Folks, I have a number of switches and ports configured as shown below. Request is that I should remove such portfast and stp bpduguard and bpdufilter configurations from production switches.
My concern is that such switches are live, critical and I have a bunch of live hosts connected to it.
Do you see any potential issue that could be triggered when removing configuration below? I just want to confirm.
switchport mode access
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
If your network is connected to an ethernet based ISP network you would not want your Spanning Tree to be influenced by the ISP Spaning Tree and vice versa. In that case both you and the ISP will put bpdufilter on the interface that interconnects you.
If any of these ports are user devices I don't think you want to turn off portfast. This can cause dhcp issues or any device that has to boot off of something on the network.What did they give as the reason to turn them off . Normally you do not want to run bpdufilter and bpduguard at the same time so maybe thats the issue .