Displaying And Maintaining The Spanning Tree - HP 3600 v2 series Configuration Manual

Hide thumbs Also See for 3600 v2 series:

Command reference manual (510 pages)

Configuration manual (449 pages)

Security configuration manual (398 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

page of 248

/ 248
Contents
Table of Contents
Bookmarks

Table of Contents

NOTE:

HP does not recommend you disable this feature.

Enabling BPDU drop

In a spanning tree network, after receiving BPDUs, the device performs STP calculation according to the

received BPDUs and forwards received BPDUs to other devices in the network. This allows malicious

attackers to attack the network by forging BPDUs. By continuously sending forged BPDUs, they can make

all the devices in the network perform STP calculations all the time. As a result, problems such as CPU

overload and BPDU protocol status errors occur.

To avoid this problem, you can enable BPDU drop on ports. A BPDU drop-enabled port does not receive

any BPDUs and is invulnerable to forged BPDU attacks.

Follow these steps to enable BPDU drop on an Ethernet interface:

To do...

Enter system view

Enter Layer 2 Ethernet interface

view

Enable BPDU drop on the current

interface

NOTE:

Because a port with BPDU drop enabled also drops the received 802.1X packets, do not enable BPDU

drop and 802.1X on a port at the same time. For more information about 802.1X, see

Configuration Guide

Displaying and maintaining the spanning tree

To do...

Display information about ports blocked

by spanning tree protection functions

Display BPDU statistics on ports

Display information about ports shut

down by spanning tree protection

functions

Display the historical information of port

role calculation for the specified MSTI or

all MSTIs

Display the statistics of TC/TCN BPDUs

sent and received by all ports in the

specified MSTI or all MSTIs

Use the command...

system-view

interface interface-type

interface-number

bpdu-drop any

Use the command...

display stp abnormal-port [ | { begin |

exclude | include } regular-expression ]

display stp bpdu-statistics [ interface

interface-type interface-number [ instance

instance-id ] ] [ | { begin | exclude |

include } regular-expression ]

display stp down-port [ | { begin |

exclude | include } regular-expression ]

display stp [ instance instance-id | vlan

vlan-id ] history [ slot slot-number ] [ |

{ begin | exclude | include }

regular-expression ]

display stp [ instance instance-id | vlan

vlan-id ] tc [ slot slot-number ] [ | { begin |

exclude | include } regular-expression ]

Remarks

—

Required

Disabled by default.

Security

Remarks

Available in any view

Table of Contents

Show Quick Links

Quick Links:
Configuring a Combo Interface

Hide quick links:

Table of Contents

Displaying And Maintaining The Spanning Tree - HP 3600 v2 series Configuration Manual

Displaying and maintaining the spanning tree

Hide quick links:

Related Manuals for HP 3600 v2 series

Related Content for HP 3600 v2 series

Table of Contents