07-03-2014 11:26 AM - edited 03-04-2019 11:16 PM
The place where I am working, we have 7606 router which is connected to various LAN segments. Sub-interfaces are defined in Ethernet ports for VLAN segments. Each LAN segment is running RSTP in rings, so BPDU packets is expected on VLAN subinterfaces of router, but spanning-tree BPDU Guard is enabled on interface(not subinterface) as shown below.
interface GigabitEthernet1/6
description "Towards xyz"
mtu 9000
no ip address
storm-control broadcast level 0.10
storm-control multicast level 0.10
spanning-tree bpduguard enable
!
interface GigabitEthernet1/6.852
description "Cluster 14"
encapsulation dot1Q 852
ip address 172.19.129.188 255.255.255.224
standby version 2
standby 83 ip 172.19.129.190
standby 83 timers msec 300 1
standby 83 priority 110
standby 83 preempt
!
interface GigabitEthernet1/6.853
description "Cluster 14"
encapsulation dot1Q 853
ip address 172.19.145.188 255.255.255.224
standby version 2
standby 84 ip 172.19.145.190
standby 84 timers msec 300 1
standby 84 priority 110
standby 84 preempt
!
interface GigabitEthernet1/6.854
description "Cluster 14"
encapsulation dot1Q 854
ip address 172.19.161.188 255.255.255.224
standby version 2
standby 85 ip 172.19.161.190
standby 85 timers msec 300 1
standby 85 priority 110
standby 85 preempt
!
interface GigabitEthernet1/6.855
description "Cluster 14"
encapsulation dot1Q 855
ip address 172.19.177.188 255.255.255.224
standby version 2
standby 86 ip 172.19.177.190
standby 86 timers msec 300 1
standby 86 priority 110
standby 86 preempt
!
I need to know that will there be any effect of BPDU Guard in this situation?
Whats the point of enabling BPDU Guard here?
Will BPDU packets received on subinterface VLAN will disable the whole interface as BPDU Guard is enabled?
07-05-2014 08:25 AM
Hello.
Try to check if any span-tree instanced are bound to the interface.
If there is no instances, I would guess that the command has no effect.
07-13-2014 11:48 PM
Hi,
Try to check if any span-tree instanced are bound to the interface.
How can I check this ??
Thanks,
Nishant
07-14-2014 12:47 AM
show span int ...
07-14-2014 06:19 AM
Please find spanning tree command output:
R1#sh spanning-tree int gi1/6
no spanning tree info available for GigabitEthernet1/6
R1#sh spanning-tree interface GigabitEthernet1/6.852
no spanning tree info available for GigabitEthernet1/6.852
R1#sh spanning-tree
MST0
Spanning tree enabled protocol mstp
Root ID Priority 4096
Address 588d.09b5.8740
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 4096 (priority 4096 sys-id-ext 0)
Address 588d.09b5.8740
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/1 Desg FWD 20000 128.1 P2p
Gi1/2 Desg FWD 20000 128.2 P2p
Gi1/3 Desg FWD 20000 128.3 P2p
Gi1/4 Desg FWD 20000 128.4 P2p
Gi1/15 Desg FWD 20000 128.15 P2p
Gi1/16 Desg FWD 20000 128.16 P2p
Gi2/4 Desg FWD 200000 128.260 P2p
Te2/11 Desg FWD 2000 128.267 P2p
I think port is not involved in STP. Now, I would like to know what will happen if BPDU packet is received on any VLAN sub-interface of this interface. Will it simply drop BPDU packet as STP not running on it or, BPDU guard will disable the port completely ??
07-14-2014 08:54 AM
Hello
STP is a layer 2 feature - your ports are not switched ports they are routed so stp wont be active.
res
Paul
07-14-2014 11:10 PM
So, what role will BPDU Guard play in this scenario.?? What will happen if BPDU packet is received on any VLAN sub-interface of this interface. Will it simply drop BPDU packet as STP not running on it or, BPDU guard will disable the port completely ??
07-15-2014 01:10 AM
please provide switch interface configuration also.Perhaps the interface may be configured as edge port.
Regards
Prajith
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide