[c-nsp] Switch port with BPDU guard
Vincent De Keyzer
vincent at dekeyzer.net
Tue Jan 31 06:38:40 EST 2006
> When the switch is not running spanning-tree on a VLAN, it becomes
> transparent to spanning-tree BPDUs -- any BPDUs received will be
> forwarded just like any other packet would be. (And bpdufilter will
> have no effect on that -- bpdufilter only prevents the transmission of
> bpdus originated by the switch.)
>
> What is probably happening here is that the switch is receiving a BPDU
> on another port, and then forwarding it out Fa0/18.
>
> One think you could do is enable spanning-tree on the VLAN, then
> configure portfast and bpdufilter on every port in that VLAN.
Your analysis is correct, and your suggestion works.
Thanks a lot!
Vincent
More information about the cisco-nsp
mailing list