From: MMoniz (ccie2002@tampabay.rr.com)
Date: Fri May 14 2004 - 13:56:02 GMT-3
Well not exactly. If you do bpduguard it will put the port in errdisable
state and shut it down. if bpdu's
are received. You will then either have to manually re-enable the port or
configure error recovery. But it
will just shut it down again if bpdu's are received.
If you do bpdufilter at the interface level, you will effectively turn off
spanning tree, so no bpdu's are sent or
received, and loops can occur.
So for your question I think the appropriate configuration would be to
enable global spanning-tree bpdufilter
and enabling spanning-tree portfast on the interfaces. In this case if
bpdu's are recievd it will disable the portfast
and bpdu filtering on the port, thereby preventing loops.
At least this is my understanding on how these work.
mike
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccie2be
Sent: Friday, May 14, 2004 11:16 AM
To: Group Study
Subject: STP portfast: bpduguard vs bpdufilter
Hi guys,
I'm trying to understand when I should use bpduguard versus bdpufilter.
From
the documentation, it seems that if there's a misconfiguration, guard will
shut down the port while filter will return the port to it's default STP
configuration status by disabling portfast and resuming the listening for
bdpu's which in turn will allow STP to put the port in "Blocking" state. Is
that correct?
If that's true, then in the lab, does it matter which I use if I'm told to
configure a port such that if a device other than an end-station is attched
to
it, loops are prevented? Both will work, right?
TIA, Tim
This archive was generated by hypermail 2.1.4 : Wed Jun 02 2004 - 11:12:12 GMT-3