spanning-tree error

Unanswered Question
Jul 8th, 2008

Hi All

I have the following configured on a port in a switch A.

interface FastEthernetx/x

no ip address

duplex full

speed 100


switchport access

spanning-tree bpduguard enable

When I plug in another switch, it always comes up with

%SPANTREE-SP-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernetx/x with BPDU Guard enabled. Disabling port.

%PM-SP-4-ERR_DISABLE: bpduguard error detected on Fax/x, putting Fax/x in err-disable state


On the switch B where it was plug into originally there was no spanning-tree bpduguard enable and it worked

So should I disable this command on Switch A, what will be the impact? or should I disable spanning tree on the new switch I am adding, what problems will it cause. I need to connect this new switch to Switch A.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kevin Dorrell Tue, 07/08/2008 - 02:44

Yes, disable the bpduguard. It is intended to ensure that nobody can connect an illicit switch to the port, and it seems to be working well! If you intend to connect a switch, then disable the feature.

Do not disable the Spanning-Tree, and do not put any bdpufilter. That would be bad news.

Kevin Dorrell


qwertys21 Tue, 07/08/2008 - 02:52

Thanks Kevin

Since it has issued this error and I don't disable anything apart from the bdpuguard on Switch A, will it cause any spanning tree recalculation or any other thing?

Kevin Dorrell Tue, 07/08/2008 - 04:43

No, it should be benign. However, there are a couple of things to check:

1. I presume the new switch is not the root switch. I mean, you managed to take it away from its original connection without upsetting the Spanning Tree, didn't you?

2. I don't remember from the original posting, but it would be best not to have portfast on the downlink port.

3. Since the downlink port has gone into errdisable state (show int status), you will have to shut and no shut it.

Kevin Dorrell


qwertys21 Tue, 07/08/2008 - 04:56

Thanks Kevin

yes the link does not have portfast and it is definitely not the root switch. It is actually a Netgear switch connecting to a Cisco Switch

Thanks for your help


This Discussion