Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Info needed on use of BPDU guard

The place where I am working, we have 7606 router which is connected to various LAN segments. Sub-interfaces are defined in Ethernet ports for VLAN segments. Each LAN segment is running RSTP in rings, so BPDU packets is expected on VLAN subinterfaces of router, but spanning-tree BPDU Guard is enabled on interface(not subinterface) as shown below.

 

interface GigabitEthernet1/6
 description "Towards xyz"
 mtu 9000
 no ip address
 storm-control broadcast level 0.10
 storm-control multicast level 0.10
 spanning-tree bpduguard enable
!
interface GigabitEthernet1/6.852
 description "Cluster 14"
 encapsulation dot1Q 852
 ip address 172.19.129.188 255.255.255.224
 standby version 2
 standby 83 ip 172.19.129.190
 standby 83 timers msec 300 1
 standby 83 priority 110
 standby 83 preempt
!
interface GigabitEthernet1/6.853
 description "Cluster 14"
 encapsulation dot1Q 853
 ip address 172.19.145.188 255.255.255.224
 standby version 2
 standby 84 ip 172.19.145.190
 standby 84 timers msec 300 1
 standby 84 priority 110
 standby 84 preempt
!
interface GigabitEthernet1/6.854
 description "Cluster 14"
 encapsulation dot1Q 854
 ip address 172.19.161.188 255.255.255.224
 standby version 2
 standby 85 ip 172.19.161.190
 standby 85 timers msec 300 1
 standby 85 priority 110
 standby 85 preempt
!
interface GigabitEthernet1/6.855
 description "Cluster 14"
 encapsulation dot1Q 855
 ip address 172.19.177.188 255.255.255.224
 standby version 2
 standby 86 ip 172.19.177.190
 standby 86 timers msec 300 1
 standby 86 priority 110
 standby 86 preempt
!

 

I need to know that will there be any effect of BPDU Guard in this situation?

Whats the point of enabling BPDU Guard here?

Will BPDU packets received on subinterface VLAN will disable the whole interface as BPDU Guard is enabled?

7 REPLIES

Hello.Try to check if any

Hello.

Try to check if any span-tree instanced are bound to the interface.

If there is no instances, I would guess that the command has no effect.

New Member

Hi, Try to check if any span

Hi,

 

Try to check if any span-tree instanced are bound to the interface.

How can I check this ??

 

Thanks,

Nishant

show span int ...

show span int ...

New Member

R1#sh spanning-tree  int gi1

 

Please find spanning tree command output:

R1#sh spanning-tree  int gi1/6
no spanning tree info available for GigabitEthernet1/6

R1#sh spanning-tree interface GigabitEthernet1/6.852
no spanning tree info available for GigabitEthernet1/6.852

R1#sh spanning-tree

MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    4096
             Address     588d.09b5.8740
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4096   (priority 4096 sys-id-ext 0)
             Address     588d.09b5.8740
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/1               Desg FWD 20000     128.1    P2p
Gi1/2               Desg FWD 20000     128.2    P2p
Gi1/3               Desg FWD 20000     128.3    P2p
Gi1/4               Desg FWD 20000     128.4    P2p
Gi1/15              Desg FWD 20000     128.15   P2p
Gi1/16              Desg FWD 20000     128.16   P2p
Gi2/4               Desg FWD 200000    128.260  P2p
Te2/11              Desg FWD 2000      128.267  P2p

 

I think port is not involved in STP. Now, I would like to know what will happen if BPDU packet is received on any VLAN sub-interface of this interface. Will it simply drop BPDU packet as STP not running on it or, BPDU guard will disable the port completely ??

HelloSTP is a layer 2 feature

Hello

STP is a layer 2 feature - your ports are not switched ports they are routed so stp wont be active.

res

Paul

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

So, what role will BPDU Guard

So, what role will BPDU Guard play in this scenario.?? What will happen if BPDU packet is received on any VLAN sub-interface of this interface. Will it simply drop BPDU packet as STP not running on it or, BPDU guard will disable the port completely ??

New Member

please provide switch

please provide switch interface configuration also.Perhaps the interface may be configured as edge port.

 

Regards

Prajith

85
Views
0
Helpful
7
Replies