Enabling Bpdu Guard - Cisco 3845 - Security Bundle Router Software Manual
Software configuration guide
Hide thumbs
Also See for 3845 - Security Bundle Router:
- Manual (94 pages) ,
- Quick start manual (38 pages) ,
- Hardware installation manual (418 pages)
Table of Contents
Advertisement
Configuring Optional Spanning-Tree Features
Beginning in privileged EXEC mode, follow these steps to enable Port Fast. This procedure is optional.
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
spanning-tree portfast [trunk]
Step 4
end
Step 5
show spanning-tree interface
interface-id portfast
Step 6
copy running-config startup-config
Note
You can use the spanning-tree portfast default global configuration command to globally enable the
Port Fast feature on all nontrunking STP ports.
To disable the Port Fast feature, use the spanning-tree portfast disable interface configuration
command.
Enabling BPDU Guard
When you globally enable BPDU guard on ports that are Port Fast-enabled (the ports are in a Port
Fast-operational state), spanning tree continues to run on the ports. They remain up unless they receive
a BPDU.
In a valid configuration, Port Fast-enabled interfaces do not receive BPDUs. Receiving a BPDU on a
Port Fast-enabled interface signals an invalid configuration, such as the connection of an unauthorized
device, and the BPDU guard feature puts the interface in the error-disabled state. The BPDU guard
feature provides a secure response to invalid configurations because you must manually put the interface
back in service. Use the BPDU guard feature in a service-provider network to prevent an access port
from participating in the spanning tree.
Cisco ME 3800X and 3600X Switch Software Configuration Guide
15-6
Chapter 15
Purpose
Enter global configuration mode.
Specify an STP interface to configure, and enter interface configuration
mode.
Enable Port Fast on an access port connected to a single workstation or
server. By specifying the trunk keyword, you can enable Port Fast on a
trunk port.
Note
To enable Port Fast on trunk ports, you must use the
spanning-tree portfast trunk interface configuration command.
The spanning-tree portfast command does not work on trunk
ports.
Caution
Make sure that there are no loops in the network between the
trunk port and the workstation or server before you enable
Port Fast on a trunk port.
By default, Port Fast is disabled on all STP ports.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Configuring Optional Spanning-Tree Features
OL-23400-01
- Quick Links:
- Vlan Features
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
