C H A P T E R 15 Configuring Optional Spanning-Tree Features; Understanding Port Fast; Understanding Bpdu Guard - Cisco 3845 - Security Bundle Router Software Manual
Software configuration guide
Hide thumbs
Also See for 3845 - Security Bundle Router:
- Manual (94 pages) ,
- Quick start manual (38 pages) ,
- Hardware installation manual (418 pages)
Table of Contents
Advertisement
Understanding Optional Spanning-Tree Features
Understanding Port Fast
Port Fast immediately brings an STP port configured as an access or trunk port to the forwarding state
from a blocking state, bypassing the listening and learning states.
You can use Port Fast on STP ports connected to a single workstation or server, as shown in
to allow those devices to immediately connect to the network, rather than waiting for the spanning tree
to converge.
STP ports connected to a single workstation or server should not receive bridge protocol data units
(BPDUs). An STP port with Port Fast enabled goes through the normal cycle of spanning-tree status
changes when the switch is restarted.
Because the purpose of Port Fast is to minimize the time interfaces must wait for spanning tree to
Note
converge, it is effective only when used on STP ports connected to end stations. If you enable Port Fast
on an interface connecting to another switch, you risk creating a spanning-tree loop.
You can enable this feature by using the spanning-tree portfast interface configuration or the
spanning-tree portfast default global configuration command.
Figure 15-1
Workstations
Understanding BPDU Guard
The BPDU guard feature can be globally enabled on the switch or can be enabled per interface, but the
feature operates with some differences.
At the global level, you enable BPDU guard on Port Fast-enabled STP ports by using the spanning-tree
portfast bpduguard default global configuration command. Spanning tree shuts down STP ports that
are in a Port Fast-operational state if any BPDU is received on those ports. In a valid configuration, Port
Fast-enabled STP ports do not receive BPDUs. Receiving a BPDU on a Port Fast-enabled port signals
an invalid configuration, such as the connection of an unauthorized device, and the BPDU guard feature
puts the interface in the error-disabled state.
At the interface level, you enable BPDU guard on any STP port by using the spanning-tree bpduguard
enable interface configuration command without also enabling the Port Fast feature. When the STP port
receives a BPDU, it is put in the error-disabled state.
Cisco ME 3800X and 3600X Switch Software Configuration Guide
15-2
Port Fast-Enabled Interfaces
Port
Fast-enabled
ports
Chapter 15
Configuring Optional Spanning-Tree Features
Server
Port
Fast-enabled port
Workstations
Figure
15-1,
OL-23400-01
- Quick Links:
- Vlan Features
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
