cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
156
Views
2
Helpful
2
Replies

Global BPDUGuard not taking effect on Globally enabled portfast ports

nickcrv06
Level 1
Level 1

Hi,

I've been playing around with spanning-tree BPDUguard for a topology that has 3 switches connected on both GNS3 and PacketTracer, and both depicts the same:

Topology:
SW1---SW2---SW3

Config:
The switchport status for the SW2's interface connected to SW3 is:
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: static access


On SW2 I have enabled portfast globally, which (As for my knowledge) enables porfast on all access ports.
spanning-tree portfast default

In my mind, SW2's port connecting to SW3 is acting as an access port, hence portfast should be enabled.

On SW2 I have also enabled bpduguard globally, which applies to all portfast enabled interfaces:
spanning-tree portfast bpduguard default



Issue:
When I connect SW3, nothing happens.. no blocking ports due to BPDUguard or anything like that, however when I enable on SW2's interface the command spanning-tree bpduguard enable then all the sudden it works fine if I reconnect SW3... 

Why is SW2 not blocking any ports to errdisable state when both global commands for portfast and bpduguard are enabled? I thought that I did not have to configure those per-interface basis.

Is there something I am missing from the picture?

2 Replies 2

Will try it in my lab and share result with you, 

Indeed it must go to errdisable, but let me double check

MHM

I run Lab 
SW1-SW2
and SW2 show err-disable and SW1 dont show anything, hence the global port fast and bpdu guard disable the err-interface 

so check both SW

MHM

Screenshot (260).png

Review Cisco Networking products for a $25 gift card