Options
BPDUguard and BPDUfilter
thehourman
Member Posts: 723
in CCNA & CCENT
Can someone please explain these BPDUguard and BPDUfilter to me?
I know that they need to be use on the port that has a portfast enabled, but I would like to understand their purposes, and what they do.
Also, about the RSTP, are BPDUguard and BPDUfilter are already enabled in RSTP?
And the port security violation. Shutdown will shutdown the port, the protect will discard the frame, and restrict will send an alert to the admin via the SNMP; but what is going to happen to the frame with restrict violation enable?
Thanks
I know that they need to be use on the port that has a portfast enabled, but I would like to understand their purposes, and what they do.
Also, about the RSTP, are BPDUguard and BPDUfilter are already enabled in RSTP?
And the port security violation. Shutdown will shutdown the port, the protect will discard the frame, and restrict will send an alert to the admin via the SNMP; but what is going to happen to the frame with restrict violation enable?
Thanks
Studying:
Working on CCNA: Security. Start date: 12.28.10
Microsoft 70-640 - on hold (This is not taking me anywhere. I started this in October, and it is December now, I am still on page 221. WTH!)
Reading:
Network Warrior - Currently at Part II
Reading IPv6 Essentials 2nd Edition - on hold
Working on CCNA: Security. Start date: 12.28.10
Microsoft 70-640 - on hold (This is not taking me anywhere. I started this in October, and it is December now, I am still on page 221. WTH!)
Reading:
Network Warrior - Currently at Part II
Reading IPv6 Essentials 2nd Edition - on hold
Comments
-
Options
chrisone
Member Posts: 2,278 ■■■■■■■■■□
Although giving you the answer is easy , i can point to you in the right direction.
1. Check out the basics of Spanning Tree
2. What does STP use to communicate? (BPDU'S)
3. In order to protect your network's spanning tree roots, on the access layer (where the users plug in) what can you detect on a port and have that port disable if it detects a certain packet?
4. Do you have cameras installed on each users workstation to monitor they dont plug switches in their cubicles?
5. If a user plugs in a switch in their cubicle is it possible for their little switch to screw up your spanning tree?
RSTP is a way to make spanning tree converge faster, bpdu gaurd and bpdu filter helps this out. Also the reason for portfast lies in understanding how long a port and STP work. Look up the basics of STP again and the different port states involved in basic STP, it takes almost 30 seconds for a port to be active after STP finishes working.
Well i hope this helps
Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX