The Switch’s Domain

Understanding Loopguard

  • Stops loops caused by unidirection link failures

  • Example:

    • A is root bridge

    • Link between B and C is blocked (at B)

    • Link between B and C goes unidirectional

    • B releases the block, one-way loop occurs

  • Loopguard should be enabled (per-port) on all switch uplinks

Switch(config-if)#spanning-tree guard loop
Switch(Config)#spanning-tree loopguard default

Understanding UDLD

  • Different from loopguard, but from the same goal

  • Designed specifically for fiber

  • Sends a “Layer 2 ping” between neighbors

  • Supports normal and aggressive (preferred) mode

  • Cisco recommends use both!

switch(config)#udld <enable/aggressive>
switch(config-if)#udld port <aggressive>
switch#udld reset

Supervisor Redundancy Mechanisms

  • Stateful Switchover (SSO)

    • Lightning quick failover between supervisor engines

    • Sync’s startup, running, L2 (MAC) and L3 (FIB) tables, ACLs

  • Cisco Non-Stop Forwarding (NSF)

    • Forwards traffic with CEF

    • Supports with EIGRP, OSPF, IS-IS, and BGP

Designing the Network

  • Use local VLANs

  • Set up HSRP intuitively for active VLANs

  • Match STP root to active HSRP gateway