If we ignore topology inefficiency noted by Syed and assume that Rx represents Switchx and not Routerx. Then we may enable rootguard on R1 & R2s' non-root ports(also it should not be enabled on the ports connecting R1 to R2).
On Mon, Nov 14, 2011 at 12:06 PM, Amit Jp <[email protected]>wrote: > HI Adam and Syed, > > thanks for the prompt reply... > now here i have a Diagram > > > R1--------R 3-__ > | | __ __ R5 R3 and R4 is connected to R5 > | | _ > R2--------R4- > I want R5 to be the root Bridge. > > now should i apply the root guard command. Kindly explain in more detail > > > Thanks!! > On Mon, Nov 14, 2011 at 3:18 PM, Adam Booth <[email protected]> wrote: > > > Hi Amit, > > > > In the document you indicate, it's placed on Switch C on the interface > > facing Switch D - Switch C is not the root bridge though. > > > > Place rootguard on any interface you don't want to receive superior BPDUs > > from but still expect to be involved in the STP topology (otherwise you > > could take other protective measures such as bpdufiltering however if > that > > peer device also has another connection into your switching domain and > > could introduce a bridging loop). > > > > Simply described, rootguard prevents a new device (typically outside of > > your administrative control) from influencing the placement of the > > rootbridge in the network which could provide a sub-optimal topology in > > your network by moving the port with the new device claiming it should be > > the root bridge into a root inconsistent state until it stops sending > BPDUs > > that are superior to the current root, at which state it becomes a > regular > > STP interacting port. > > > > Cheers, > > Adam > > > > > > On Mon, Nov 14, 2011 at 7:19 PM, Amit Jp <[email protected] > >wrote: > > > >> Hi, > >> > >> > >> I need to knwo where exactly should the root guard should be > configured. I > >> feel it should always be on Root Switch . > >> > >> And if not kindly explain with a diagram . > >> I have this Link( > >> > >> > http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml > >> ) > >> but i am still confused abt it. What should go wrong if i have this > >> commmand on Root Swtich. > >> _______________________________________________ > >> For more information regarding industry leading CCIE Lab training, > please > >> visit www.ipexpert.com > >> > >> Are you a CCNP or CCIE and looking for a job? Check out > >> www.PlatinumPlacement.com <http://www.platinumplacement.com/> > >> > > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > -- -- Olugbenga Oyebande MD, DAIT 234-803-302-5287 http://www.dait-ng.com Cisco Unified Network, VPN DAIT Enterprise Network Servers Broadband Internet Deployment & ISP Consultancy _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
