Re: BPDU Filtering and PortFast Relationship

From: ismail el-shalh (ishelh_mdsa@yahoo.com)
Date: Sat Apr 21 2007 - 03:00:19 ART

• Next message: Narbik Kocharians: "Re: Real CCIE Labs Website"
• Previous message: Brad Ellis: "Re: Online Racks"
• Maybe in reply to: WorkerBee: "BPDU Filtering and PortFast Relationship"
• Next in thread: Victor Cappuccio: "RE: BPDU Filtering and PortFast Relationship"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

 George

I think you should configure a layer 2 access-list, deny the STP frames and allow every thing else , there are some labs did such scenarios.

Ismail El-Shalh

----- Original Message ----
From: WorkerBee <ciscobee@gmail.com>
To: George Bekmezian <george@bekmezian.com>
Cc: Cisco certification <ccielab@groupstudy.com>; nobody@groupstudy.com
Sent: Saturday, April 21, 2007 5:21:24 AM
Subject: Re: BPDU Filtering and PortFast Relationship

Bpduguard will put the port into err-disable state which is undesirable and
can be disruptive.
However, what if I still want Portfast state and BPDU filtering as part of
the requirement?

The reason is, if I disable Portfast but with BPDU filtering enable, the
port will always stay up
regardless if that port receive any bpdu packets.

On 4/21/07, George Bekmezian <george@bekmezian.com> wrote:
>
>
> It's probably done that way as a protective measure. Why not just enable
> bpdu guard on the interface too?
>
>
> George
>
>
> *WorkerBee <ciscobee@gmail.com>*
> Sent by: nobody@groupstudy.com
>
> 04/20/2007 09:23 PM Please respond to
> WorkerBee <ciscobee@gmail.com>
>
> To
> "Cisco certification" <ccielab@groupstudy.com> cc
>
> Subject
> BPDU Filtering and PortFast Relationship
>
>
>
>
>
>
> Hi Group,
>
> This is something that confused me.
>
> If "BPDU filtering" + "Port Fast" is enabled globally, why does a
> switchport
> loses it's Port Fast status as well as BPDU filtering when a BPDU
> packet is received from that particular port?
>
> If I want BPDU filtering protection and Port Fast status of a switch
> port, why upon
> receiving a BPDU from a PortFast port turned off both features?
>
> So how can I ensure I still have PortFast enable and BPDU filtering
> just block the BPDU packets from the PortFast port and yet has both
> features enable without losing their status?
>
>
>
> Reference link,
>
>
> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12235se/cr/cli3.htm#wp1946892
>
> You should globally enable BPDU filtering on a switch so that hosts
> connected to switch interfaces do not receive BPDUs. If a BPDU is
> received on a Port Fast-enabled interface, the interface loses its
> Port Fast-operational status and BPDU filtering is disabled.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Narbik Kocharians: "Re: Real CCIE Labs Website"
• Previous message: Brad Ellis: "Re: Online Racks"
• Maybe in reply to: WorkerBee: "BPDU Filtering and PortFast Relationship"
• Next in thread: Victor Cappuccio: "RE: BPDU Filtering and PortFast Relationship"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:36 ART