cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
905
Views
0
Helpful
6
Replies

Confused about BPDU filtering

droeun141
Level 1
Level 1

Found this on Cisco's website:

At the global level, you can enable BPDU filtering on Port Fast-enabled interfaces by using the
spanning-tree portfast bpdufilter default global configuration command. This command prevents
interfaces that are in a Port Fast-operational state from sending or receiving BPDUs
. The interfaces still
send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should globally
enable BPDU filtering on a switch so that hosts connected to these interfaces do not receive BPDUs. If
a BPDU is received on a Port Fast-enabled interface, the interface loses its Port Fast-operational status,
and BPDU filtering is disabled.

It says the command prevents the interface from sending or receiving BPDU's, but at the same time says that if a BPDU is received, the interfaces loses portfast status and BPDU filtering is disabled.  Doesn't this defeat the whole purpose of the command?

6 Replies 6

Jon Marshall
Hall of Fame
Hall of Fame

droeun141 wrote:

It says the command prevents the interface from sending or receiving BPDU's, but at the same time says that if a BPDU is received, the interfaces loses portfast status and BPDU filtering is disabled.  Doesn't this defeat the whole purpose of the command?

No, because as soon as the port loses it's portfast status then it must go through the full STP process of listening/learning and then either blocking or forwarding. Portfast is used to allow a host to immediately being sending and receiving packets.  Once portfast is disabled you absolutely don't want to be filtering BPDUs because that port could potentially be creating a loop in your network. So you want it to send and receive BPDUs so it can work out whether it should be blocking or forwarding.

Jon