Re: Simple Interpretation Question.

From: Chris Lewis (chrlewiscsco@gmail.com)
Date: Thu Dec 15 2005 - 16:49:38 GMT-3

• Next message: Chris Lewis: "Re: MQC ?"
• Previous message: Gustavo Novais: "RE: IEWB3.0 lab 14 4.5 -- EIGRP router not intercept eigrp"
• Maybe in reply to: Victor Cappuccio: "Simple Interpretation Question."
• Next in thread: Victor Cappuccio: "RE: Simple Interpretation Question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Victor,

I believe for bpdu guard the functionality with turning it on globally is
the same as turning it on at the interface, so from that perspective I have
been told to treat the exam like an emperor that does not really know what
he wants, but when he wants something, he wants exactly what he asked for,
nothing more and nothing less, so my inclination would be to apply it to the
interface.

However, BPDU filter does have a different behavior if you apply it globally
compared to at the interface. If BPDU filter is applied globally with
portfast, the effect is that BPDU filter will enable the switch to take a
port out of portfast state if a BPDU is detected, whereas applying BPDU
filter at the interface is like creating a boundary, no BPDUs pass the
interface either inbound or outbound.

Chris

On 12/15/05, Victor Cappuccio <cvictor@protokolgroup.com> wrote:
>
> Hello Guys
>
>
>
> Ok a simple one, this is more an interpretation question than a Technical
> Problem..
>
>
>
> Ports in vlan 2, is presenting a problem with convergence time so the
> administrator has decided to configure port-fast..
>
>
>
> Here is how we configure that,
>
>
http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration
> _guide_chapter09186a00800c9fde.html#93249
>
> More simple than that could not be.
>
>
>
> Now the interpretation question.
>
>
>
> In Order to prevent problems in the future ensure that any port in Vlan 2
> will be shut down if a device running spanning-tree protocol is detected
> (We
> need to guard from others <the way that this fits in my mind)
>
>
>
> Vlan 2 has 2 interfaces fa0/10 and fa0/11, in switch 1
>
>
>
> So we can do this by configuring bpud-guard, in global process or at
> interface level..
>
>
>
> If I do it at interface level (with or without the use of smart ports) to
> all ports of Vlan 2 will be the same as doing it at Global Level??
>
>
>
>
>
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225sec/3550scg/s
> wstpopt.htm#wp1051443
>
>
>
> My question here is because we could also have other ports in other vlans
> (not indicated in the wording) using PortFast, and if we configure this at
> global level would not be correct right?? And also the only difference I
> can
> see is that BPDU Guard will also work at Interface level without turning
> on
> PortFast?
>
>
>
> Thanks
>
> Victor.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Chris Lewis: "Re: MQC ?"
• Previous message: Gustavo Novais: "RE: IEWB3.0 lab 14 4.5 -- EIGRP router not intercept eigrp"
• Maybe in reply to: Victor Cappuccio: "Simple Interpretation Question."
• Next in thread: Victor Cappuccio: "RE: Simple Interpretation Question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:51 GMT-3