Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

Loop Protect Port Modes

Ports work in two Loop Protect operational modes.
  • If the port has the partner loop protect as capable then it works in full functional mode.
  • If the port has the partner loop protect as incapable then it works limited functional mode.

In full mode, when RSTP/MSTP (Multiple Spanning Tree Protocol) BPDUs is received in point-to-point link and the port is designated, a Loop Protect timer is set to 3 times hello time, when this timer expires then port will be moved to blocking state. Limited mode adds a further requirement that the flags field in the BPDU indicates a root role.

Message age expiration and the expiration of the Loop Protect timer are both events for which Loop Protect generates traps and a debug message. In addition, user can configure Loop Protect to forcefully disable port when one or more events occur. When the configured number of events happens within a given window of time, the port will be forced into disable and held there until you manually unlock it.

The following example shows the loop due to the misconfiguration in STP (Spanning Tree Protocol):

Switch 1 Elected as Root shows that Switch 1 is elected as Root. Switch 2 and Switch 3 elect the root port. Switch3‘s port connected to Switch2 is elected as Alternate port and it is port state is in blocking state.
Click to expand in new window
Switch 1 Elected as Root
GUID-B771D441-0040-46C9-B974-52B6F09F9783-low.png
STP Disabled on Switch 2 shows that if the user accidentally disables the STP on Switch 2 port connected to Switch 3, Switch 2 will stop sending the BDPU to Switch 3 since STP is disabled. Switch 3 assumes that neighbor is down and it changes the port to forwarding state which will eventually create a loop.
Click to expand in new window
STP Disabled on Switch 2
GUID-A8357E9D-F804-45AA-9677-2B9AC52FB25C-low.png
Loop Protect Enabled shows that, with loop protect enabled switch 3 will not go to forwarding state until it receives a BPDU from switch 2 and the port state will be in discarding state.
Click to expand in new window
Loop Protect Enabled
GUID-5CDBDDDD-0BF9-4866-BB59-3B82C3AE72B3-low.png
When the Loop protect feature is enabled:
  • On a Point-to-point Link, BPDU must be received before going to Forwarding state.
  • If a BPDU timeout occurs on a port, its state becomes DISCARDING until a BPDU is received.
  • When a root or alternate port loses its path to the root bridge due to a message age expiration it takes on the role of designated port. It will not forward traffic until a BPDU is received.
  • When a port is intended to be the designated port in a point-to-point link it constantly proposes and will not forward until a BPDU is received, and will revert to discarding if it fails to get a response.
  • If the partner is not Loop Protect Capable (Alternate Agreement not supported), designated port will not be allowed to forward unless receiving agreements from a port with root role.
  • Legacy Spanning Tree (802.1d) or shared media devices should be connected in a non-redundant fashion to avoid the possibility of looping.

You can enable the port by giving the command enable port port-list.

Published March 2020prev | next

Email this topicEmail this topic

Print this pagePrint this page