<div>
so to be in the safe side :<br />
&nbsp;ROOTGUARD should be configured on the Core switches interfaces facing Distributed Switches and also configured on the Distributed Switches Interfaces facing Access Switches
</div>


so to be in the safe side :
 ROOTGUARD should be configured on the Core switches interfaces facing Distributed Switches and also configured on the Distributed Switches Interfaces facing Access Switches

<div>
Yes. &nbsp;<br />
<br />
In that scenario, rootguard is to protect you from yourself. ;-)
</div>


Yes.  

In that scenario, rootguard is to protect you from yourself. ;-)

<div>
Thanks Don,<br />
<br />
In Access Switch, BPDUGUARD should be enough , no need for Root Guard . Correct &nbsp;?
</div>


Thanks Don,

In Access Switch, BPDUGUARD should be enough , no need for Root Guard . Correct  ?

<div>
Yes. &nbsp;That is correct.
</div>


<div>
<div class="content wysiwyg-content">
Is BPDUGUARD enough to avoid ROOTGUARD ?<br />
<br />
I have read in some articles where they stated that ROOTGUARD should be configured on the Core switches interfaces facing Distributed Switches and also configured on the Distributed Switches Interfaces facing Access Switches, this in order to prevent Bad Guy from connecting a new Switch configured with Lower Priority than existing switches or configured with Root Primary command then connected to Access Switches.<br />
<br />
I thought when configuring BPDUGUARD on Access Switches will be enough, because no other Switch can be connected to Access Switches, and when connected the port will go in Shutdown (err-disabled)<br />
<br />
Any clarification will be appreciated.<br />
<br />
Thanks
</div>
</div>


Is BPDUGUARD enough to avoid ROOTGUARD ?

I have read in some articles where they stated that ROOTGUARD should be configured on the Core switches interfaces facing Distributed Switches and also configured on the Distributed Switches Interfaces facing Access Switches, this in order to prevent Bad Guy from connecting a new Switch configured with Lower Priority than existing switches or configured with Root Primary command then connected to Access Switches.

I thought when configuring BPDUGUARD on Access Switches will be enough, because no other Switch can be connected to Access Switches, and when connected the port will go in Shutdown (err-disabled)

Any clarification will be appreciated.

Thanks

Is BPDUGUARD enough to avoid ROOTGUARD ?

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Switches / Hubs

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.