beautypg.com

Enabling tc-bpdu guard, Displaying and maintaining the spanning tree – H3C Technologies H3C S12500-X Series Switches User Manual

Page 107

background image

96

Enabling TC-BPDU guard

When a device receives topology change (TC) BPDUs (the BPDUs that notify devices of topology

changes), it flushes its forwarding address entries. If someone forges TC-BPDUs to attack the device, the

device will receive a large number of TC-BPDUs within a short time and be busy with forwarding address
entry flushing. This affects network stability.
With the TC-BPDU guard function, you can set the maximum number of immediate forwarding address

entry flushes that the device can perform within a specified period of time (10 seconds) after it receives

the first TC-BPDU. For TC-BPDUs received in excess of the limit, the device performs a forwarding address

entry flush when the time period expires. This prevents frequent flushing of forwarding address entries.
To enable TC-BPDU guard:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable the TC-BPDU guard function.

stp tc-protection

By default, TC-BPDU guard is
enabled.
H3C recommends not

disabling this feature.

3.

(Optional.) Configure the maximum
number of forwarding address entry

flushes that the device can perform every
10 seconds.

stp tc-protection threshold
number

The default setting is 6.

Displaying and maintaining the spanning tree

Execute display commands in any view and reset command in user view.

Task Command

Display information about ports blocked by spanning tree
protection functions.

display stp abnormal-port

Display BPDU statistics on ports.

display stp bpdu-statistics [ interface
interface-type interface-number [ instance

instance-list ] ]

Display information about ports shut down by spanning
tree protection functions.

display stp down-port

Display the historical information of port role calculation
for the specified MSTI or all MSTIs (in standalone mode).

display stp [ instance instance-list ] history [ slot
slot-number ]

Display the historical information of port role calculation
for the specified MSTI or all MSTIs (in IRF mode).

display stp [ instance instance-list ] history [ chassis
chassis-number slot slot-number ]

Display the statistics of TC/TCN BPDUs sent and received
by all ports in the specified MSTI or all MSTIs (in

standalone mode).

display stp [ instance instance-list ] tc [ slot
slot-number ]

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: