From: Dillon Yang (gzdillon@hotmail.com)
Date: Sat Mar 26 2005 - 09:31:00 GMT-3
Hi, Mihai:
I agree your understanding, or have no solution.
TIA
dillon
----- Original Message -----
From: "Mihai Petcu" <mpetcu2004@yahoo.com>
To: "Dillon Yang" <gzdillon@hotmail.com>; "Balaji Siva" <bsivasub@gmail.com>
Cc: "Group Study" <ccielab@groupstudy.com>
Sent: Saturday, March 26, 2005 5:01 PM
Subject: Re: bpdufilter vs bpduguard
> Hi Dillon,
>
> I think the answer to your problem is
> spanning-tree portfast together with spanning-tree
> bpdufilter enable and the reason is :
>
> spanning-tree portfast - solves the part of
> your question that says "go to forwarding fastly".
>
> spanning-tree bpdufilter enable - solves the
> part of your question that says "change its state to
> block" because if that port receives a BPDU it loses
> its "portfast" status and reverts back to a "normal
> STP port" that goes all the way up from STP "blocking"
> state to STP "forwarding" state in order to forward
> traffic.
>
> What do you think ?
>
> HTH,
>
> Mihai
>
>
> --- Dillon Yang <gzdillon@hotmail.com> wrote:
> > Hi, Balaji:
> >
> > It sounds right. But if I am asked for a task that
> > a port need to go to forwarding fastly and should
> > change its state to block when it receive bpdu
> > packets, what can I do?
> > bpduguard is not the answer for the port goes to
> > err-disable, bpdufilter is not too, for the port
> > lose its portfast attribute to normal STP process.
> >
> >
> > TIA
> > dillon
> >
> > ----- Original Message -----
> > From: "Balaji Siva" <bsivasub@gmail.com>
> > To: "Dillon Yang" <gzdillon@hotmail.com>
> > Cc: "Group Study" <ccielab@groupstudy.com>
> > Sent: Saturday, March 26, 2005 2:34 PM
> > Subject: Re: bpdufilter vs bpduguard
> >
> >
> > > BPDU filter = stops "sending" bpdu on the
> > port-fast enabled port
> > > BPDU guard = err-disable if the switch
> > "receives" a bpdu on a
> > > port-fast enabled port
> > >
> > > BPDU filter enabled port does not send BPDU.. STP
> > disabled port does
> > > not send BPDU. Since Portfast is also enabled,
> > the port goes directly
> > > to forwarding so basically the port acts as if STP
> > is disabled on the
> > > port (but in fact it is running and it would save
> > you from shooting
> > > yourself in the foot if you had actually disabled
> > STP completedly on
> > > that port)
> > >
> > > HTH
> > > Balaji
> > >
> > >
> > > On Sat, 26 Mar 2005 09:54:01 +0800, Dillon Yang
> > <gzdillon@hotmail.com> wrote:
> > > > Hi, group:
> > > >
> > > > I'm confused by the two command "spanning-tree
> > bpdufilter " and "spanning-tree bpduguard enable ".
> > > > <quote> If a BPDU is received on a
> > PortFast-enabled port, the port loses its
> > PortFast-operational status, and BPDU filtering is
> > disabled. </quote>
> > > >
> > > > So I think the former do nothing with filtering
> > and the latter truly filter the BPDU by making the
> > port "error-disable".
> > > >
> > > > <quote> Caution Enabling BPDU filtering on an
> > interface is the same as disabling spanning tree on
> > it and can result in spanning-tree loops. </quote>
> > > >
> > > > I can not understand how "BPDU filtering " is
> > the same as "disabling spanning tree "?
> > > >
> > > > TIA
> > > > dillon
> > > >
> > > >
> >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Small Business - Try our new resources site!
> http://smallbusiness.yahoo.com/resources/
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:52 GMT-3