View Only
last person joined: 3 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  Spanning Tree Bridge Assurance

    Posted 10-13-2017 08:01

    Hellow Everyone,


    Does Juniper have the same features as spanning bridge assurance?



  • 2.  RE: Spanning Tree Bridge Assurance
    Best Answer

    Posted 10-13-2017 08:24

    Short answer no (I believe).


    Long answer is that (I believe) this is Cisco proprietary extension to STP, and is not part of the 802.1d/STP standard:


    [from Cisco doc]  Bridge Assurance is supported only by Rapid per VLAN Spanning Tree Plus (Rapid PVST+) and Multiple Spanning Tree (MST).  Legacy 802.1D spanning tree does not support Bridge Assurance.


    I do not believe Juniper or any other vendor could implement this without paying Cisco royalties, if Cisco would even license it.  I believe STP Assurance is a combination of the following:


    • UDLD – Uni-Directional Link Detection puts unidirectional links into blocking state and prevents forwarding loops.
    • BPDU Guard – disables ports that receive a BPDU frame; useful for edge ports that should never be connected to another switch.
    • Loop Guard – Protects against ports where the link becomes unidirectional.  It operates differently than the UDLD function.
    • Root Guard – Prevents a port from becoming a root port or a blocked port.
    • EtherChannel Guard – Prevents inconsistent configuration of EtherChannel that creates loops between two switches.
    • Bridge Priority – Defines the root bridge in an STP domain.

    UDLD and Loop Guard and EtherChannel Guard are all Cisco proprietary feature/functions so same comment as above.  Juniper does support all the other 'standard' STP feature/function in this list, namely BPDU Guard, Root Guard and Bridge Priority.


    I think the bigger question might be, why use STP in first place, especially with Juniper equipment.  Network designs using STP went out of favor (outside of Cisco) 10 years ago - there are many other better alternatives with today's network devices.


    Hope this may help you.  i don't claim 100% accuracy, especially when discussing Cisco features, but I believe most of this is factual.  If not I assume someone else with better knowledge will correct me -:)



  • 3.  RE: Spanning Tree Bridge Assurance

    Posted 11-27-2017 09:01

    Just stumbled onto this . . .


    Fundamentally, Bridge Assurance is a modification to RSTP wherein both sides send BPDUs to each other.  Unlike 802.1d, RSTP bridges always send BPDUs on their designated ports, regardless of whether or not the bridge received a BPDU from the root.  Bridge Assurance changes this so the non-designated bridge also sends a BPDU.  It becomes a "hello" mechanism between the two bridges.  If one side stops receiving BPDUs, it blocks on that port in case the port became unidirectional.


    It's a cool feature, but if not well-understood you can cause ports to block in the wrong places.  We don't use it.