You kind of answered your own question. Spanning-tree portfast skips listening and learning and goes straight to forwarding. This is particularly bad if you have a switch sending BPDU's connected to that port as it can introduce a loop. Using the global command waits for the condition portfast on an interface and then applies BPDUGuard to it. On a portfast enabled port, you should never see BPDU's.
The same applies for BPDUFilter, however it does not filter on portfast enabled ports globally, but rather removes the portfast characters of a port when a BPDU is detected.
-ryan
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Erik Witkop
Sent: Thursday, September 10, 2009 2:44 PM
To: Cisco certification
Subject: bpduguard question
Entered globally:
Spanningtree portfast bpduguard default
I have a few questions about this command. When the command is entered,
it seemingly has no effect. But once you turn on portfast on the
interface level, BPDUguard is now working.
What does bpduguard have to do with portfast? It seems that they are
two separate technologies.
Blogs and organic groups at http://www.ccie.net
Received on Thu Sep 10 2009 - 15:26:46 ART
This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:03 ART