Re: spanning-tree portfast bpduguard default global configuratio

jhines · ‎05-10-2011

HI

It is my understanding that when configuring the global command spanning-tree portfast bpduguard default this will only apply BPDUguard only

on ports already configured with the portfast command and not on trunk ports.

I would like to apply this global command however, I have notice we have some trunk ports configured with the portfast trunk statment and I am not sure what will happen to these interfaces if the global command is applied.

Does anybody else know the outcome of applying the global command on interfaces with the portfast trunk command.

My opinion is that this port should be skipped and BPDUguard not applied because it is essentially a trunk port but, because of the portfast statement im concerned that if i apply the global command, these ports will be configured and could be shutdown/errordisabled as a consquence.

By the way, the trunk ports in question connect our wireless AP to our edge switches....

Any help or advice would be appreciated...

Regards

Jason

Latchum Naidu · ‎05-10-2011

Hi Jason,

Portfast indeed should only be enabled on access ports. When you configure 'spanning-tree portfast default', the portfast feature is enabled on all ports. On trunk ports, you need to manually disable this feature with the 'no spanning-tree portfast' command.

You do not need to configure the BPDUguard on the trunk ports, since portfast should be disabled on these ports anyway.

On trunk ports, it is advisable to configure the Root Guard feature, in order to prevent STP reelection caused by a rogue switch:

Please click on the correct answer on all posts if they answered your question.
Regards,
Naidu.

spanning-tree portfast bpduguard default global configuration command