spanning-tree global commands

Hi all,

 

when configuring spanning-tree with global commands (eg. BPDU gard), one has two used the command

spanning-tree portfast bpdugard default

however,
do you have to enable spanning-tree portfast default in global config
for BPDU gard to work? Or do you only have to do it if the question
specifies that port fast has to b enabled?

 

Thanks

Big Al

Comments

    1. At the global level, you enable BPDU guard on Port Fast-enabled ports by using the spanning-tree portfast bpduguard default
      global configuration command. Spanning tree shuts down ports that are
      in a Port Fast-operational state if any BPDU is received on them. In a
      valid configuration, Port Fast-enabled ports do not receive BPDUs.
      Receiving a BPDU on a Port Fast-enabled port means an invalid
      configuration, such as the connection of an unauthorized device, and
      the BPDU guard feature puts the port in the error-disabled state. When
      this happens, the switch shuts down the entire port on which the
      violation occurred.- So you must have the ports in Port-Fast enabled state, you can do it either via global ot interface level config command.
    2. At the interface level, you enable BPDU guard on any port by using the spanning-tree bpduguard enable interface configuration command without also enabling the Port Fast feature. When the port receives a BPDU, it is put in the error-disabled state.- so no Port-Fast configuration needed.

    Seems like config guide is pretty clear about that optional feature, you can find the rest right here:

    http://cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swstpopt.html#wp1095752

     

    [:D]

     

Sign In or Register to comment.