Spanning-tree bpdu-guard – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Brocade 6910 Ethernet Access Switch Configuration Guide

341

53-1002651-02

18

Spanning Tree Commands

spanning-tree bpdu-guard

This command shuts down an edge port (i.e., an interface set for fast forwarding) if it receives a
BPDU. Use the no form without any keywords to disable this feature, or with a keyword to restore
the default settings.

Syntax

spanning-tree bpdu-guard [auto-recovery [interval interval]]

no spanning-tree bpdu-guard [auto-recovery [interval]]

auto-recovery - Automatically re-enables an interface after the specified interval.

interval - The time to wait before re-enabling an interface. (Range: 30-86400 seconds)

Default Setting
BPDU Guard: Disabled
Auto-Recovery: Disabled
Auto-Recovery Interval: 300 seconds

Command Mode
Interface Configuration (Ethernet, Port Channel)

Command Usage

•

An edge port should only be connected to end nodes which do not generate BPDUs. If a BPDU
is received on an edge port, this indicates an invalid network configuration, or that the switch
may be under attack by a hacker. If an interface is shut down by BPDU Guard, it must be
manually re-enabled using the

no

spanning-tree spanning-disabled

command if the

auto-recovery interval is not specified.

•

Before enabling BPDU Guard, the interface must be configured as an edge port with the

spanning-tree edge-port

command. Also note that if the edge port attribute is disabled on an

interface, BPDU Guard will also be disabled on that interface.

Example

Console(config)#interface ethernet 1/5

Console(config-if)#spanning-tree edge-port

Console(config-if)#spanning-tree bpdu-guard

Console(config-if)#

Related Commands

“spanning-tree edge-port”

on page 343

“spanning-tree spanning-disabled”

on page 350