Loop Guard

Loop Guard
Loop Guard prevents loops that might develop if a port that should be blocking
inadvertently transitions to the forwarding state. This can happen if the
port stops receiving BPDUs (perhaps because of a unidirectional link or a
software/configuration problem in its neighbor switch). When one of the
ports in a physically redundant topology stops receiving BPDUs, the STP
conceives the topology as loop-free. Eventually, the blocking port becomes
designated and moves to forwarding state, thus creating a loop. With Loop
Guard enabled, an additional check is made.
If no BPDUs are received on a blocked port for a specific length of time.
Loop Guard puts that port into “loop inconsistent” blocking state, rather than
transitioning to forwarding state. Loop Guard should be enabled on all
switch ports that have a chance of becoming root or designated ports. It is
most effective when enabled in the entire switched network in conjunction
with UDLD.
To enable Loop Guard for all point-to-point links on the switch, use the
following command:
(config)# spanning-tree loopguard default
To enable Loop Guard on a specific interface, use the following:
(config-if)# spanning-tree guard loop
Loop Guard automatically re-enables the port if it starts receiving BPDUs
again.