Scribd
Upload
46 views2 pages

STP Bpdu Gaurd and Bpdu Fliter 1663865956

BPDU Guard and BPDU Filter are features used with the STP PortFast to enhance network stability. BPDU Guard disables a port if it receives a BPDU, preventing potential loops, while BPDU Filter prevents BPDUs from being sent out and can either disable PortFast or ignore received BPDUs based on configuration. Care must be taken when enabling BPDU Filtering, as it can lead to STP being effectively disabled on the port.

Uploaded by

edvancedylen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
46 views2 pages

STP Bpdu Gaurd and Bpdu Fliter 1663865956

BPDU Guard and BPDU Filter are features used with the STP PortFast to enhance network stability. BPDU Guard disables a port if it receives a BPDU, preventing potential loops, while BPDU Filter prevents BPDUs from being sent out and can either disable PortFast or ignore received BPDUs based on configuration. Care must be taken when enabling BPDU Filtering, as it can lead to STP being effectively disabled on the port.

Uploaded by

edvancedylen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

STP-BPDU GAURD AND BPDU FLITER

BPDU Guard:

Recall STP PortFast feature ,which allows a switch port to bypass the usual progression of
STP states. However, PortFast does not disable STP on a port - it merely accelerates
STP convergence. However, a PortFast-enabled port will still accept BPDUs.

PortFast should only be enabled on ports connected to a host[Access Ports]. If enabled on


a port connecting to a switch, any loop may result in a broadcast storm.

To prevent such a scenario, BPDU Guard can be used in conjunction with PortFast. Under
normal circumstances, a port with PortFast enabled should never receive a BPDU, as it is
intended only for hosts.

BPDU Guard will place a port in an errdisable state if a BPDU is received, regardless if the
BPDU is superior or inferior. The STP topology will not be impacted by another switch that is
inadvertently connected to that port.

BPDU Guard is used in conjunction with PortFast which when enabled puts the
portfast enabled port into "Error DisableD" state on receipt of BPDU

BPDU Guard Configuration


• To enable BPDU guard globally, use the command:
spanning-tree portfast bpduguard default
• To enable BPDU guard on a port, use the command:

spanning-tree bpduguard enable

BPDU FILTER:

BPDU Filter prevents BPDUs from being sent out a port, and must be enabled in
conjunction with PortFast.

If a BPDU is received on a port, BPDU Filtering will react one of two ways, depending on
how it was configured.
• If filtering is enabled globally, a received BPDU will disable PortFast on the port. The
port will then transition normally through the STP process.
• If filtering is enabled on a per-interface basis, a received BPDU is ignored.

Great care must be taken when manually enabling BPDU Filtering on a port. Because the
port will ignore a received BPDU, STP is essentially disabled.

The port will neither be err-disabled nor progress through the STP process, and thus the port
is susceptible to loops.

NOTE: If BPDU Filtering is enabled globally, it will only apply to PortFast ports:

Switch(config)# spanning-tree portfast bpdufilter default


To enable BPDU Filtering on a per-interface basis:
Switch(config)# interface gi1/15
Switch(config-if)# spanning-tree bpdufilter enable

You might also like