From: Dennis J. Hartmann (dennisjhartmann@hotmail.com)
Date: Mon Sep 19 2005 - 21:53:00 GMT-3
I'm wondering how everyone would interpret the following question:
Create VLAN 200 and assign port fast 0/20 to it on CAT2. Do not allow BPDU
traffic on this VLAN.
The answer says to turn off STP on VLAN 200, but I disagree with this
solution. Would turning off STP on a VLAN disallow STP traffic? I would
think that STP could still propagate the switch, but it will not be
interpretted by the switch because there will not be a static
mac-address-table entry pointed to the CPU for this particular VLAN.
I believe the solution is to enable one of the follwing commands
(config-if)# spanning-tree portfast bpdufilter enable (the scenario did not
call for portfast though)
(config-if)# spanning-tree bpdufilter enable (the scenario asked to not
allow bpdu traffic on this VLAN. Since there's no global command that can
not simultaneously filter the traffic from only VLAN 200, I think this is
the correct answer). If there's any other ports in vlan 200, they must have
the same command applied to them.
spanning-tree bpdufilter enable
Comments?
Sincerely,
Dennis J. Hartmann
White Pine Communications
CCSI#23402 / CCVP / CCIP / CCNP
Cisco Optical, VPN & IDS Specialist
MCSE
This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:15 GMT-3