Enabling Portfast; Prevent Network Disruptions With Bpdu Guard - Dell Z9500 Configuration Manual

To view the current values for interface parameters, use the show spanning-tree 0 command from EXEC privilege mode.
Refer to the second example in

Enabling PortFast

The PortFast feature enables interfaces to begin forwarding traffic approximately 30 seconds sooner.
Interfaces forward frames by default until they receive a BPDU that indicates that they should behave otherwise; they do not go
through the Learning and Listening states. The bpduguard shutdown-on-violation option causes the interface hardware
to be shut down when it receives a BPDU. When you only implement bpduguard, although the interface is placed in an Error
Disabled state when receiving the BPDU, the physical interface remains up and spanning-tree drops packets in the hardware
after a BPDU violation. BPDUs are dropped in the software after receiving the BPDU violation.
CAUTION: Enable PortFast only on links connecting to an end station. PortFast can cause loops if it is enabled on an
interface connected to a network.
To enable PortFast on an interface, use the following command.
• Enable PortFast on an interface.
INTERFACE mode
spanning-tree stp-id portfast [bpduguard | [shutdown-on-violation]]
Example of Verifying PortFast is Enabled on an Interface
To verify that PortFast is enabled on a port, use the show spanning-tree command from EXEC Privilege mode or the show
config command from INTERFACE mode. Dell Networking recommends using the show config command.
Dell#(conf-if-te-1/1)#show conf
!
interface TenGigabitEthernet 1/1
no ip address
switchport
spanning-tree 0 portfast
no shutdown
Dell#(conf-if-te-1/1)#

Prevent Network Disruptions with BPDU Guard

Configure the Portfast (and Edgeport, in the case of RSTP, PVST+, and MSTP) feature on ports that connect to end stations. End
stations do not generate BPDUs, so ports configured with Portfast/ Edgport (edgeports) do not expect to receive BDPUs.
If an edgeport does receive a BPDU, it likely means that it is connected to another part of the network, which can negatively
affect the STP topology. The BPDU Guard feature blocks an edgeport after receiving a BPDU to prevent network disruptions,
and Dell Networking OS displays the following message.
3w3d0h: %SYSTEM-P:RP2 %SPANMGR-5-BPDU_GUARD_RX_ERROR: Received Spanning Tree BPDU on
BPDU guard port. Disable TenGigabitEthernet 3/4/1.
Enable BPDU Guard using the bpduguard option when enabling PortFast or EdgePort. The bpduguard shutdown-on-
violation option causes the interface hardware to be shut down when it receives a BPDU. Otherwise, although the interface
is placed in an Error Disabled state when receiving the BPDU, the physical interface remains up and spanning-tree will only
drop packets after a BPDU violation.
The following example shows a scenario in which an edgeport might unintentionally receive a BPDU. The port on the Dell
Networking system is configured with Portfast. If the switch is connected to the hub, the BPDUs that the switch generates
might trigger an undesirable topology change. If you enable BPDU Guard, when the edge port receives the BPDU, the BPDU is
dropped, the port is blocked, and a console message is generated.
NOTE: Unless you enable the shutdown-on-violation option, spanning-tree only drops packets after a BPDU violation;
the physical interface remains up.
Dell Networking OS Behavior: Regarding bpduguard shutdown-on-violation behavior:
• If the interface to be shut down is a port channel, all the member ports are disabled in the hardware.
Enabling Spanning Tree Protocol Globally.
Spanning Tree Protocol (STP) 807