No. Data
1 Number of the port on which root protection is to be enabled
2 Number of the port on which loop protection is to be enabled
8.5.2 Configuring BPDU Protection on a Switching Device
After BPDU protection is enabled on a switching device, the switching device shuts down an
edge port if the edge port receives a BPDU, and notifies the NMS of the shutdown event.
Context
Edge ports are directly connected to user terminal and will not receive BPDUs. Attackers may
send pseudo BPDUs to attack the switching device. If the edge ports receive the BPDUs, the
switching device configures the edge ports as non-edge ports and triggers a new spanning tree
calculation. Network flapping then occurs. BPDU protection can be used to protect switching
devices against malicious attacks.
Perform the following steps on a switching device that has an edge port.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
stp bpdu-protection
BPDU protection is enabled on the switching device.
By default, BPDU protection is not enabled on the switching device.
----End
Follow-up Procedure
To allow an edge port to automatically start after being shut down, you can run the error-down
auto-recovery cause bpdu-protection interval interval-value command to configure the auto
recovery function and set the delay on the port. After the delay expires, the port automatically
goes Up. interval interval-value ranges from 30 to 86400, in seconds. Note the following when
setting this parameter:
l There is no default value for the recovery time. Therefore, you must specify a delay when
configuring this command.
l The smaller the interval-value is, the shorter it takes for the edge port to go Up, and the
more frequently the edge port alternates between Up and Down.
l The larger the interval-value is, the longer it takes for the edge port to go Up, and the longer
the service interruption lasts.
Huawei AR3200 Series Enterprise Routers
Configuration Guide - LAN 8 MSTP Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
247
To Next Page
Loading...
