- If BPDU received from end host, immediately shut down the port
- Instead of blocking BPDU(as in BPDU filter) make the port into error disable state(traffic blocked).
- After port going into error disable state, port can up
- if error disable recovery timer expires
- or, manually shutdown the port then bringsup.
- It is the more secured implementation of filtering STP.
- Also config with PortFast on global mode
- interface level will over ride global config
- to check error disable recover timer enable or not use show cmd
- show errdisable recvoery
- Enable error disable recovery timer
- errdisable recovery interval 30 on global mode (some times not enabled, verify by above cmd, then use below cmd)
- errdisable recovery cause bpdugaurd because there are so many causes the port goto errdisable state
- spanning-tree portfast bpdugaurd default
- spanning-tree bpdugaurd default
Thursday, July 18, 2013
STP BPDU GUARD
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment