Enabling Bpdu Guard - Cisco Catalyst 2960 Software Configuration Manual

Hide thumbs Also See for Catalyst 2960:
Table of Contents

Advertisement

Chapter 18
Configuring Optional Spanning-Tree Features
If you enable the voice VLAN feature, the Port Fast feature is automatically enabled. When you disable
voice VLAN, the Port Fast feature is not automatically disabled. For more information, see
"Configuring Voice VLAN."
You can enable this feature if your switch is running PVST+, rapid PVST+, or MSTP.
Beginning in privileged EXEC mode, follow these steps to enable Port Fast. This procedure is optional.
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
spanning-tree portfast [trunk]
Step 4
end
Step 5
show spanning-tree interface interface-id
portfast
Step 6
copy running-config startup-config
You can use the spanning-tree portfast default global configuration command to globally enable the
Note
Port Fast feature on all nontrunking ports.
To disable the Port Fast feature, use the spanning-tree portfast disable interface configuration
command.

Enabling BPDU Guard

When you globally enable BPDU guard on ports that are Port Fast-enabled (the ports are in a Port
Fast-operational state), spanning tree continues to run on the ports. They remain up unless they receive
a BPDU.
In a valid configuration, Port Fast-enabled ports do not receive BPDUs. Receiving a BPDU on a Port
Fast-enabled port means an invalid configuration, such as the connection of an unauthorized device, and
the BPDU guard feature puts the port in the error-disabled state. When this happens, the switch shuts
down the entire port on which the violation occurred.
OL-26520-01
Purpose
Enter global configuration mode.
Specify an interface to configure, and enter interface
configuration mode.
Enable Port Fast on an access port connected to a single
workstation or server. By specifying the trunk keyword, you can
enable Port Fast on a trunk port.
To enable Port Fast on trunk ports, you must use the
Note
spanning-tree portfast trunk interface configuration
command. The spanning-tree portfast command will
not work on trunk ports.
Make sure that there are no loops in the network
Caution
between the trunk port and the workstation or server
before you enable Port Fast on a trunk port.
By default, Port Fast is disabled on all interfaces.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
Configuring Optional Spanning-Tree Features
Chapter 15,
18-13

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Catalyst 2960-s

Table of Contents