View Only


This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

  • 1.  Spanning Tree Bridge Assurance

    Posted 10-13-2017 08:01

    Hellow Everyone,


    Does Juniper have the same features as spanning bridge assurance?



  • 2.  RE: Spanning Tree Bridge Assurance
    Best Answer

    Posted 10-13-2017 08:24

    Short answer no (I believe).


    Long answer is that (I believe) this is Cisco proprietary extension to STP, and is not part of the 802.1d/STP standard:


    [from Cisco doc]  Bridge Assurance is supported only by Rapid per VLAN Spanning Tree Plus (Rapid PVST+) and Multiple Spanning Tree (MST).  Legacy 802.1D spanning tree does not support Bridge Assurance.


    I do not believe Juniper or any other vendor could implement this without paying Cisco royalties, if Cisco would even license it.  I believe STP Assurance is a combination of the following:


    • UDLD – Uni-Directional Link Detection puts unidirectional links into blocking state and prevents forwarding loops.
    • BPDU Guard – disables ports that receive a BPDU frame; useful for edge ports that should never be connected to another switch.
    • Loop Guard – Protects against ports where the link becomes unidirectional.  It operates differently than the UDLD function.
    • Root Guard – Prevents a port from becoming a root port or a blocked port.
    • EtherChannel Guard – Prevents inconsistent configuration of EtherChannel that creates loops between two switches.
    • Bridge Priority – Defines the root bridge in an STP domain.

    UDLD and Loop Guard and EtherChannel Guard are all Cisco proprietary feature/functions so same comment as above.  Juniper does support all the other 'standard' STP feature/function in this list, namely BPDU Guard, Root Guard and Bridge Priority.


    I think the bigger question might be, why use STP in first place, especially with Juniper equipment.  Network designs using STP went out of favor (outside of Cisco) 10 years ago - there are many other better alternatives with today's network devices.


    Hope this may help you.  i don't claim 100% accuracy, especially when discussing Cisco features, but I believe most of this is factual.  If not I assume someone else with better knowledge will correct me -:)



  • 3.  RE: Spanning Tree Bridge Assurance

    Posted 11-27-2017 09:01

    Just stumbled onto this . . .


    Fundamentally, Bridge Assurance is a modification to RSTP wherein both sides send BPDUs to each other.  Unlike 802.1d, RSTP bridges always send BPDUs on their designated ports, regardless of whether or not the bridge received a BPDU from the root.  Bridge Assurance changes this so the non-designated bridge also sends a BPDU.  It becomes a "hello" mechanism between the two bridges.  If one side stops receiving BPDUs, it blocks on that port in case the port became unidirectional.


    It's a cool feature, but if not well-understood you can cause ports to block in the wrong places.  We don't use it.