Chapter 18
| Spanning Tree Commands
– 450 –
Example
Console(config)#interface ethernet 1/5
Console(config-if)#spanning-tree edge-port
Console(config-if)#spanning-tree bpdu-filter
Console(config-if)#
Related Commands
spanning-tree edge-port (452)
spanning-tree
bpdu-guard
This command shuts down an edge port (i.e., an interface set for fast forwarding) if
it receives a BPDU. Use the no form without any keywords to disable this feature, or
with a keyword to restore the default settings.
Syntax
spanning-tree bpdu-guard [auto-recovery [interval interval]]
no spanning-tree bpdu-guard [auto-recovery [interval]]
auto-recovery - Automatically re-enables an interface after the specified
interval.
interval - The time to wait before re-enabling an interface. (Range: 30-86400
seconds)
Default Setting
BPDU Guard: Disabled
Auto-Recovery: Disabled
Auto-Recovery Interval: 300 seconds
Command Mode
Interface Configuration (Ethernet, Port Channel)
Command Usage
◆ An edge port should only be connected to end nodes which do not generate
BPDUs. If a BPDU is received on an edge port, this indicates an invalid network
configuration, or that the switch may be under attack by a hacker. If an
interface is shut down by BPDU Guard, it must be manually re-enabled using
the no spanning-tree spanning-disabled command if the auto-recovery
interval is not specified.
◆ Before enabling BPDU Guard, the interface must be configured as an edge port
with the spanning-tree edge-port command. Also note that if the edge port
attribute is disabled on an interface, BPDU Guard will also be disabled on that
interface.
Example
Console(config)#interface ethernet 1/5
Console(config-if)#spanning-tree edge-port
To Next Page
Loading...
