Spanning-tree bpdu- guard, Spanning-tree bpdu-guard – LevelOne GTL-2691 User Manual

C

HAPTER

37

| Spanning Tree Commands

– 1073 –

C

OMMAND

U

SAGE

◆

This command filters all Bridge Protocol Data Units (BPDUs) received on

an interface to save CPU processing time. This function is designed to

work in conjunction with edge ports which should only connect end

stations to the switch, and therefore do not need to process BPDUs.

However, note that if a trunking port connected to another switch or

bridging device is mistakenly configured as an edge port, and BPDU

filtering is enabled on this port, this might cause a loop in the spanning

tree.

◆

Before enabling BPDU Filter, the interface must first be configured as an

edge port with the

spanning-tree edge-port

command.

E

XAMPLE

Console(config)#interface ethernet 1/5

Console(config-if)#spanning-tree edge-port

Console(config-if)#spanning-tree bpdu-filter

Console(config-if)#

R

ELATED

C

OMMANDS

spanning-tree edge-port (1075)

spanning-tree bpdu-

guard

This command shuts down an edge port (i.e., an interface set for fast

forwarding) if it receives a BPDU. Use the no form to disable this feature,

or with a keyword to restore the default settings.

S

YNTAX

spanning-tree bpdu-guard [auto-recovery [interval interval]]
no spanning-tree bpdu-guard [auto-recovery [interval]]

auto-recovery - Automatically re-enables an interface after the

specified interval.
interval - The time to wait before re-enabling an interface.

(Range: 30-86400 seconds)

D

EFAULT

S

ETTING

BPDU Guard: Disabled

Auto-Recovery: Disabled

Auto-Recovery Interval: 300 seconds

C

OMMAND

M

ODE

Interface Configuration (Ethernet, Port Channel)

C

OMMAND

U

SAGE

◆

An edge port should only be connected to end nodes which do not

generate BPDUs. If a BPDU is received on an edge port, this indicates

an invalid network configuration, or that the switch may be under

attack by a hacker. If an interface is shut down by BPDU Guard, it must