Spanning Tree Bpdu Protection - HP ProCurve J8766A Release Note
For the procurve series 4200vl switches
Hide thumbs
Also See for ProCurve J8766A:
- Read me first (4 pages) ,
- Quick reference manual (44 pages) ,
- Installation manual (48 pages)
Table of Contents
Advertisement
Spanning Tree BPDU Protection
The BPDU protection feature is a security enhancement to Spanning Tree Protocol (STP) operation.
It can be used to protect the active STP topology by delimiting its legal boundaries, thereby preventing
spoofed BPDU packets from entering the STP domain. In a typical implementation, BPDU protection
would be applied to edge ports connected to end user devices that do not run STP. If STP BPDU
packets are received on a protected port, the feature will disable that port and alert the network
manager via an SNMP trap as shown in Figure 22.
STP Domain
BPDU protection
End User
Figure 22. Example of BPDU Protection Enabled at the Network Edge
Terminology
BPDU — Acronym for bridge protocol data unit. BPDUs are data messages that are exchanged
between the switches within an extended LAN that use a spanning tree protocol topology. BPDU
packets contain information on ports, addresses, priorities and costs and ensure that the data ends
up where it was intended to go. BPDU messages are exchanged across bridges to detect loops in a
network topology. The loops are then removed by placing redundant switch ports in a backup, or
blocked, state.
BPDU Filtering — Spanning-tree configuration mode that prevents the switch from receiving and
transmitting BPDU frames on a specific port.
BPDU Protection — Spanning-tree configuration mode which disables a port where BPDU frames
are received.
SNMP Trap
SNMP Trap
SNMP Trap
Switch
Event Log: port X is disable by STP
Release L.10.20 Enhancements
Management
Station
Fake STP BPDU
Enhancements
49
- Quick Links:
- Rebooting and Reloading the Switch
Hide quick links:
Advertisement
Table of Contents
