[c-nsp] bpduguard and trunks?

Dale W. Carder dwcarder at wisc.edu
Thu Dec 3 10:15:52 EST 2009


Hi Howie,

Check out the command
"errdisable detect cause bpduguard shutdown vlan"

Dale

On Dec 3, 2009, at 8:29 AM, Howard Jones wrote:

> I've just run into an odd problem, and was wondering if anyone else
> could clarify this for me.
> 
> [c1]---[Sw1]----------[Sw2]---[c2]
> 
> c1 and c2 are client devices. Sw1 and Sw2 are 3750Gs with a trunk
> between them. c1 has a trunk to Sw1. One of the vlans in that trunk as
> passed along the sw1-sw2 trunk to c2.
> 
> The port facing c1 has bpduguard enabled. Halfway through adding vlans,
> Sw2 complains about inconsistent BPDUs, and the root bridge mac address
> is that of c1. It shuts down the trunk port, which is kind of annoying.
> 
> Does bpduguard only affect access ports and not trunks? That's the only
> explanation I can see for what is going on. The manual doesn't exactly
> say either way: "At the interface level, you enable BPDU guard on any
> interface by using the spanning-tree bpduguard enable interface
> configuration command without also enabling the Port Fast feature.". Sw1
> also has '|no spanning-tree vlan 1-4090|' - will that help or hinder, here?
> 
> I think the real answer is to stop using switches to ship stuff between
> sites like this, but that is a battle for another day.
> 
> Thanks in advance for any illumination...
> 
> Howie
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list