Cloud Gateways Switching WiFi Physical Security Integrations
What's New Support
User
Sign Up UniFi Site Manager
Help Center Help Articles Professional Support Professional Integrators Community RMA & Warranty Downloads Tech Specs
User
Sign Up UniFi Site Manager
Help Center Help Articles Professional Phone Support Professional Integrators Community RMA & Warranty Downloads Tech Specs
Cloud Gateways Switching WiFi Physical Security Integrations

Social

Facebook Twitter Youtube Instagram

Company

Careers Contact Us Investors

Training

Courses Calendar Trainers Become a Trainer

Tools

WiFiman UISP Design Center
  1. Ubiquiti Help Center
  2. UniFi
  3. Network
  4. Features & Configuration

Understand and Mitigate Network Loops (STP)

Network loops occur when there are multiple paths between two points in a network, leading to data continuously circulating and potentially causing significant issues such as performance degradation, unexpected port blockages, complete network outages, and device crashes.

Loops may manifest themselves in the form of devices disconnecting, degraded performance, UniFi adoption failures, and similar connectivity issues.

Best Practices to Avoid Network Loops

To maintain network stability and prevent loops, follow these best practices:

  1. Centralized Switching: Avoid overutilizing the built-in switch ports on your UniFi Gateway. Instead, use one UniFi switch as the core switch, connecting all other devices to it. This approach uses STP for added resiliency. Gateway switch ports do not support STP.
  2. Configure RSTP to Prioritize Core Switches: Configure Spanning Tree Protocol settings to prioritize core switches. Setting STP priorities properly ensures that the most reliable switch is the root switch. This setup optimizes data paths and blocks redundant links. See below.
  3. Use STP Edge and BPDU Guarding on Client Facing Ports: These settings further enhance STP configurations by controlling which ports can affect the overall topology, enhancing network stability. See below.
  4. Utilize Loop Prevention: Configure Loop Protection on your edge (end-user) switch ports to shut down ports when loops are detected. It can also be enabled on uplink or trunk ports. See below.
  5. Disable Wireless Meshing: If no APs are wirelessly adopted, disable wireless meshing to prevent potential loops. 
  6. Regular Maintenance: Check for and replace bad cables. Poor link negotiation can cause STP priority changes (flapping), leading to persistent connectivity issues.
  7. Check IoT and Sonos Devices: Follow our best practices to avoid loops.

How to Use STP to Mitigate Loops

Spanning Tree Protocol (STP) and its advanced version, Rapid Spanning Tree Protocol (RSTP), help create a loop-free logical network topology. They do this by blocking redundant paths based on factors like link speed and switch priority. Here’s how to implement and configure STP in UniFi:

  1. Enable RSTP: UniFi switches enable RSTP by default. It can be toggled in the following places:
    • Globally: Settings > Networks > Spanning Tree.
    • Per Switch: UniFi Devices > [Select switch] > Settings > Spanning Tree.
    • Per Port: UniFi Devices > [Select switch] > Port Manager > Select a port > Spanning Tree Protocol.
  2. Set STP Priorities: To assign STP priorities effectively (UniFi Devices > [Select Switch] > Settings):
    1. Assign the root switch a priority of 0.
    2. Assign the switches in the next layer a priority of 4096.
    3. Continue incrementing the priority value by 4096 for each subsequent layer of switches (8192 > 12288 > etc.).
    4. Designate the uplink port on non-root switches as the STP Uplink to make sure the port is not blocked if redundant paths are used. 

3. Configure STP Edge and BPDU Guarding: STP Edge will allow clients to connect to a switch port without momentarily interrupting traffic with a topology change notification (TCN). This allows STP to converge faster and the network to resume traffic flows faster. By default this setting is Auto, allowing the ports to begin forwarding traffic after checking for BPDUs for a few seconds. In the event of a BPDU (Bridge Protocol Data Unit) being reported across the port (as with a downstream switch being connected), STP Edge will be disabled, a TCN will be sent, and the STP topology will reconverge. If STP Edge is manually set to enabled, the port will not check for BPDUs and traffic will be immediately forwarded. STP Edge can also be manually disabled.

BPDU Guarding will shut down a port when a BPDU is detected, for example if a user plugs in an unauthorized switch. When normal clients are connected, BPDUs should not be received on edge ports; while STP Edge effectively designates a port as an uplink or edge port, BPDU Guarding protects edge ports from loops. This is recommended for the majority of edge ports, especially for clients like Sonos, but the port will require an admin re-enabling the port in UniFi Network.

Connection STP/RSTP STP Edge BPDU Guarding Loop Prevention Notes
Switch to Switch Enabled Auto or Disabled   Optional Can also designate ports as STP Uplink to further enhance STP stability
Switch to Client Enabled Enabled Optional Optional Use BPDU Guarding to prevent downstream ports from sending TCNs / changing STP topology.
Non-STP-supported ports   Auto   Enabled Loop Prevention will work for ports and clients which do not participate in STP.

How to Identify And Mitigate Loops

Identifying network loops can be challenging, but these tips can help:

  • Use UniFi Network Analytics: UniFi can pinpoint the source of a network loop if STP effectively blocks it. Check the Ports page for high traffic or STP blockages, marked by a ⃠ symbol.
  • Enforce BPDU Guarding: If a switch port is always designated for edge clients and will never have a downstream switch, enable BPDU guarding to ensure that connected clients never attempt to change your topology.
  • Manual Disconnection: If STP fails to detect or resolve the loop, manually disconnect parts of the network starting from the edge. Disconnect devices one by one to locate and resolve the issue. Focus on areas with third-party switches or devices that make their own mesh networks, like Sonos, as they often have misconfigurations leading to loops.

Once a loop is detected, it needs immediate attention. Here's how to proceed:

  • Address Physical Topology Issues: Locate the segment with a loop and remove redundant physical paths, if applicable.
  • Remove Wireless Meshing: Ensure Access Points and third-party devices (e.g., Sonos) aren't creating wireless bridges between wired network segments. Sonos devices should also have BPDU Guarding set on any wired uplink ports.
  • Check Third-Party Switch Configuration: Verify non-UniFi switches aren't configured with redundant paths on the same VLAN, which can cause loops.

Additional Protection: UniFi's Loop Protection Feature

UniFi’s Loop Protection provides an extra layer of security by blocking ports when loops are detected, even if neighboring devices do not support STP. This feature operates separately from STP, ensuring protection under various network conditions.

To enable Loop Protection, pick a switch port in Network > Ports. Then, select Loop Protection under advanced settings.

Key Features of Loop Protection:

  • Works independently of neighboring devices’ STP support.
  • Permanently blocks ports upon loop detection. The port WILL NOT return to normal operation without intervention in the UniFi Network. You must manually go into the UniFi Network to fix it, just like BPDU Guarding.
  • Recommended to be enabled on all switch ports, especially Gateways, to effectively prevent loops.

Frequently Asked Questions:

How do Loop Protection and STP interoperate?
If both are enabled, STP will trigger first upon detecting a loop, including BPDU Guarding.
When should Loop Protection be used?
It should always be enabled to help prevent network loops, unless admin intervention to re-enable a blocked port is not always possible.
Should Loop Protection be enabled on all ports?
Yes, it should be enabled on all switch ports to block loops effectively.
Common Causes of Network Loops
Network loops often occur due to wireless meshing and connecting multiple Ethernet cables between the same devices. It’s essential to check device interconnections, both wired and wireless, to prevent loops.
Was this article helpful?