5-26
Multiple Instance Spanning-Tree Operation
802.1s Multiple Spanning Tree Protocol (MSTP)
Configuring BPDU Filtering
The STP BPDU filter feature allows control of spanning-tree participation on
a per-port basis. It can be used to exclude specific ports from becoming part
of spanning tree operations. A port with the BPDU filter enabled will ignore
incoming BPDU packets and stay locked in the spanning-tree forwarding
state. All other ports will maintain their role.
Here are some sample scenarios in which this feature may be used:
■
To have STP operations running on selected ports of the switch rather
than every port of the switch at a time.
■
To prevent the spread of errant BPDU frames.
■
To eliminate the need for a topology change when a port's link status
changes. For example, ports that connect to servers and workstations
can be configured to remain outside of spanning-tree operations.
■
To protect the network from denial of service attacks that use
spoofing BPDUs by dropping incoming BPDU frames. For this
scenario, BPDU protection offers a more secure alternative, imple-
menting port shut down and a detection alert when errant BPDU
frames are received (see page page 5-27 for details).
C a u t i o n
Ports configured with the BPDU filter mode remain active (learning and
forward frames); however, spanning-tree cannot receive or transmit BPDUs
on the port. The port remains in a forwarding state, permitting all broadcast
traffic. This can create a network storm if there are any loops (that is, trunks
or redundant links) using these ports. If you suddenly have a high load,
disconnect the link and disable the bpdu-filter (using the
no
command).
Command Syntax and Example.
The following command is used to
configure BPDU filters.
Syntax:
spanning-tree <
port-list
> tcn-guard
When
tcn-guard
is enabled for a port, it causes the port to
stop propagating received topology change notifications
and topology changes to other ports.
(Default:
No
- disabled)
Syntax:
[no] spanning-tree <port-list | all> bpdu-filter
Enables/disables the BPDU filter feature on the specified port(s).
The bpdu-filter option forces a port to
always
stay in the
forwarding state and be excluded from standard STP operation.
Summary of Contents for ProCurve 2810-24G
Page 1: ...Advanced Traffic Management Guide 2810 www procurve com ProCurve Series 2810 Switches N 11 XX ...
Page 2: ......
Page 3: ...ProCurve Series 2810 Switches Advanced Traffic Management Guide July 2007 ...
Page 11: ...ix Web Viewing and Configuring Stacking 7 47 Status Messages 7 48 Index ...
Page 12: ...x ...
Page 76: ...3 18 GVRP Introduction ...
Page 271: ......