Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BPDU guard and filter

Hi

Issue:

BPDUguard (does prevent access switches to receive bpdu packets from other foreign switches because the port will go to be error-disable)

So far so good...

Case:

I was sniffing a switch port with the following config:

config-if>spanning-tree portfast

config-if>spanning-tree bpduguard enable

I still receive stp traffic from the switch port on my sniffer???

additional config:

config-if>spanning-tree bpdufilter enable

Than I can't sniff any stp traffic on the sniffed port.

Question:

How does it make sense that an access port just with portfast and bpduguard enabled, does send out any stp traffic if otherwise the port goes down when it receive stp (bpdu) traffic???

For me this scenario does not really make sense?

Any help are appreciated

2 REPLIES

Re: BPDU guard and filter

As you have configured bpduguard, it wouldnt receive any BPDU's.

PortFast immediately transitions the port into STP forwarding mode upon linkup. The port still participates in STP.

New Member

Re: BPDU guard and filter

Hi BPDU Guard function only prevents a port from performing STP negotiations on receipt of BPDU Packets. Portfast will just go into forwarding state upon linkup. So given the first 2 config commands it will not prevent the switch from sending BPDUs out the switch - hence sniffer getting packets.

BPDUFilter - when this is enabled. It PREVENTS bpdu's from being sent. That's why you *don't* see any frames in your sniffer.

149
Views
5
Helpful
2
Replies
CreatePlease login to create content