Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5052
Views
10
Helpful
7
Replies

Which devices produce BPDUs

tiwariharish44
Level 1
Level 1

‎12-01-2015 06:28 PM - edited ‎03-08-2019 02:55 AM

Hi,

We have a campus network where students in their hostels are connected to the network through 2960 switches. On theses switches were have port fast and bpduguard enabled. But since past few days we are observing that a particular users' port is becoming error disabled reason being bpduguard. On asking him that does he use a switch in his room he denied. I don't think that he is using a Cisco of any other manageable switch we searched his room also but did not find any switch.

So I want to ask which other devices can send bpdus. Can wifi routers do this? Because his neighbours use that.

Labels:
0 Helpful
7 Replies 7

Masoud Pourshabanian
VIP Alumni
VIP Alumni

‎12-01-2015 07:16 PM

Hello,

There a lot of packet generator softwares which can generate BPDU.

WiFI access points can generate BPDU if they are in bridge mode. However, switch receives BPDU if access point is directly connected to the switch port so It can not be the reason.

Masoud

tiwariharish44
Level 1
Level 1
In response to Masoud Pourshabanian

‎12-01-2015 08:06 PM

Hi Masoud,

So you are saying that we should check the student's laptop and see if there are any suspicious network software installed? There are no wifi access points, its just that the students in that hostel use wifi routers frequently. Thats why I asked that is it possible for wifi router to send bpdus when our network port is connected to that router.

0 Helpful

Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to tiwariharish44

‎12-01-2015 08:18 PM

If WIFI router which is configured in bridge mode connects to 2960 port, it may participate in spanning tree and sends BPDU.

Configure port-security on that port and assign his computer mac address to the corresponding port on 2960. Monitor the switch to see if there is any MAC violation or not. Is he allowed to connect the WIFI router to 2960?

0 Helpful

Andre Neethling
Level 4
Level 4
In response to tiwariharish44

‎12-01-2015 08:22 PM

If I understand correctly they would plug the WiFi device into the port instead of the Laptop/Computer, so that they can connect multiple devices via WiFi, and not just the single device. WiFi Access points and Routers can send BPDUs. Not all of them do. We recently had a Cisco WAP121 plugged into a port, and the port was disabled by BPDUguard. So it could be an access point or WiFi router sending BPDUs.

0 Helpful

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎12-02-2015 05:57 AM

Hello,

Any devices which can take part in bridge domain can send BPDU in segment and after seeing other members post , I would suggest you to configure port security on that port by binding student mac address.

Hope it Helps..

-GI

tiwariharish44
Level 1
Level 1
In response to Ganesh Hariharan

‎12-02-2015 09:31 PM

Hi Harisharan, 

That we can not do as the students rooms are changed every semester. Port security is implemented with maximum two mac addresses allowed as two students stay in one room. 

0 Helpful

Andre Neethling
Level 4
Level 4
In response to tiwariharish44

‎12-02-2015 09:38 PM

If you want, you can configure BPDU filter. When BPDUs are received on a port, the port will not be error disabled, and the device will not take part in the STP topology of your network.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card