Pvrst compatibility, Bpdu guard, Enabling bpdu protection by port – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 609
Brocade TurboIron 24X Series Configuration Guide
575
53-1003053-01
PVRST compatibility
PVRST compatibility
PVRST, the "rapid" version of per-VLAN spanning tree (PVST), is a Cisco proprietary protocol. PVRST
corresponds to the Brocade full implementation of IEEE 802.1w (RSTP). Likewise, PVST, also a
Cisco proprietary protocol, corresponds to the Brocade implementation of IEEE 802.1D (STP).
TurboIron X Series devices also support PVRST compatibility. When it receives PVRST BPDUs on a
port configured to run 802.1w, it recognizes and processes these BPDUs and continues to operate
in 802.1w mode.
PVRST compatibility is automatically enabled in software release 02.5.00 and later when a port
receives a PVRST BPDU.
BPDU guard
In an STP environment, switches, end stations, and other Layer 2 devices use Bridge Protocol Data
Units (BPDUs) to exchange information that STP will use to determine the best path for data flow.
The BPDU guard, an enhancement to STP, removes a node that reflects BPDUs back in the
network. It enforces the STP domain borders and keeps the active topology predictable by not
allowing any network devices behind a BPDU guard-enabled port to participate in STP.
In some instances, it is unnecessary for a connected device, such as an end station, to initiate or
participate in an STP topology change. In this case, you can enable the STP BPDU guard feature on
the port to which the end station is connected. STP BPDU guard shuts down the port and puts it
into an errdisable state. This disables the connected device's ability to initiate or participate in an
STP topology. A log message is then generated for a BPDU guard violation, and a CLI message is
displayed to warn the network administrator of a severe invalid configuration. The BPDU guard
feature provides a secure response to invalid configurations because the administrator must
manually put the interface back in service if errdisable recovery is not enabled.
Enabling BPDU protection by port
You enable STP BPDU guard on individual interfaces. The feature is disabled by default.
To enable STP BPDU guard on a specific port, enter commands such as the following.
TurboIron(config) interface ethe 1
TurboIron(config-if-e10000-1)#stp-bpdu-guard
Syntax: [no] stp-bpdu-guard
The no parameter disables the BPDU guard on this interface.
You can also use the multiple interface command to enable this feature on multiple ports at once.
Example
TurboIron(config)#interface ethernet 1 to 9
TurboIron(config-mif-1-9)#stp-bpdu-guard
TurboIron(config-mif-1-9)#
This will enable stp-bpdu-guard on ports 1 to 9