Yesterday’s QoD:
Given the following configuration on a 3560 switch:
interface FastEthernet0/1
switchport access vlan 101
You are tasked with ensuring that all communications are stopped on this port if the spanning-tree protocol is detected on this port.
Here are the results:
| Answer | % |
| spanning-tree bpduguard enable (interface) | 85% |
| spanning-tree portfast bpduguard default (global) | 7% |
| spanning-tree bpdufilter enable (interface) | 6% |
| spanning-tree portfast bpdufilter default (global) | 1% |
The answer: spanning-tree bpduguard enable (interface)
Get comfortable with the “Configuring Optional Spanning-Tree Features” section of the 3560/3550 configuration guide as you are very likely to see a question or two relating these technologies on your practice labs. In this case the technology that you want to use is bpduguard. This feature will completely stop traffic on a port if there is a BPDU received on that port. This command can be configured at the global or port level with a few differences in operation:
‘spanning-tree bpduguard enable’ under an interface will put the interface into error-disabled mode if a BPDU is received on that port. The portfast feature does not need to be configured on the interface.
‘spanning-tree portfast bpduguard default’ at the global level will affect all ports on your switch that have the ‘portfast’ feature enabled. Those ports will be shutdown if they receive a BPDU.
In our question, ‘portfast’ is not enabled on the interface so we need to use ‘spanning-tree bpduguard enable’ under the interface.
Leave a Reply