beautypg.com

Spanning-tree portfast bpdu-guard – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 551

background image

Spanning Tree Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

19.61

spanning-tree portfast bpdu-guard

This command applies a BPDU (Bridge Protocol Data Unit) guard to the port. A port with
the bpdu-guard feature enabled will block all traffic (BPDUs and user data), if it starts
receiving BPDUs.

Use this command in Global Configuration mode to apply BPDU guard to all ports on the
switch. Use this command in Interface mode for an individual interface or a range of
interfaces specified. BPDU Guard is not enabled on a port by default.

Use the no variant of this command to disable the BPDU Guard feature on a switch in
Global Configuration mode or to disable the BPDU Guard feature on a port in Interface
mode.

Syntax

(Global

Configuration)

spanning-tree portfast bpdu-guard

no spanning-tree portfast bpdu-guard

Syntax

(Interface

Configuration)

spanning-tree portfast bpdu-guard {default|disable|enable}

no spanning-tree portfast bpdu-guard

Default

BPDU Guard is not enabled on any ports by default.

Mode

Global Configuration or Interface Configuration

Usage

This command blocks the port(s) to all BPDUs and data when enabled. BPDU Guard is a
port-security feature that changes how a portfast-enabled port behaves if it receives a
BPDU. When bpdu-guard is set, then the port shuts down if it receives a BPDU. It does not
process the BPDU as it is considered suspicious. When bpdu-guard is not set, then the
port will negotiate spanning-tree with the device sending the BPDUs. By default, bpdu-
guard is not enabled on a port.

You can configure a port disabled by the bpdu-guard to re-enable itself after a specific
time interval. This interval is set with the

spanning-tree errdisable-timeout interval

command on page 19.41

. If you do not use the errdisable-timeout feature, then you will

need to manually re-enable the port by using the no shutdown command.

Parameter

Description

bpdu-guard

A port that has bpdu-guard turned on will enter the STP blocking state
if it receives a BPDU. This port type has one of the following
parameters (in Interface Configuration mode):

default

Takes the setting that has been configured for the whole
switch, i.e. the setting made from the Global configuration
mode.

disable

Turns off BPDU guard.

enable

Turns on BPDU guard and will also set the port as an edge
port.

See also other documents in the category Allied Telesis Computer hardware: