Filter
Top Products
652 | Multiple Spanning Tree Protocol
www.dell.com | support.dell.com
Configure a Root Guard
Use the Root Guard feature in a Layer 2 MSTP network to avoid bridging loops.
You enable root guard on a per-port or per-port-channel basis.
To enable a root guard on an MSTP-enabled port or port-channel interface, enter the
spanning-tree mstp
rootguard
command. Refer to STP Root Guard on page 1060 for more information on how to use the root
guard feature.
To disable MSTP root guard on a port or port-channel interface, enter the
no spanning-tree mstp rootguard
command in an interface configuration mode.
To verify the MSTP root guard configuration on a port or port-channel interface, enter the
show
spanning-tree msti [instance-number] guard
command in global configuration mode.
FTOS Behavior: The following conditions apply to a port enabled with root guard:
• Root guard is supported on any MSTP-enabled port or port-channel interface except when used as a
stacking port.
• Root guard is supported on a port in any Spanning Tree mode:
• Spanning Tree Protocol (STP)
• Rapid Spanning Tree Protocol (RSTP)
• Multiple Spanning Tree Protocol (MSTP)
• Per-VLAN Spanning Tree Plus (PVST+)
• When enabled on a port, root guard applies to all VLANs configured on the port.
• Root guard and loop guard cannot be enabled at the same time on an MSTP port. For example, if you
configure loop guard on a port on which root guard is already configured, the following error message is
displayed:
% Error: RootGuard is configured. Cannot configure LoopGuard.
• When used in an MSTP network, if root guard blocks a boundary port in the CIST, the port is also blocked
in all other MST instances.
Task Command Syntax Command Mode
Enable root guard on a port or port-channel interface.
spanning-tree mstp rootguard
INTERFACE
INTERFACE
PORT-CHANNEL