spanning-tree bpdu-guard

描述

Enables the BPDU guard on the selected switch interface. When BPDU guard is enabled, interfaces receiving MSTP BPDUs become disabled.

BPDU protection is a security feature designed to protect the active MSTP topology by preventing spoofed BPDU packets from entering the MSTP domain. In a typical implementation, BPDU protection would be applied to edge ports connected to end user devices that do not run MSTP. If MSTP BPDU packets are received on a protected port, this feature disables that port and alerts the network manager using an SNMP trap.

Occasionally a hardware or software failure can cause MSTP to fail, creating forwarding loops that can cause network failures where unidirectional links are used. The non-designated port transitions in a faulty manner because the port is no longer receiving MSTP BPDUs.

The没有com的形式mand disables BPDU guard on the selected interface.

Command context

config-if

权威

Administrators or local user group members with execution rights for this command.

Examples

On the 6400 Switch Series, interface identification differs.

Enabling the BPDU guard on interface 1/1/1:

switch(config)#interface 1/1/1switch(config-if)#spanning-tree bpdu-guard

Disabling BPDU guard on interface 1/1/1:

switch(config)#interface 1/1/1switch(config-if)#没有spanning-tree bpdu-guard