Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series
1191119211931194119511961197119811991200
Version Description
8.3.7.0 Introduced on the S4810.
8.2.1.0 Introduced the hardware shutdown-on-violation option.
7.6.1.0 Introduced on the S-Series.
7.5.1.0 Introduced on the C-Series.
7.4.1.0 Added the optional Bridge Port Data Unit (BPDU) guard.
6.2.1.1 Introduced.
Usage Information
The BPDU guard option prevents the port from participating in an active STP topology in case a BPDU appears on
a port unintentionally, or is misconfigured, or is subject to a DOS attack. This option places the port into the Error
Disable state if a BPDU appears, and a message is logged so that the administrator can take corrective action.
NOTE: A port configured as an edge port, on a PVST switch, immediately transitions to the
forwarding state. Only ports connected to end-hosts should be configured as an edge port.
Consider an edge port similar to a port with a spanning-tree portfast enabled.
If you do not enable shutdown-on-violation, BPDUs are still sent to the route process module (RPM) CPU.
You cannot enable root guard and loop guard at the same time on a port. For example, if you configure
loop guard on a port on which root guard is already configured, the following error message is displayed: %
Error: RootGuard is configured. Cannot configure LoopGuard.
When used in a PVST+ network, loop guard is performed per-port or per-port channel at a VLAN level. If no
BPDUs are received on a VLAN interface, the port or port-channel transitions to a Loop-Inconsistent (blocking)
state only for this VLAN.
Enabling Portfast BPDU guard and loop guard at the same time on a port results in a port that remains in a
Blocking state and prevents traffic from flowing through it. For example, when Portfast BPDU guard and loop
guard are both configured:
If a BPDU is received from a remote device, BPDU guard places the port in an Err-Disabled Blocking state and
no traffic is forwarded on the port.
If no BPDU is received from a remote device, loop guard places the port in a Loop-Inconsistent Blocking state
and no traffic is forwarded on the port.
Example
DellEMC(conf-if-gi-1/1)# spanning-tree pvst vlan 3 cost 18000
DellEMC(conf-if-gi-1/1)# end
DellEMC(conf-if-gi-1/1)# show config
!
interface GigabitEthernet 1/1
no ip address
switchport
spanning-tree pvst vlan 3 cost 18000
no shutdown
DellEMC(conf-if-gi-1/1)#end
DellEMC#
Related
Commands
show spanning-tree pvst — views the PVST+ configuration.
spanning-tree pvst err-disable
Place ports in an Err-Disabled state if they receive a PVST+ BPDU when they are members an untagged VLAN.
Syntax
spanning-tree pvst err-disable cause invalid-pvst-bpdu
Defaults Enabled; ports are placed in the Err-Disabled state if they receive a PVST+ BPDU when they are members of an
untagged VLAN.
Command Modes INTERFACE
Per-VLAN Spanning Tree Plus (PVST+) 1191