no spanning-tree bpdu flooding
This feature is disabled by default.
Global Configuration mode
There are no usage guidelines for this command.
console#spanning-tree bpdu flooding
Use the spanning-tree bpdu-protection command in Global Configuration
mode to enable BPDU protection on a switch. Use the no form of this
command to resume the default status of BPDU protection function.
For an access layer device, the access port is generally connected to the user
terminal (such as a desktop computer) or file server directly and configured as
an edge port to implement the fast transition. When the port receives a
BPDU packet, the system sets it to non-edge port and recalculates the
spanning tree, which causes network topology flapping. In normal cases, these
ports do not receive any BPDU packets. However, someone may forge BPDU
to maliciously attack the switch and cause network flapping.
RSTP provides BPDU protection function against such attack. After BPDU
protection function is enabled on a switch, the system disables an edge port
that has received BPDU and notifies the network manager about it. The
disabled port can only be enabled by the no version of the command.
no spanning-tree bpdu-protection
Spanning Tree Commands