Re: BPDU & Root Guard from Babatunde Sanda on 2010-07-28 (Ccielab archives 07/2010)

From: Babatunde Sanda <sbabatunde1_at_ca.rr.com>
Date: Wed, 28 Jul 2010 07:07:10 -0700

Tyson,
My understanding is that the root bridge should be planned to be at the center of the network.

When this is planned out and all switches know of each other and who is the root for each vlan through the initial discovery from sending BPDU traffic into the network.

Identifying your central point and protecting it need be done only at this central point with "guard root". You need not go configure "root guard" on other switches except the are acting as roots for other vlans. Hence the initial command "spanning-tree vlan (vlan or range) root primary/secondary ".

Is there something I missed in your thought process please explain.

Thank you

Sanda Babatunde B.Sc (Accounting) CCNP, CCVP, CCNA(R,S,V), MCSA, N+, A+.
Sent from my iPhone

On Jul 28, 2010, at 6:04 AM, "Tyson Scott" <tscott_at_ipexpert.com> wrote:

> root guard should be applied to the edge of your controlled network. So not
> only the root switch but all your downstream switches too. You wouldn't
> want half of your network to disagree on who is root.
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
> Managing Partner / Sr. Instructor - IPexpert, Inc.
> Mailto: tscott_at_ipexpert.com
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Ankur Thakkar
> Sent: Wednesday, July 28, 2010 12:39 AM
> To: Tony claros
> Cc: Cisco certification
> Subject: Re: BPDU & Root Guard
>
> Hi Tony,
>
> Root guard is ideally applied on all the ports of a root bridge so that it
> will not allow any superior BPDU's to demote itself.
>
>
> Rgrds
> Ankur
>
> On Sun, Jul 18, 2010 at 2:46 PM, Tony claros <tonyclaros26_at_gmail.com> wrote:
>
>> Hi
>>
>> When to use BPDU Guard && Root Guard.
>>
>> Condition needs to be applied on SW 2 that it should not become root for
>> any
>> vlan
>> solution : spanning-tree vlan 1-1005 priority 255 ( is this correct )
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> -------------------------
> "Born with a Noble personality is an accident .
> But dying with a Noble personality is an achievement "
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Jul 28 2010 - 07:07:10 ART

This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 19:19:15 ART