Reference Guide
694 | Spanning Tree Protocol
www.dell.com | support.dell.com
Figure 38-8. Enabling BPDU Guard
FTOS Behavior: Regarding bpduguard shutdown-on-violation behavior:
1 If the interface to be shutdown is a port channel then all the member ports are disabled in the hardware.
2 When a physical port is added to a port channel already in error disable state, the new member port will
also be disabled in the hardware.
3 When a physical port is removed from a port channel in error disable state, the error disabled state is
cleared on this physical port (the physical port will be enabled in the hardware).
4 The
reset linecard command does not clear the error disabled state of the port or the hardware disabled
state. The interface continues to be disables in the hardware.
The error disabled state can be cleared with any of the following methods:
•Perform an
shutdown command on the interface.
•Disable the
shutdown-on-violation command on the interface ( no spanning-tree stp-id portfast
[bpduguard | [shutdown-on-violation]] ).
•Disable spanning tree on the interface (
no spanning-tree in INTERFACE mode).
•Disabling global spanning tree (
no spanning-tree in CONFIGURATION mode).
FTOS Behavior: BPDU Guard and BPDU filtering (see Removing an Interface from the Spanning
Tree Group) both block BPDUs, but are two separate features.
BPDU Guard:
• is used on edgeports and blocks all traffic on edgeport if it receives a BPDU
• drops the BPDU after it reaches the RPM and generates a console message
BPDU Filtering:
• disables Spanning Tree on an interface
• drops all BPDUs at the line card without generating a console message
Hub
Switch with Spanning Tree Enabled
FTOS(conf-if-gi-3/41)# spanning-tree 0 portfast bpduguard shutdown-on-violation
FTOS(conf-if-gi-3/41)#show config
!
interface GigabitEthernet 3/41
no ip address
switchport
spanning-tree 0 portfast bpduguard shutdown-on-violation
no shutdown
3/41