beautypg.com

Enabling tc-bpdu guard, Displaying and maintaining the spanning tree – H3C Technologies H3C S12500 Series Switches User Manual

Page 109

background image

96

Step Command Remarks

2.

Enter interface view or port

group view.

Enter Ethernet interface view or Layer

2 aggregate interface view:

interface interface-type
interface-number

Enter port group view:

port-group manual port-group-name

Use either command.

3.

Enable the loop guard
function for the ports.

stp loop-protection

By default, loop guard is
disabled.

Enabling TC-BPDU guard

When a switch receives topology change (TC) BPDUs, it flushes the forwarding address entries. If

someone forges TC-BPDUs to attack the switch, the switch will receive a large number of TC-BPDUs within
a short time and be busy with forwarding address entry flushing. This affects network stability.
With the TC-BPDU guard function, you can set the maximum number of immediate forwarding address

entry flushes that the switch can perform every a certain period of time (10 seconds). For TC-BPDUs

received in excess of the limit, the switch performs a forwarding address entry flush when the time period
expires. This prevents frequent flushing of forwarding address entries.
To enable TC-BPDU guard:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable the TC-BPDU guard function.

stp tc-protection enable

Optional.
By default, TC-BPDU guard is

enabled.

3.

Configure the maximum number of
forwarding address entry flushes that the

switch can perform every 10 seconds.

stp tc-protection threshold
number

Optional.
The default setting is 6.

NOTE:

H3C recommends not disabling this feature.

Displaying and maintaining the spanning tree

Task Command

Remarks

Display information about ports blocked
by spanning tree protection functions.

display stp abnormal-port [ | { begin |
exclude | include } regular-expression ]

Available in any
view.

Display BPDU statistics on ports.

display stp bpdu-statistics [ interface
interface-type interface-number [ instance

instance-id ] ] [ | { begin | exclude |

include } regular-expression ]

Available in any
view.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: