08-12-2010 01:17 PM - edited 03-06-2019 12:27 PM
I understand what BPDU accomplishes but I have a question about its initial configuration. If BPDU is configured on all switchports how does that affect your initial configuration and rollout? In other words, if you set up a new network and connect a downstream switch to a port on another switch what prevents that switch from shutting the port down due to the BPDUs received? Is there a specific command required on the Trunk Link or should it NOT be configured on Trunk Links?
Thanks,
~cb
Solved! Go to Solution.
08-12-2010 01:24 PM
Hi,
I dont recommend setting it on a trunk link. This is a security feature prevents the Switch from recieving BPDU on a port by putting the port into errdisable state.
you should set it on edge ports where hosts are connected.
Sample config:
interface x/y
spanning-tree portfast
spanning-tree bpduguard enable
HTH
Mohamed
08-12-2010 02:39 PM
Yes, BPDUS sent from all switches , however disabling spanning tree for a particular vlan would disable a BPDU to be sent for that VLAN.
HTH
Mohamed
08-12-2010 01:24 PM
Hi,
I dont recommend setting it on a trunk link. This is a security feature prevents the Switch from recieving BPDU on a port by putting the port into errdisable state.
you should set it on edge ports where hosts are connected.
Sample config:
interface x/y
spanning-tree portfast
spanning-tree bpduguard enable
HTH
Mohamed
08-12-2010 01:42 PM
So is BPDU data sent from switches that have it disabled? Is it sent from all switches?
Thanks,
~cb
08-12-2010 02:39 PM
Yes, BPDUS sent from all switches , however disabling spanning tree for a particular vlan would disable a BPDU to be sent for that VLAN.
HTH
Mohamed
08-13-2010 05:12 AM
Hi Gdwingnuts,
Basically we use this feature for the security concern, so as to protect against any undesired switch to come in to action in our Network. so we only configure our all edge port with this BPDU gaurd feature as suggested by Sobir. Since Host doesn't sent BPDU's on regular interval as sent by all switches, it is not goint to disable or affect in any sense to our network. So it is a good practise to configure all our Host pointed port i.e. edge port with BPDU guard.
Though you should never configure your trunk link with this feature, as on receiving a BPDU for opposite end switch, it will automatically disable port which is configured in Trunk mode, preventing your trunk link to work as normal.
Regards,
Hardik
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: