 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
The Spanning Tree Protocol (STP) family is responsible for breaking loops in a network of bridges with redundant links. However, hardware failures can create forwarding loops (STP loops) and cause major network outages. STP breaks loops by blocking ports (interfaces). Errors occur when a blocked port transitions erroneously to a forwarding state.
Ideally, an STP port remains blocked as long as a superior alternate path to the root bridge exists for a connected LAN segment. This designated port is determined by receiving superior bridge protocol data units (BPDUs) from a peer on that port. When other ports no longer receive BPDUs, the STP considers the topology to be loop free. However, if a blocked or alternate port moves into a forwarding state, this creates a loop.
You can configure STP loop protection to improve the stability of Layer 2 networks. STP loop protection enhances the normal checks the STP performs on interfaces by performing a specified action when BPDUs are not received on a non-designated port interface. You can choose to block the interface or issue an alarm when BPDUs are not received on the port. By default (that is, without STP loop protection configured), an interface that stops receiving BPDUs will assume the designated port role and possibly result in an STP loop. You configure STP loop protection to prevent selected interfaces from interpreting the lack of BPDUs as a “false positive” for making the interface the designated port. STP loop protection is enabled for all STP instances on the interface, but blocks or alarms only those instances that stop receiving BPDUs.
To configure STP loop protection, include the bpdu-timeout-action statement with either the block or alarm option for the STP interface:
- [edit protocols]
-
mstp {
-
-
- interface interface-name {
-
bpdu-timeout-action ( block
| alarm );
- }
- }
-
rstp {
-
-
- interface interface-name {
-
bpdu-timeout-action ( block
| alarm );
- }
- }
-
vstp {
-
-
- interface interface-name {
-
bpdu-timeout-action ( block
| alarm );
- }
-
-
vlan vlan-id {
-
- interface interface-name {
-
bpdu-timeout-action ( block
| alarm );
- }
- }
- }
You can configure this statement at the following hierarchy levels:
This example blocks the non-designated RSTP port ge-1/2/0 after the BPDU timeout interval expires:
- [edit protocols]
- rstp {
-
- interface ge-1/2/0 {
- bpdu-timeout-action block;
- }
- }
You must still fully configure the interfaces and RSTP protocol.
You can display the loop protection characteristics on an interface using the show spanning-tree interface command.
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |