Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
969
Views
5
Helpful
3
Replies

Where to run BPDU filtering....

Go to solution
jimmysands73_2
Level 5
Level 5

‎10-27-2011 10:50 PM - edited ‎03-07-2019 03:06 AM

I uinderstand BDPU guard and where to run it...but where would you run BPDU Filtering and why?  Meaing in the real world....

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Eugene Khabarov
Level 7
Level 7
In response to cadet alain

‎10-28-2011 01:02 AM

This is not good idea to use bpdufilter with portfast since it can lead to unconditional loops in your network by unauthorized switches/hubs connected to this ports.

The better example to add bpdufilter is a link between PE-CE if you certainly know that you have single connection between your vlans with ISP/customer.

This is since you can't know exactly the policy on the other side. Some ISPs uses bpduguard for example and as soon as your connnects your switch to ISP it will be errdisabled. Another strong reason is you wouldn't share your STP topology with customer/ISP.

__

HTH. Please rate this post if it was helpful. If this solves your problem, please mark this post as "Correct Answer"

View solution in original post

3 Replies 3

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎10-28-2011 12:30 AM

Hi,

Personnaly I wouldn't use BPDU filter on PortFast ports because as soon as they receive a BPDU they lose their PortFast status and  why not configure access ports with PortFast so then stick with BPDU guard.

I really don't see the advantages/use of BPDU filter vs BPDU guard so if experts here could answer your question they at the same time clear my thoughts about this feature.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
Eugene Khabarov
Level 7
Level 7
In response to cadet alain

‎10-28-2011 01:02 AM

This is not good idea to use bpdufilter with portfast since it can lead to unconditional loops in your network by unauthorized switches/hubs connected to this ports.

The better example to add bpdufilter is a link between PE-CE if you certainly know that you have single connection between your vlans with ISP/customer.

This is since you can't know exactly the policy on the other side. Some ISPs uses bpduguard for example and as soon as your connnects your switch to ISP it will be errdisabled. Another strong reason is you wouldn't share your STP topology with customer/ISP.

__

HTH. Please rate this post if it was helpful. If this solves your problem, please mark this post as "Correct Answer"

Go to solution
jimmysands73_2
Level 5
Level 5
In response to Eugene Khabarov

‎10-28-2011 08:42 PM

Thank you both.

Cadat...here is another link (you might have been following) for more info on this.

https://learningnetwork.cisco.com/message/188774#188774

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card