Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1546
Views
0
Helpful
9
Replies

BPDU filter is enabled internally

Go to solution
paulstone80
Level 3
Level 3

‎12-13-2012 01:41 AM - edited ‎03-07-2019 10:35 AM

Hello,

When I look at the output from 'show spanning-tree interface gi1/0/1 detail', I can see that the interface has 'BPDU filter enabled internally'.

There are no BPDU filter commands enabled on the switch, either globally or at an interface level, so I wondered what this message refers to?

Thanks,
Paul

HTH Paul ****Please rate useful posts****
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sebastian Helmer
Level 5
Level 5
In response to paulstone80

‎12-13-2012 06:13 AM

maybe that is a normal output in stacked setup..what IOS version do you use? How is the other coresponding switchport configured.

like we see, BPDUs will be sent and received, so the BPDU-Filter is not working...

I found a post, where in the default config, it looks the same and BPUD Filter was not enabled.

http://networkingnerd.net/2010/11/23/bluntly-bpduthe-redux

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Sebastian Helmer
Level 5
Level 5

‎12-13-2012 02:04 AM

In the default config, BPDU-Filter is off, check if the "spanning-tree bpdufilter enable" command is used on the interface base. BPDU filter is only a interface command.

0 Helpful

Go to solution
paulstone80
Level 3
Level 3
In response to Sebastian Helmer

‎12-13-2012 02:17 AM

Hi Sebastian,

There are no spanning-tree commands set at the interface level.

interface GigabitEthernet1/0/1

description ***Uplink to core***

switchport trunk encapsulation dot1q

switchport mode trunk

load-interval 30

end

But the spanning-tree detail shows BPDU filter is enabled internally

Port 1 (GigabitEthernet1/0/1) of VLAN0001 is forwarding

   Port path cost 4, Port priority 128, Port Identifier 128.1.

   Designated root has priority 32769, address 000a.b849.f980

   Designated bridge has priority 32769, address 000a.b849.f980

   Designated port id is 128.1, designated path cost 0

   Timers: message age 2, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   Link type is point-to-point by default

   Bpdu filter is enabled internally

   BPDU: sent 5, received 37473

Paul      

HTH Paul ****Please rate useful posts****
0 Helpful

Go to solution
Sebastian Helmer
Level 5
Level 5
In response to paulstone80

‎12-13-2012 02:34 AM

I'm sorry there is a global command too...

 spanning-tree portfast bpdufilter default

you can check that with:

 show spanning-tree summary totals

if that all did not help, did you every try to disable it per inerteface?

spanning-tree bpdufilter disable

0 Helpful

Go to solution
paulstone80
Level 3
Level 3
In response to Sebastian Helmer

‎12-13-2012 05:18 AM

Hi Sebastian,

The global command spanning-tree portfast bpdufilter enable is not in the global configuration either.

I'm not going to attempt to disable the bpdu filter because these switches are in a production environment.

My question was why I see BPDU filter is enabled internally when there are no BPDU filtering commands in the configuration?

Thanks,

Paul

HTH Paul ****Please rate useful posts****
0 Helpful

Go to solution
nickbonifacio
Level 1
Level 1
In response to paulstone80

‎12-13-2012 05:41 AM

HI Paul,

Can you do the following command on the interface in question?

show spanning-tree interface ***** detail

You should se output similar to this:

                     spanning-tree interface f1/0/1 detail

Port 3 (FastEthernet1/0/1) of VLAN0150 is designated forwarding

   Port path cost 19, Port priority 128, Port Identifier 128.3.

   Designated root has priority 4246, address 0cd9.9669.2e00

   Designated bridge has priority 4246, address 0cd9.9669.2e00

   Designated port id is 128.3, designated path cost 0

   Timers: message age 0, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   The port is in the portfast mode

   Link type is point-to-point by default

   Bpdu guard is enabled

   Bpdu filter is enabled

   BPDU: sent 0, received 0 WH-ATL-3750V2#sh spanning-tree interface f1/0/1 detail
Port 3 (FastEthernet1/0/1) of VLAN0150 is designated forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.3.
   Designated root has priority 4246, address 0cd9.9669.2e00
   Designated bridge has priority 4246, address 0cd9.9669.2e00
   Designated port id is 128.3, designated path cost 0
   Timers: message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   The port is in the portfast mode
   Link type is point-to-point by default
   Bpdu guard is enabled
   Bpdu filter is enabled
   BPDU: sent 0, received 0

This will tell you with certainty if BPDUfilter is really on.

Thanks!

Nick

Nick Bonifacio CCIE #38473
0 Helpful

Go to solution
paulstone80
Level 3
Level 3
In response to nickbonifacio

‎12-13-2012 05:47 AM

Hi Nick,

Output below:

Switch#sh spanning-tree interface gi1/0/1 detail

Port 1 (GigabitEthernet1/0/1) of VLAN0001 is forwarding

   Port path cost 4, Port priority 128, Port Identifier 128.1.

   Designated root has priority 32769, address 000a.b849.f980

   Designated bridge has priority 32769, address 000a.b849.f980

   Designated port id is 128.1, designated path cost 0

   Timers: message age 2, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   Link type is point-to-point by default

   Bpdu filter is enabled internally

   BPDU: sent 5, received 43729

I think the output suggests that BPDU is not enabled within the configuration, but it is enabled on some internal level. This switch is part of a 3750 stack if that makes any difference?

Thanks,

Paul

HTH Paul ****Please rate useful posts****
0 Helpful

Go to solution
Sebastian Helmer
Level 5
Level 5
In response to paulstone80

‎12-13-2012 06:13 AM

maybe that is a normal output in stacked setup..what IOS version do you use? How is the other coresponding switchport configured.

like we see, BPDUs will be sent and received, so the BPDU-Filter is not working...

I found a post, where in the default config, it looks the same and BPUD Filter was not enabled.

http://networkingnerd.net/2010/11/23/bluntly-bpduthe-redux

0 Helpful

Go to solution
bharat.rajwanshi
Level 1
Level 1
In response to Sebastian Helmer

‎12-13-2012 06:15 AM

can you check if BPDU filter is enabled under port-channel? this can reflect on interfaces as well

0 Helpful

Go to solution
paulstone80
Level 3
Level 3
In response to Sebastian Helmer

‎12-19-2012 01:07 PM

I checked the output against some other non-stacked 3750's, and the non-stacked switches don't show BDPU filter enabled internally, so i'm sticking with it being due to the switches being stacked unless i'm told otherwise!

Thanks for your input guys

HTH Paul ****Please rate useful posts****
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card