STP loops can be costly, causing major network outages. The following STP features can be used to
improve the stability of the Layer 2 networks.
Bridge Protocol Data Unit (BPDU) Guard
Bridge protocol data units (BPDU) are data messages exchanged between bridges using spanning tree protocol
to detect loops in a network topology. BPDU contains management and control data information that is used to
determine the root bridge and establish the port roles??”for example: root, designated, or blocked port.
The BPDU Guard feature is designed to keep the active topology predictable and to enhance switch network
reliability by enforcing the STP domain borders.
The guard can be enabled globally on the switch or enabled on a per-interface basis. In a valid configuration,
ports with port fast enabled do not receive BPDUs. Receiving a BPDU on a port with port fast enabled signals an
invalid configuration, such as the connection of an unauthorized device, and the BPDU Guard feature puts the
interface in the error-disabled state.
At the global level, BPDU Guard can be enabled on a port with port fast enabled using the spanning-tree
portfast bpduguard default global configuration command. Spanning tree shuts down interfaces that are in a
port fast operational state.
Pages:
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186