The config bpdu_protection ports command is used to setup the
BPDU Attack Protection function for the ports on the switch.
The config bpdu_protection ports command is used to configure the
BPDU protection function for ports on the Switch. There are two
states of BPDU attack protection function; the normal state and the
under attack state. The under attack state has three modes: drop,
block, and shutdown modes. A BPDU attack protection enabled port
will enter under attack state when it receives an STP BPDU frame,
then take action based on the configuration mode. BPDU attack
protection can ONLY be used for ports that do not have STP
enabled.
STP for ports and BPDU attack protection on ports are not
compatible. Furthermore BPDU attack protection enabled on a port
effectively disables all STP function on the port. Keep in mind the
following points regarding this:
BPDU attack protection has a higher priority than STP BPDU
forwarding (i.e. the fbpdu setting of the config stp command is
enabled) when determining how to handle BPDU. That is, when
fbpbu is enabled to forward STP BPDU frames AND the BPDU
attack protection function is enabled, the port will not forward STP
BPDU frames.
BPDU attack protection has a higher priority than BPDU tunnel port
setting (i.e. config bpdu_tunnel ports command) when determining
To Next Page
Loading...
