Displaying stp information, Enabling stp protection – Brocade BigIron RX Series Configuration Guide User Manual
Page 411
BigIron RX Series Configuration Guide
333
53-1002484-04
IEEE 802.1D Spanning Tree Protocol (STP)
12
The spanning-tree protocol detects and eliminates logical loops in a redundant network by
selectively blocking some data paths and allowing only some data paths to forward traffic.
In an STP environment, switches, end stations, and other Layer 2 devices use Bridge Protocol Data
Units (BPDUs) to exchange information that STP will use to determine the best path for data flow.
When a Layer 2 device is powered ON and connected to the network, or when a Layer 2 device goes
down, it sends out an STP BPDU, triggering an STP topology change.
In some instances, it is unnecessary for a connected device, such as an end station, to initiate or
participate in an STP topology change. In this case, you can enable the STP BPDU Guard feature on
the Brocade port to which the end station is connected. Brocade's STP BPDU Guard feature
disables the connected device's ability to initiate or participate in an STP topology change, by
dropping all BPDUs received from the connected device.
Enabling STP protection
You can enable STP BPDU Guard on a per-port basis.
To prevent an end station from initiating or participating in STP topology changes, enter the
following command at the interface level of the CLI.
BigIron RX(config) interface ethe 2/1
BigIron RX(config-if-e1000-2/1)# spanning-tree protect
This command causes the port to drop STP BPDUs sent from the device on the other end of the
link.
Syntax: [no] spanning-tree protect
Enter the no form of the command to disable BPDU Guard on the port and remove the
spanning-tree protect do-disable feature if they are configured.
Enabling BPDU Guard and disabling a port that receives BPDUs
You can enable BPDU Guard on a port and at the same time configure a port to be disabled when it
receives a BPDU. Enter the following commands.
BigIron RX(config) interface ethe 2/1
BigIron RX(config-if-e1000-2/1)#spanning-tree protect do-disable
Syntax: [no] spanning-tree protect do-disable
If both spanning-tree protect and spanning-tree protect do-disable are configured on an interface,
spanning-tree protect do-disable takes precedence. This means that when the port receives a
BPDU, the port will drop the BPDU and disable the port.
If you issue a no spanning-tree protect do-disable command, the port will be re-enabled and will no
longer be disabled when it receives a BPDU. The following message is displayed when you enter the
no spanning-tree protect do-disable command.
This command removes only "spanning-tree protect do-disable". To remove
"spanning-tree protect", please issue a separate command "no spanning-tree
protect".
Displaying STP information
You can display the following STP information: