Ensure Spanning-Tree Topology Integrity in an Engineering Environment
Question
An architect is designing a network that will utilize the spanning tree protocol to ensure a loop-free topology.
The network will support an engineering environment where it is necessary for end-users to connect their own network switches for testing purposes.
Which feature should the architect include in the design to ensure the spanning-tree topology is not affected by these rogue switches?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D.
When designing a network that will utilize the Spanning Tree Protocol (STP), it is important to consider the potential impact of rogue switches that end-users may connect. These switches can create loops in the network that can disrupt the STP topology and cause network performance issues.
To prevent these issues, the architect should include a feature in the design that can protect the STP topology from rogue switches. The following features can help achieve this goal:
A. BPDU Skew Detection: BPDU Skew Detection is a feature that detects when there is a time difference between the arrival of BPDUs (Bridge Protocol Data Units) on different ports of a switch. If the time difference exceeds a predefined threshold, the switch considers the BPDUs to be invalid and takes action to prevent the rogue switch from affecting the STP topology. However, this feature alone may not be sufficient to protect against rogue switches, as it only detects time differences and does not prevent the rogue switch from sending BPDUs.
B. BPDU Guard: BPDU Guard is a feature that can be used to protect against rogue switches by disabling the port on which the rogue switch is connected if a BPDU is received on that port. This prevents the rogue switch from sending BPDUs and disrupting the STP topology. BPDU Guard can be configured on a per-port basis or globally for all ports on a switch. This feature is recommended for ports that are not expected to have any switches connected to them.
C. Loop Guard: Loop Guard is a feature that helps to prevent loops in the network caused by changes in the STP topology. It works by monitoring the consistency of the STP topology on a per-port basis. If a port stops receiving BPDUs, Loop Guard puts the port into a loop-inconsistent state, preventing the port from participating in the STP topology until BPDUs are received again. While Loop Guard is not specifically designed to protect against rogue switches, it can help prevent loops caused by changes in the STP topology.
D. Root Guard: Root Guard is a feature that can be used to protect against rogue switches by preventing them from becoming the root bridge of the STP topology. It works by designating a port as a Root Guard port, which blocks BPDUs from any switch that tries to become the root bridge through that port. This prevents the rogue switch from affecting the STP topology by becoming the root bridge. Root Guard can be configured on a per-port basis or globally for all ports on a switch.
In conclusion, the best feature to protect against rogue switches in a network utilizing the STP protocol would be BPDU Guard. While other features like BPDU Skew Detection, Loop Guard, and Root Guard can also help protect against rogue switches, BPDU Guard specifically disables ports where rogue switches are detected, preventing them from disrupting the STP topology.
