BPDU Guard
Prevents problems related to switches accidentally being connected to PortFast-enabled ports. Bridging loops would normally instantly occur.
It places the port in err-disable state if it receives a BPDU - disabling the interface.
To enable BPDU Guard globally on the switch:
Switch(config)# spanning-tree portfast edge bpduguard default
To enable BPDU Guard at the interface level:
Switch(config)# spanning-tree bpduguard enable
BPDU Filtering
Prevents BPDUs from being transmitted from PortFast-enabled interfaces.
When enabled globally on the switch:
- Configures all PortFast ports for BPDU filtering
- If BPDUs are seen, the port looses its PortFast status, BPDU filtering is disabled, and STP resumes default operation on the port
- When the port comes up, it sends 10 BPDUs, if it hears any BPDUs during that time PortFast and BPDU filtering are disabled
When applied to an individual port:
- It ignores all BPDUs it receives
- It does not transmit BPDUs
Note: If you enable BPDU Guard and BPDU filtering on the same interface, BPDU Guard has no effect because BPDU filtering has precedence over BPDU Guard.
Read the rest of this entry »
MST expands upon the IEEE 802.1w RST algorithm in an attempt to reduce the number of STP instances, thus reducing the required CPU cycles on a switch. MST enables you to group VLANs and associate them with spanning tree instances. Each instance’s topology can be independent of the rest, optimizing load balancing and fault tolerance measures. MST is also backwards compatible with all older STP variations.
Switches participating in MST that have the same MST configuration information are referred to as a region. Switches with different MST configurations or that are running legacy 802.1D are considered separate MST regions.
MST is usually not implemented in campus environments because if you follow the local VLAN model (recommended by Cisco), there should not be that many VLANs on any given switch because they should only extend to the switch block boundary. That makes RPVST+ a better choice because of it’s simpler configuration.
Read the rest of this entry »
Our family was out of town for the weekend visiting family, so needless to say, my studying momentum has slowed. I’m going to try and wrap up all the spanning tree related notes this week so I can move onto more interesting topics (like high-availability). Hang with me while we push through spanning tree – it’s a big part of layer 2 in most enterprise deployments and is really important to understand more than just the fundamentals.
As always, if you have comments or questions, leave a comment. Those command-line tips are always appreciated.
Rapid Spanning Tree Protocol (IEEE 802.1w) was introduced to dramatically speed up STP’s convergence when network changes occur.
RSTP can revert to 802.1D (common spanning-tree) to inter-operate with legacy bridges on a per-port basis.
A rapid version of PVST+, RPVST+ is a per-VLAN implementation of rapid spanning-tree.
RSTP Port States
- Discarding
- Merges the former disabled, blocking, and listening states
- Prevents the forwarding of frames
- Seen in both stable/active and synchronization/changes
- Learning
- Receives frame to populate the MAC table
- Seen in both stable/active and synchronization/changes
- Forwarding
- Forwarding ports determine the active topology
- An agreement process between switches occurs before frames can be forwarded
- Only seen in stable/active topologies
Note: In every RSTP port state, BPDU frames are accepted and processed. Read the rest of this entry »
