Reference Guide
Spanning Tree Protocol | 991
Figure 55-3. Enabling BPDU Guard
To verify the Portfast BPDU loop guard configuration on a port or port-channel interface, enter the show
spanning-tree 0 guard [interface interface] command in global configuration mode.
STP Root Selection
Although the Spanning Tree Protocol determines the root bridge, you can assign a lower priority to one
bridge to increase the likelihood that it will be selected as the root bridge. You can also configure a bridge
to be the root or secondary root.
To change the bridge priority or specify that a bridge is the root or secondary root:
FTOS Behavior: BPDU Guard and BPDU filtering (refer to Removing an Interface from the Spanning
Tree Group) both block BPDUs, but are two separate features.
BPDU Guard:
• is used on edgeports and blocks all traffic on edgeport if it receives a BPDU
• drops the BPDU after it reaches the RPM and generates a console message
BPDU Filtering:
• disables Spanning Tree on an interface
• drops all BPDUs at the line card without generating a console message
Task Command Syntax Command Mode
Assign a number as the bridge priority or designate it as the
root or secondary root.
priority-value range: 0 to 65535. The lower the number
assigned, the more likely this bridge will become the root
bridge. The default is 32768.
• The primary option specifies a bridge priority of 8192.
• The secondary option specifies a bridge priority of 16384.
bridge-priority {priority-value |
primary | secondary}
PROTOCOL
SPANNING TREE
Hub
S
witch with Spanning Tree Enabled
FTOS(conf-if-gi-3/41)# spanning-tree 0 portfast bpduguard shutdown-on-violati
on
FTOS(conf-if-gi-3/41)#show config
!
interface GigabitEthernet 3/41
no ip address
switchport
spanning-tree 0 portfast bpduguard shutdown-on-violation
no shutdown
3/41