Configuring Loop Prevention on AOS-CX

Loop prevention provides protection against infinite loops by transmitting loop protocol packets out of the switch ports. You can enable loop prevention by configuring one of the following methods:

• Loop protection at the interface level (ports, LAGs).

  Loop protection at the interface level:

  • can find loops by sending loop protection packets on each port or LAGLink Aggregation Group . A LAG combines a number of physical ports together to make a single high-bandwidth data path. LAGs can connect two switches to provide a higher-bandwidth connection to a public network. on which loop protection is enabled.
  • is useful when spanning tree protocols cannot prevent loops at the edge of the network.
  • can be used to find loops in untagged layer 2 links and on tagged VLANsVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN..
  • can be configured either when the spanning tree protocol is configured on the interfaces or not.
• Spanning tree protocol at both global and interface level.

  Spanning tree protocols such as MSTPMultiple Spanning Tree Protocol. MSTP configures a separate Spanning Tree for each VLAN group and blocks all but one of the possible alternate paths within each spanning tree. and RPVST help prevent loops in networks by blocking redundant links.

Loop protection and spanning tree are always disabled by default on AOS-CX switches. To configure loop protection and spanning tree for switches provisioned in the UI groups, complete the following steps:

1. In the Network Operations app, select one of the following options:
   • To select a group in the filter:
     1. Set the filter to a group.
        

        The dashboard context for the group is displayed.

     2. Under Manage, click Devices > Switches.
     3. Click the AOS-CX or Config icon to view the AOS-CX switch configuration dashboard.
   • To select a switch:
     1. Set the filter to Global or a group containing at least one switch.
     2. Under Manage, click Devices > Switches.
        

        A list of switches is displayed in the List view.

     3. Click an AOS-CX switch under Device Name.
        

        The dashboard context for the switch is displayed.

     4. Under Manage, click Device.
        

        The AOS-CX UI configuration page is displayed.

2. Click Bridging > Loop Prevention. The Loop Prevention page is displayed.

   The Ports table displays the following information:

   Table 1: Information in the Ports Table

   Column	Description
   Number	Port number or the name of the LAG.
   Description	Description of the port or LAG interface that you configure on the Ports & Link Aggregations page.
   LAG Members	List of port numbers that are grouped to form the LAG.
   Loop Protection	Displays whether loop protection is enabled or disabled for that interface.

3. To enable spanning tree, move the Spanning Tree toggle switch to the on position.

    Configure the following parameters:

   • Mode—Select MSTP from the drop-down list.

     You can configure various MSTP parameters for the ports in the switches.

     You cannot select RPVST from the Mode drop-down. To configure RPVST mode for spanning tree, you must use Edit Config in the MultiEdit mode and configure using the CLI commands.

     However, after configuring the mode as RPVST, if you want to change the mode to MSTP, you can select MSTP in the Mode drop-down.

   • Priority—Priority of the UI group.

     At the group level, the priority is listed in multiples of 4096. A range from 0 to 61440 is supported. The default value is 32768.

4. To configure MSTP parameters for ports, select the row(s) in the Ports table and click the edit icon.

   The Loop Prevention page is displayed with the following parameters.

   Table 2: MSTP Parameters for Ports and LAGs

   Parameters	Description
   Loop Protection	Move the toggle switch to enable or disable loop protection on the interfaces.
   Spanning Tree
   Priority	A number used to identify the root bridge in an STPSpanning Tree Protocol. STP is a network protocol that builds a logical loop-free topology for Ethernet networks. instance. The priority is listed in multiples of 16 in the drop-down. The priority ranges from 0 to 240. The default priority is 128. The switch with the lowest value has the highest priority and is considered the root bridge. A higher numerical value means a lower priority; thus, the highest priority is 0.
   BPDU Protection	Security feature used to protect the active STP topology by preventing manipulated BPDUBridge Protocol Data Unit. A BPDU is a data message transmitted across a local area network to detect loops in network topologies. packets from entering the STP domain. Select the check box to enable BPDU protection on the interface.
   BPDU Filter	Enables control of STP participation for each port. The feature can be used to exclude specific ports from becoming part of STP operations. A port or LAG with the BPDU filter enabled ignores incoming BPDU packets and stays locked in the STP forwarding state. Select the check box to enable BPDU filter on the interface.
   Admin-Edge	Configures the interface in the forwarding state. Select the check box to enable Admin edge on the interface. NOTE: If Admin edge is not configured on the switch, the default port type is admin-network.
   Root Guard	Configures the interface to prevent from being configured as a root port when it receives superior STP BPDUs. Select the check box to enable root guard on the interface.

5. To save the changes, click Apply.