[c-nsp] Loop guard and Bridge Assurance
Lincoln Dale
ltd at cisco.com
Thu Nov 26 21:58:43 EST 2009
On 27/11/2009, at 8:14 AM, samuel vuillaume wrote:
> Can someone see a benefit of bridge assurance instead of using loop guard? I
> understand what BA does, but i can't see any benefits over loop guard.
there are a few scenarios where LoopGuard would not be effective at detecting loops and/or unidirectional links.
- can only be enabled on root & alternate ports. it CANNOT run on 'designated ports'.
- ineffective at detecting a port that has been unidirectional since link-up.
Bridge Assurance (BA) is effective at mitigating those remaining scenarios that LoopGuard could not.
BA works because it turns STP into operating more like a routing protocol where BPDUs now go both ways on a given link verifying device health/awareness / lack of braindeadness.
i.e. it turns STP from traditional "fail open" behavior to "fail closed".
compare figure 1 to figure 3 in
<http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_2/nx-os/layer2/configuration/guide/Cisco_Nexus_7000_Series_NX-OS_Layer_2_Switching_Configuration_Guide_Release_4.2_chapter7.html#con_1285149>
and it should be clear.
cheers,
lincoln.
More information about the cisco-nsp
mailing list