15-20
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
OL-10101-02
Chapter 15 Configuring Optional Spanning-Tree Features
Configuring Optional Spanning-Tree Features
After the configuration is corrected, enter the shutdown and no shutdown interface configuration
commands on the port-channel interfaces that were misconfigured.
Enabling Root Guard
Root guard enabled on an interface applies to all the VLANs to which the interface belongs.
Do not enable the root guard on interfaces to be used by the UplinkFast feature. With UplinkFast, the
backup interfaces (in the blocked state) replace the root port in the case of a failure. However, if root
guard is also enabled, all the backup interfaces used by the UplinkFast feature are placed in the
root-inconsistent state (blocked) and are prevented from reaching the forwarding state.
Note You cannot enable both root guard and loop guard at the same time.
You can enable this feature if your switch is running PVST+, rapid PVST+, or MSTP.
Beginning in privileged EXEC mode, follow these steps to enable root guard on an interface. This
procedure is optional.
To disable root guard, use the no spanning-tree guard interface configuration command.
Enabling Loop Guard
You can use loop guard to prevent alternate or root ports from becoming designated ports because of a
failure that leads to a unidirectional link. This feature is most effective when it is configured on the entire
switched network. Loop guard operates only on ports that are considered point-to-point by the spanning
tree.
Note You cannot enable both loop guard and root guard at the same time.
You can enable this feature if your switch is running PVST+, rapid PVST+, or MSTP.
Beginning in privileged EXEC mode, follow these steps to enable loop guard. This procedure is optional.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Specify an interface to configure, and enter interface configuration mode.
Step 3
spanning-tree guard root Enable root guard on the interface.
By default, root guard is disabled on all interfaces.
Step 4
end Return to privileged EXEC mode.
Step 5
show running-config Verify your entries.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.