C
HAPTER
32
| Spanning Tree Commands
– 807 –
COMMAND USAGE
â—† This command filters all Bridge Protocol Data Units (BPDUs) that would
otherwise be transmitted on an interface to save CPU processing time.
This function is designed to work in conjunction with edge ports which
should only connect end stations to the switch, and therefore do not
need to process BPDUs. However, note that if a trunking port connected
to another switch or bridging device is mistakenly configured as an
edge port, and BPDU filtering is enabled on this port, this might cause a
loop in the spanning tree.
â—† Before enabling BPDU Filter, the interface must first be configured as an
edge port with the spanning-tree edge-port command.
EXAMPLE
Console(config)#interface ethernet 1/5
Console(config-if)#spanning-tree edge-port
Console(config-if)#spanning-tree bpdu-filter
Console(config-if)#
RELATED COMMANDS
spanning-tree edge-port (809)
spanning-tree
bpdu-guard
This command shuts down an edge port (i.e., an interface set for fast
forwarding) if it receives a BPDU. Use the no form to disable this feature.
SYNTAX
[no] spanning-tree bpdu-guard
DEFAULT SETTING
Disabled
COMMAND MODE
Interface Configuration (Ethernet, Port Channel)
COMMAND USAGE
â—† An edge port should only be connected to end nodes which do not
generate BPDUs. If a BPDU is received on an edge port, this indicates
an invalid network configuration, or that the switch may be under
attack by a hacker. If an interface is shut down by BPDU Guard, it must
be manually re-enabled using the no spanning-tree spanning-disabled
command.
â—† Before enabling BPDU Guard, the interface must be configured as an
edge port with the spanning-tree edge-port command. Also note that if
the edge port attribute is disabled on an interface, BPDU Guard will also
be disabled on that interface.
To Next Page
Loading...
Need help?
General