Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!
ali ezzat1

BPDU Guard not working and loops happened



user takes a network cable and plugs it into two wall jacks, this creates a loop, a broadcast storm will likely follow. This happened to us by having an end user hooking up their IP phone to two network jacks. It brought down the entire network.


- BPDU guard enabled globally 

- BPDU filter not enabled

- Port Fast Enabled 






STP-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV


what is the solution ?

VIP Expert

Technically if the configuration is done correctly - if you connect 2 ports of the same switch together, STP should detect the loop and should place one of the ports into a blocking state.


edge port even if you configured portfast (which move directly forward state - this should only be configured for the end device or edge ports) still STP should detect and block the port. the configuration should be applied rest of the network devices too were necessary to get optimal results.


here is the example : (on IOS)


global config  -  spanning-tree portfast bpdufilter default

interface  - spanning-tree portfast


But we would like to see your configuration what configured to suggest better.


Good guide :



*** Rate All Helpful Responses ***

The configuration like your example

But bpdu guard not bpdu filter in global

And all access ports configured as port fast

But is this possible to see some of your configuration along with spanning tree?


post below information :


show version

show run

show spanning-tree brief


Tell us what interface that was accidentally connected to each other. ( post all the more logs if you have copied).




*** Rate All Helpful Responses ***

VIP Advisor


 - Ref :

 Whilst not related to  your platform , from this guide I get :

   Error Message STP-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on [chars] [chars].

Explanation The list interface received a SSTP BPDU that was missing the VLAN id tag. The BPDU is discarded.

 This makes me suspect that  this could be a software bug. Check current software version on your device , make sure it is not too old. If applicable , available and or feasible upgrade to advisory release and check if the problem persists or nor.


paul driver
VIP Mentor


@ali ezzat1 wrote:

This happened to us by having an end user hooking up their IP phone to two network jacks. It brought down the entire network.

Do you have spaaning-tree enabled for the vlans those ports are assined too?

kind regards

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

you cant have bpdu on trunk ports, ensure you  have spanning tree enabled, also check for any un-managed switches connected as they are a pain in the backside.

Joseph W. Doherty
Hall of Fame Expert

What variant of STP are you running?

BTW, I've read that sometimes Cisco STP protection features, to prevent L2 loops when using port fast, might not engage fast enough. I.e. a L2 loop can impact your network, adversely, including further preventing the protection feature from working at all.