Enabling tc-bpdu guard, Displaying and maintaining the spanning tree – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 95
85
Enabling TC-BPDU guard
When receiving topology change (TC) BPDUs (the BPDUs used to notify topology changes), the device
flushes its forwarding address entries. If someone forges TC-BPDUs to attack the device, the device
receives a large number of TC-BPDUs within a short time and is busy with forwarding address entry
flushing. This affects network stability.
With the TC-BPDU guard function, you can set the maximum number of immediate forwarding address
entry flushes that the device can perform every a certain period of time (10 seconds). For TC-BPDUs
received in excess of the limit, the device performs a forwarding address entry flush when the time period
expires. This prevents frequent flushing of forwarding address entries.
To enable TC-BPDU guard:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable the TC-BPDU guard function.
stp tc-protection enable
Optional.
Enabled by default.
3.
Configure the maximum number of
forwarding address entry flushes that the
device can perform every 10 seconds.
stp tc-protection threshold
number
Optional.
6 by default.
NOTE:
H3C does not recommend you disable this feature.
Displaying and maintaining the spanning tree
Task Command
Remarks
Display information about ports blocked
by spanning tree protection functions.
display stp abnormal-port [ | { begin |
exclude | include } regular-expression ]
Available in any
view.
Display BPDU statistics on ports.
display stp bpdu-statistics [ interface
interface-type interface-number [ instance
instance-id ] ] [ | { begin | exclude |
include } regular-expression ]
Available in any
view.
Display information about ports shut
down by spanning tree protection
functions.
display stp down-port [ | { begin |
exclude | include } regular-expression ]
Available in any
view.
Display the historical information of port
role calculation for the specified MSTI or
all MSTIs.
display stp [ instance instance-id ] history
[ | { begin | exclude | include }
regular-expression ]
Available in any
view.
Display the statistics of TC/TCN BPDUs
sent and received by all ports in the
specified MSTI or all MSTIs.
display stp [ instance instance-id ] tc [ |
{ begin | exclude | include }
regular-expression ]
Available in any
view.
Display the spanning tree status and
statistics.
display stp [ instance instance-id ]
[ interface interface-list ] [ brief ] [ |
{ begin | exclude | include }
regular-expression ]
Available in any
view.
- H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSWM1WCM10 Access Controller Module H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C WA3600 Series Access Points H3C WA2600 Series WLAN Access Points