Options
BPDU Filter Questions on Global Configuration Mode and Interface Configuration Mode
vazurahan
Member Posts: 23 ■□□□□□□□□□
in CCNA & CCENT
I just would like to verify if which of these is correct.
It says on page 535 of the 7th Edition
"a switch port that has PortFast enabled will still receive BPDUs by default, you can use BPDUFilter to completely stop BPDUs from coming to or going from that port. BPDUFilter filtering will immediately take a port out of PortFast if it receives a BPDU and force the port to be part of the STP topology again."
Then, it shows on the example configuration, which is on the Interface Configuration mode.
S1(config-if-range)#spanning-tree bpdufilter ?
disable Disable BPDU filtering for this interface
enable Enable BPDU filtering for this interface
S1(config-if-range)#spanning-tree bpdufilter enable
Based on cisco documents it will stop sending and receiving BPDU's if BPDUFilter is configured on Interface Configuration mode. And it will only disable PortFast if BPDUFilter is configured on port Global Configuration mode.
Here are the documents
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/stp_enha.html#wp1033403
Catalyst 3560 Switch Software Configuration Guide, Release 12.2(55)SE - Configuring Optional Spanning-Tree Features [Cisco Catalyst 3560 Series Switches] - Cisco Systems
Here's another article but it's not from Cisco
http://blog.ipexpert.com/2010/12/06/bpdu-filter-and-bpdu-guard/
This one even says that there's a difference between globally configured PortFast and interface configured PortFast.
Can you please share you insight about this? I'm confused about this Cisco features.
The function BPDUFilter is that it stops a port from sending and receiving BPDUs if it is enabled from a port. Based on that logic, the port should drop any BPDUs it receives.
But based on the book and other resources that it will disable PortFast and disable BPDUFilter itself if it receives a BPDU which is contradicting to the statement that it will stop receiving BPDUs.
What I think is that, if BPDUFilter is enabled on an interface by itself (That means PortFast isn't enabled on the interface), it does stop sending and receiving BPDUs. But if PortFast is enabled together with BPDUFilter, that's when it listens to BPDUs and disable PortFast and BPDUFilter altogether when a BPDU is received. Is that correct?
Sorry for the long post.
It says on page 535 of the 7th Edition
"a switch port that has PortFast enabled will still receive BPDUs by default, you can use BPDUFilter to completely stop BPDUs from coming to or going from that port. BPDUFilter filtering will immediately take a port out of PortFast if it receives a BPDU and force the port to be part of the STP topology again."
Then, it shows on the example configuration, which is on the Interface Configuration mode.
S1(config-if-range)#spanning-tree bpdufilter ?
disable Disable BPDU filtering for this interface
enable Enable BPDU filtering for this interface
S1(config-if-range)#spanning-tree bpdufilter enable
Based on cisco documents it will stop sending and receiving BPDU's if BPDUFilter is configured on Interface Configuration mode. And it will only disable PortFast if BPDUFilter is configured on port Global Configuration mode.
Here are the documents
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/stp_enha.html#wp1033403
Catalyst 3560 Switch Software Configuration Guide, Release 12.2(55)SE - Configuring Optional Spanning-Tree Features [Cisco Catalyst 3560 Series Switches] - Cisco Systems
Here's another article but it's not from Cisco
http://blog.ipexpert.com/2010/12/06/bpdu-filter-and-bpdu-guard/
This one even says that there's a difference between globally configured PortFast and interface configured PortFast.
Can you please share you insight about this? I'm confused about this Cisco features.
The function BPDUFilter is that it stops a port from sending and receiving BPDUs if it is enabled from a port. Based on that logic, the port should drop any BPDUs it receives.
But based on the book and other resources that it will disable PortFast and disable BPDUFilter itself if it receives a BPDU which is contradicting to the statement that it will stop receiving BPDUs.
What I think is that, if BPDUFilter is enabled on an interface by itself (That means PortFast isn't enabled on the interface), it does stop sending and receiving BPDUs. But if PortFast is enabled together with BPDUFilter, that's when it listens to BPDUs and disable PortFast and BPDUFilter altogether when a BPDU is received. Is that correct?
Sorry for the long post.
Comments
-
Options
Mierdin
Member Posts: 79 ■■□□□□□□□□
If you configure global BPDU filtering, each port acts as if it was configured with portfast, EXCEPT it will come out of that mode if a BPDU is received. Then that port participates normally in STP.
Per the Cisco documentation:When PortFast BPDU filtering is explicitly configured on a port, it does not send any BPDUs and drops all BPDUs it receives.
If it's a port-specific configuation, it's like configuring portfast statically on that port and all BPDUs will be ignored. With this configuration, you should be sure that the port will never be connected to another switch."We gain complexity by linking together. To be isolated within a single platform is to be reduced. We see less. Understand less. It is quieter.” -Legion
Current Focus: CCIE R/S
Blog -- Keeping It Classless -
Optionsvazurahan
Member Posts: 23 ■□□□□□□□□□
What if I also explicitly enable PortFast on the port so that both PortFast and BPDU Filter at both explicitly enabled. BPDUs will still be dropped?