Spanning-Tree Protocol BPDU Guard

REFERENCE

Configuring Optional Spanning-Tree Features

MEMO

Switch(config)#spanning-tree portfast bpduguard default

Switch(config-if)#spanning-tree bpduguard enable
  • 受信したらErrDisabledになり、ポート無効
  • 一定時間後に解除
Switch(config)#errdisable recovery cause bpduguard
Switch(config)#errdisable recovery interval 120
  • BPDUガードとBPDUフィルタを同時に使用すると、BPDUフィルタが優先される
  • 機能有無の確認
Switch#show spanning-tree summary
Switch is in pvst mode
Root bridge for: none
Extended system ID           is enabled
Portfast Default             is enabled
PortFast BPDU Guard Default  is enabled
Portfast BPDU Filter Default is disabled
Loopguard Default            is disabled
EtherChannel misconfig guard is enabled
UplinkFast                   is disabled
BackboneFast                 is disabled
Configured Pathcost method used is short

Name                   Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
Total                        0         0        0          0          0
Switch#

 

  • ポートタイプを選択する場合はedgeのみ
Switch(config-if)#spanning-tree bpduguard ?
  disable  Disable BPDU guard for this interface
  enable   Enable BPDU guard for this interface

Switch(config-if)#


Switch(config)#spanning-tree portfast edge ?
  bpdufilter  Enable portfast edge bpdu filter on this switch
  bpduguard   Enable portfast edge bpdu guard on this switch
  default     Enable portfast edge by default on all access ports

Switch(config)#
Switch(config)#spanning-tree portfast edge bpduguard ?
  default  Enable bpdu guard by default on all portfast edge ports

Switch(config)#
Switch(config)#spanning-tree portfast edge bpduguard default ?
  <cr>

Switch(config)#
Switch(config)#spanning-tree portfast network ?
  default  Enable portfast network by default on all ports

Switch(config)#
Switch(config)#spanning-tree portfast normal ?
  default  Enable normal behavior by default on all ports

Switch(config)#

コメント