Spanning Tree - BPDU Gaurd + Hubs
TheBlueRaja
Member Posts: 12 ■□□□□□□□□□
in CCNP
Hi All,
Im slightly confused about this feature, my understanding is that if you have a port with portfast enabled and connect a switch downstream, BPDU Guard will actively block the incoming BPDU's and put the port into err-disabled state.
However i was wondering if this feature would also protect the port with BPDU Guard enabled from a Hub being connected downstream?
My initial reaction was to think it would not due to BPDU's being a feature unique to a switch (am i right?) however the wonderfully concise Cisco Press CCNP BCMSN Exam Certification Guide
By David Hucaby, a series which have always been an entertaining and humerous read from start to finish and difficult to put down
, confused the living hell out of me on this one.
It says:-
Use BPDU Guard on all Switch ports where STP Portfast is enabled. This prevents any possibility that a switch being added to the port, either intentionally or by mistake. BPDU's would not normally be expected there and would be detected if a switch or hub was inadvertently connected. Naturally, BPDU gard does not prevent a bridging loop from forming if a hub is connected to the portfast port.
So which is it, this paragraph says switch, then switch or a hub, then not a hub.
Im slightly confused about this feature, my understanding is that if you have a port with portfast enabled and connect a switch downstream, BPDU Guard will actively block the incoming BPDU's and put the port into err-disabled state.
However i was wondering if this feature would also protect the port with BPDU Guard enabled from a Hub being connected downstream?
My initial reaction was to think it would not due to BPDU's being a feature unique to a switch (am i right?) however the wonderfully concise Cisco Press CCNP BCMSN Exam Certification Guide
By David Hucaby, a series which have always been an entertaining and humerous read from start to finish and difficult to put down
, confused the living hell out of me on this one.It says:-
Use BPDU Guard on all Switch ports where STP Portfast is enabled. This prevents any possibility that a switch being added to the port, either intentionally or by mistake. BPDU's would not normally be expected there and would be detected if a switch or hub was inadvertently connected. Naturally, BPDU gard does not prevent a bridging loop from forming if a hub is connected to the portfast port.
So which is it, this paragraph says switch, then switch or a hub, then not a hub.
Comments
He means its very easy for someone to plug a hub into the switchport without realising what else is hanging off that hub.Since a hub has many ports there is a good chance one is connected to another switch,good practice would be to enable bpdu guard on switch ports connected to hubs.
Hubs are great for troubleshooting that is about it. I'm not sure if you can buy them new anymore but you can find some used ones.....
Thanks,
Should have thought of that!
Thanks for the input guys but word to the wise, in the real world, its amazing what some users will find and attach to a network so even if hubs are hard to find now there are still quite few out there.
CCNP Progress
ONT, ISCW, BCMSN - DONE
BSCI - In Progress
http://www.redwarriornet.com/ <--My Cisco Blog