RE: BPDU Filter Question

From: Russell Kelly \(rukelly\) (rukelly@cisco.com)
Date: Sat Jul 08 2006 - 13:01:42 ART

• Next message: Sreenivasa Reddy.Kaki: "Re: RIP default metrics"
• Previous message: Michael Stout: "RE: RIP default metrics"
• Maybe in reply to: Russell Kelly \(rukelly\): "BPDU Filter Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hey thanks.... I know this is 'normally' the case -- but in this
instance I ask because it relates to one of the Internetworkexpert labs
(WB1 lab 6 task 1.4) - where there is also port-security configured on
the port --- I have seen a reply that therefore you can configure
portfast on this port and bpdufilter as well (albeit redundant) --
becasuse the static MAC port security ensures that only the 4 devices
can access this port --- all a little strange...??... Has anyone
else doen this lab task and/or verified the answer?

Russ

________________________________

From: Michael Stout [mailto:michaelgstout@hotmail.com]
Sent: 08 July 2006 16:56
To: Russell Kelly (rukelly); ccielab@groupstudy.com
Subject: RE: BPDU Filter Question

We did some research on this topic last year and i beleve the results
were as you describe them.

________________________________

        From: "Russell Kelly (rukelly)" <rukelly@cisco.com>
        Reply-To: "Russell Kelly (rukelly)" <rukelly@cisco.com>
        To: <ccielab@groupstudy.com>
        Subject: BPDU Filter Question
        Date: Sat, 8 Jul 2006 16:32:35 +0200
> Hi All,
>
> If I want to enable portfast on an interface but want it to
revert to
> 'normal' operation if any BPDU's are received on the port,
then I
> thought the only option was to do the following:
>
> (config)spanning-tree portfast bpdufilter default
>
> This needs to be done in global config mode because if I do
the
> interface gonfiguration (below) I don't get the same action
from the
> switch:
>
> (config-if)spanning-tree portfast
> (config-if)spanning-tree bpdufilter enable
>
> (as in the IE WB answers guide)
>
>
> The doc CD states that when portfast and bpdufilter are
enabled
> globally if any bpdu's are received on an interface then it
reverts to
> normal state in STP -- if it's enabled on the interface then
this just
> stops BPDU's and the port can cause an STP loop (esp with
portfast
> enabled)
>
> Therefore BPDU filter behaves completely differently if
enabled on an
> interface or if enabled globally -- it doesn't switch the port
back to
> normal mode if enabled on an interface level.
>
> Any comments?
>
> Thanks.

• Next message: Sreenivasa Reddy.Kaki: "Re: RIP default metrics"
• Previous message: Michael Stout: "RE: RIP default metrics"
• Maybe in reply to: Russell Kelly \(rukelly\): "BPDU Filter Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Aug 01 2006 - 07:13:47 ART