Chapter 13 Bpdu Attack Protection Command List - D-Link xStack DGS-3120 Series Cli Reference Manual
Dgs-3120 series layer 3 managed gigabit ethernet switch
Hide thumbs
Also See for xStack DGS-3120 Series:
- Reference manual (509 pages) ,
- Manual (852 pages) ,
- Product manual (339 pages)
Table of Contents
Advertisement
®
xStack
DGS-3120 Series Layer 3 Managed Gigabit Ethernet Switch CLI Reference Guide
Chapter 13 BPDU Attack Protection
config bpdu_protection ports [<portlist> | all ] {state [enable | disable] | mode [ drop | block |
shutdown} (1)
config bpdu_protection recovery_timer [<sec 60-1000000> | infinite]
config bpdu_protection [trap | log] [none | attack_detected | attack_cleared | both]
enable bpdu_protection
disable bpdu_protection
show bpdu_protection {ports {<portlist>}}
13-1
config bpdu_protection ports
Description
This command is used to configure the BPDU protection function for the ports on the Switch. In
generally, there are two states in BPDU protection function. One is normal state, and another is
under attack state. The under attack state have three modes: drop, block, and shutdown. A BPDU
protection enabled port will enter under attack state when it receives one STP BPDU packet. And it
will take action based on the configuration. Thus, BPDU protection can only be enabled on STP-
disabled port.
BPDU protection has high priority than fbpdu setting configured by configure STP command in
determination of BPDU handling. That is, when fbpbu is configured to forward STP BPDU but
BPDU protection is enabled, then the port will not forward STP BPDU.
Format
config bpdu_protection ports [<portlist> | all ] {state [enable | disable] | mode [ drop | block |
shutdown]}(1)
Parameters
<portlist> - Specify a range of ports to be configured (port number).
all – Specify that all the port will be configured.
state – (Optional) Specify the BPDU protection state. The default state is disable
enable – Specify to enable BPDU protection.
disable – Specify to disable BPDU protection.
mode – (Optional) Specify the BPDU protection mode. The default mode is shutdown
drop - Drop all received BPDU packets when the port enters under_attack state.
block - Drop all packets (include BPDU and normal packets) when the port enters
under_attack state.
shutdown - Shut down the port when the port enters under_attack state.
Restrictions
Only Administrator, Operator and Power-User level users can issue this command.
Command List
171
Hide quick links:
Advertisement
Table of Contents
