Skip to content

Add STP loop guard support#88

Open
salahadell wants to merge 1 commit intosonic-net:masterfrom
salahadell:adding-loop-guard-feature
Open

Add STP loop guard support#88
salahadell wants to merge 1 commit intosonic-net:masterfrom
salahadell:adding-loop-guard-feature

Conversation

@salahadell
Copy link
Copy Markdown

@salahadell salahadell commented Apr 26, 2026
edited
Loading

Summary

Add STP Loop Guard support to sonic-stp and wire it through manager, runtime state handling, and APP_DB sync.

Motivation

When expected BPDUs are lost on non-designated ports, the port should not transition unsafely toward forwarding, potentially creating Layer-2 loops, and broadcast storms.
Loop Guard keeps the port in loop-inconsistent state until recovery conditions are met.

Changes

  • Added loop-guard config field in IPC/config path.
  • Added loop-guard mask and runtime state in STP global/port data.
  • Added loop-guard activation on message-age expiry for eligible non-designated ports.
  • Added BPDU-based recovery logic to clear loop-inconsistent state.
  • Added APP_DB sync for loop-guard active status.
  • Added debug visibility for loop-guard config/state.
  • Added disable-path cleanup so stale loop-guard state is cleared and STP re-evaluation runs immediately.

Behavior

  • With loop guard enabled, BPDU loss on protected non-designated ports enters LOOP-INC.
  • Receiving valid BPDU clears loop-guard active state and normal STP processing continues.
  • Disabling loop guard while port is LOOP-INC clears stale state and triggers immediate STP state re-evaluation.

Files Updated

  • include/stp.h
  • include/stp_ipc.h
  • include/stp_dbsync.h
  • stp/stp.c
  • stp/stp_mgr.c
  • stp/stp_util.c
  • stp/stp_data.c
  • stp/stp_debug.c
  • stpsync/stp_sync.cpp

Validation

  • Interop test with SONiC DUT connected to a Cisco switch and SONiC peers.
  • Enabled loop guard on SONiC DUT test interface.
  • On Cisco side, enabled BPDU filter to stop BPDU transmission.
  • Observed SONiC port moved to LOOP-INC when BPDUs stopped.
  • After BPDU transmission resumed, SONiC port recovered through normal STP behavior.
  • Confirmed loop-guard state updates were reflected in APP_DB.

Related PRs

@salahadell
adding loop guard feature
cc44fff 
Signed-off-by: Salah Adel <salah-adel2011@hotmail.com>
@mssonicbld
Copy link
Copy Markdown
Collaborator

mssonicbld commented Apr 26, 2026

/azp run

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines Bot commented Apr 26, 2026

Azure Pipelines successfully started running 1 pipeline(s).

This was referenced Apr 26, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@salahadell @mssonicbld