Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7662
Views
10
Helpful
3
Replies

BPDU Guard commands

Go to solution
pawels1988
Level 1
Level 1

‎09-21-2012 03:51 AM - edited ‎03-07-2019 09:00 AM

Hello everybody, I'm a CCNP student from Italy. I have a doubt about BPDU Guard commands.

If you have read "CCNP Implementing Cisco IP Switched Networks (SWITCH)", the BPDU Guard section explain the fallowing:

To enable BPDU Guard or to disable BPDU Guard on a Cisco IOS–based Catalyst switch, use the following global configuration command:

[no] spanning-tree portfast edge bpduguard default

Instead, in the "CCNP SWITCH 642-813 Official Certification Guide" explain that the BPDU global configuration command is :

[no] spanning-tree portfast bpduguard default

What is the difference between these two commands ?? They are both correct ?? What mean "edge" in the command above??

What command is better to use ??

Thanks in advance and I hope you have understood me !!

Labels:
3 Accepted Solutions

Accepted Solutions

Go to solution
Arumugam Muthaiah
Cisco Employee
Cisco Employee

‎09-21-2012 05:32 AM

Hi Pawel,

Both commands are used for the BPDU Guard globally by default on all edge ports of the switch only. See the difference below,

To enable BPDU Guard globally, perform this task

  • Cisco IOS Release 12.2(33)SXI and later releases:

          Router(config)# spanning-tree portfast edge bpduguard default

  • Earlier releases:

          Router(config)# spanning-tree portfast bpduguard default

Refer:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/stp_enha.html#wp1020395

Regards,

Aru

*** Please rate if the post is useful ***

Regards, Aru *** Please rate if the post useful ***

View solution in original post

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎09-21-2012 05:33 AM

Hi,

[no] spanning-tree portfast bpduguard default

this command was introduced in earlier versions of IOS

old command


[no] spanning-tree portfast edge bpduguard default

This command was intruduced in the later version and the latest. 

new command

So, it all depends on the IOS you are using.

HTH


View solution in original post

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎09-21-2012 07:32 AM

Hello Pawel,

To add to Aru's and Reza's answer, the command syntax was changed because of addition of a so-called Bridge Assurance feature that is currently available on some high-end switches. The Bridge Assurance is activated on ports using the spanning-tree portfast network default - hence the need to distinguish between this feature and the usual PortFast feature that got "moved" to spanning-tree portfast edge default command.

Read more about the Bridge Assurance and its configuration here:

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DC_3_0/DC-3_0_IPInfra.html#wp1037363

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/stp_enha.html#wp1052528

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/stp_enha.html#wp1055344

Best regards,

Peter

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Arumugam Muthaiah
Cisco Employee
Cisco Employee

‎09-21-2012 05:32 AM

Hi Pawel,

Both commands are used for the BPDU Guard globally by default on all edge ports of the switch only. See the difference below,

To enable BPDU Guard globally, perform this task

  • Cisco IOS Release 12.2(33)SXI and later releases:

          Router(config)# spanning-tree portfast edge bpduguard default

  • Earlier releases:

          Router(config)# spanning-tree portfast bpduguard default

Refer:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/stp_enha.html#wp1020395

Regards,

Aru

*** Please rate if the post is useful ***

Regards, Aru *** Please rate if the post useful ***

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎09-21-2012 05:33 AM

Hi,

[no] spanning-tree portfast bpduguard default

this command was introduced in earlier versions of IOS

old command


[no] spanning-tree portfast edge bpduguard default

This command was intruduced in the later version and the latest. 

new command

So, it all depends on the IOS you are using.

HTH


0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎09-21-2012 07:32 AM

Hello Pawel,

To add to Aru's and Reza's answer, the command syntax was changed because of addition of a so-called Bridge Assurance feature that is currently available on some high-end switches. The Bridge Assurance is activated on ports using the spanning-tree portfast network default - hence the need to distinguish between this feature and the usual PortFast feature that got "moved" to spanning-tree portfast edge default command.

Read more about the Bridge Assurance and its configuration here:

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DC_3_0/DC-3_0_IPInfra.html#wp1037363

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/stp_enha.html#wp1052528

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/stp_enha.html#wp1055344

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card