Table of Contents
Advertisement
spanning-tree bpdu-guard
This command shuts down an edge port (i.e., an interface set for fast forwarding) if it
receives a BPDU. Use the no form to disable this feature.
Syntax
[no] spanning-tree bpdu-guard
Default Setting
Disabled
Command Mode
Interface Configuration (Ethernet, Port Channel)
Command Usage
•
An edge port should only be connected to end nodes which do not generate
BPDUs. If a BPDU is received on an edge port, this indicates an invalid network
configuration, or that the switch may be under attack by a hacker. If an interface is
shut down by BPDU Guard, it must be manually re-enabled using the
spanning-tree spanning-disabled
•
Before enabling BPDU Guard, the interface must be configured as an edge port with
the
spanning-tree edge-port
disabled on an interface, BPDU Guard will also be disabled on that interface.
Example
SSE-G2252(config)#interface Ethernet 1/5
SSE-G2252(config-if)#spanning-tree edge-port
SSE-G2252(config-if)#spanning-tree bpdu-guard
SSE-G2252(config-if)#
Related Commands
"spanning-tree edge-port" on page 34-19
"spanning-tree spanning-disabled" on page 34-28
Chapter 34: Spanning Tree Commands
command.
command. Also note that if the edge port attribute is
34-17
no
- Quick Links:
- Connecting to the Switch
Hide quick links:
Advertisement
Table of Contents
