Spanning-tree bpdu-guard – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

Page 395

Advertising
background image

Brocade 6910 Ethernet Access Switch Configuration Guide

345

53-1002581-01

Spanning Tree Commands

18

Command Mode

Interface Configuration (Ethernet, Port Channel)

Command Usage

This command filters all Bridge Protocol Data Units (BPDUs) received on an interface to save
CPU processing time. This function is designed to work in conjunction with edge ports which
should only connect end stations to the switch, and therefore do not need to process BPDUs.
However, note that if a trunking port connected to another switch or bridging device is
mistakenly configured as an edge port, and BPDU filtering is enabled on this port, this might
cause a loop in the spanning tree.

Before enabling BPDU Filter, the interface must first be configured as an edge port with the

spanning-tree edge-port

command.

Example

Console(config)#interface ethernet 1/5

Console(config-if)#spanning-tree edge-port

Console(config-if)#spanning-tree bpdu-filter

Console(config-if)#

Related Commands

spanning-tree edge-port (347)

spanning-tree bpdu-guard

This command shuts down an edge port (i.e., an interface set for fast forwarding) if it receives a
BPDU. Use the no form without any keywords to disable this feature, or with a keyword to restore
the default settings.

Syntax

spanning-tree bpdu-guard [auto-recovery [interval interval]]

no spanning-tree bpdu-guard [auto-recovery [interval]]

auto-recovery - Automatically re-enables an interface after the specified interval.

interval - The time to wait before re-enabling an interface. (Range: 30-86400 seconds)

Default Setting

BPDU Guard: Disabled
Auto-Recovery: Disabled
Auto-Recovery Interval: 300 seconds

Command Mode

Interface Configuration (Ethernet, Port Channel)

Command Usage

An edge port should only be connected to end nodes which do not generate BPDUs. If a BPDU
is received on an edge port, this indicates an invalid network configuration, or that the switch
may be under attack by a hacker. If an interface is shut down by BPDU Guard, it must be
manually re-enabled using the

no

spanning-tree spanning-disabled

command if the

auto-recovery interval is not specified.

Advertising
Popular Brands
Popular manuals