The spanning tree protocol is used to avoid loop while creating some form of redundancy on a switched network. Having spanning tree configured on your network ensures that users can easily find alternate paths and stay up in event of link or hardware failure. The spanning tree protocol with all its good intentions, has the potential to become a nightmare if not properly implemented. In this post, we will be looking at the spanning tree root guard feature and how it can be used.
The spanning tree root bridge selection process involves the selection of the root bridge by comparing the priority values and the mac addresses of the switches involved. Participating switches who are members of the same VLAN will have their priority values checked. The switch with the lowest priority value for that vlan, becomes the root bridge. Where the switches are tied on priority values, the switch with the lowest mac address, becomes the root bridge. Once the root bridge has been selected, the need for spanning tree root guard then arises.
The spanning tree root guard feature is used to prevent a switch from becoming the root bridge in the event that the root bridge fails. To further appreciate its usefulness, imagine a network of four connected switches. One of the switches is a legacy switch with very little amount of memory and processor power. You certainly do not want your entire LAN traffic going through this switch to the gateway. To ensure this does not happen, the spanning tree root guard featured must be used.
Enabling spanning tree root guard is quite simple and straight forward. To enable it on a switch port, enter the commands below:
The above commands will ensure that a switch connected to port f0/1 will not become the root bridge. It is worthy of note that the commands were not entered on the switch that is to be prevented from becoming the root. The commands were configured on a port on a switch on which the device we do not want to become the root bridge is connected.