1. Normal (If a frame is not acknowledged, the link is considered undetermined and the port remains active)
2. Aggressive (If a frame is not acknowledged, another 8 packets in 1 second intervals are send. If those are not acknowledged the port is placed in an error state.

What is the difference between Root Guard and BPDU Guard?

BPDU Guard is meant to be used on Portfast enabled Edge ports. It shuts down the port when any BPDU's are received and is not recovered automatically, unless configured to do so.

Root Guard is meant to be used on designated ports towards non-root switches to prevent them becoming Root ports. It blocks the port only when superior BPDU's are received and automatically recovers when this stops.

The question on the page originate from the summary of the following study material:

  • A unique study and practice tool
  • Never study anything twice again
  • Get the grades you hope for
  • 100% sure, 100% understanding
Remember faster, study better. Scientifically proven.
Trustpilot Logo
  • Higher grades + faster learning
  • Never study anything twice
  • 100% sure, 100% understanding
Discover Study Smart