Manualshelf

Reference Guide

ManualsBrandsDell ManualsNetworkingForce10 S25-01-GE-24P
1171117211731174117511761177117811791180
Per-VLAN Spanning Tree plus (PVST+) | 1173
Command
History
Usage
Information
The BPDU guard option prevents the port from participating in an active STP topology in case a
BPDU appears on a port unintentionally, or is misconfigured, or is subject to a DOS attack. This option
places the port into an error disable state if a BPDU appears, and a message is logged so that the
administrator can take corrective action.
If shutdown-on-violation is not enabled, BPDUs will still be sent to the RPM CPU.
Root guard and loop guard cannot be enabled at the same time on a port. For example, if you configure
loop guard on a port on which root guard is already configured, the following error message is
displayed:
% Error: RootGuard is configured. Cannot configure LoopGuard.
When used in a PVST+ network, loop guard is performed per-port or per-port channel at a VLAN
level. If no BPDUs are received on a VLAN interface, the port or port-channel transitions to a
loop-inconsistent (blocking) state only for this VLAN.
Enabling Portfast BPDU guard and loop guard at the same time on a port results in a port that remains
in a blocking state and prevents traffic from flowing through it. For example, when Portfast BPDU
guard and loop guard are both configured:
If a BPDU is received from a remote device, BPDU guard places the port in an err-disabled
blocking state and no traffic is forwarded on the port.
If no BPDU is received from a remote device, loop guard places the port in a loop-inconsistent
blocking state and no traffic is forwarded on the port.
Example
Figure 46-7. spanning-tree pvst vlan Command Example
Related
Commands
Version 8.5.1.0
Introduced the
loopguard and rootguard options on the E-Series ExaScale.
Version 8.4.2.1
Introduced the loopguard and rootguard options on the E-Series TeraScale,
C-Series, and S-Series.
Version 8.2.1.0 Introduced hardware shutdown-on-violation option
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
Version 7.4.1.0 Added the optional Bridge Port Data Unit (BPDU) guard
Version 6.2.1.1 Introduced
Note: A port configured as an edge port, on a PVST switch, will immediately transition to
the forwarding state. Only ports connected to end-hosts should be configured as an edge port.
Consider an edge port similar to a port with a spanning-tree portfast enabled.
FTOS(conf-if-gi-1/1)#spanning-tree pvst vlan 3 cost 18000
FTOS(conf-if-gi-1/1)#end
FTOS(conf-if-gi-1/1)#show config
!
interface GigabitEthernet 1/1
no ip address
switchport
spanning-tree pvst vlan 3 cost 18000
no shutdown
FTOS(conf-if-gi-1/1)#end
FTOS#
show spanning-tree pvst View PVST+ configuration