Service Manual
Version Description
7.5.1.0 Introduced on the C-Series.
6.2.1.1 Introduced on the E-Series.
Usage Information
If you enable portfast bpduguard on an interface and the interface receives a BPDU, the software
disables the interface and sends a message stating that fact. The port is in ERR_DISABLE mode, yet
appears in the show interface commands as enabled. If you do not enable shutdown-on-
violation
, BPDUs are still sent to the RPM CPU.
STP loop guard and root guard are supported on a port or port-channel enabled in any Spanning Tree mode:
Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol
(MSTP), and Per-VLAN Spanning Tree Plus (PVST+).
Root guard is supported on any STP-enabled port or port-channel except when used as a stacking port.
When enabled on a port, root guard applies to all VLANs congured on the port.
STP root guard and loop guard cannot be enabled at the same time on a port. For example, if you congure
loop guard on a port on which root guard is already congured, the following error message is displayed: %
Error: RootGuard is configured. Cannot configure LoopGuard
.
Do not enable Portfast BPDU guard and loop guard at the same time on a port. Enabling both features may
result in a port that remains in a blocking state and prevents trac from owing through it. For example,
when Portfast BPDU guard and loop guard are both congured:
• If a BPDU is received from a remote device, BPDU guard places the port in an Err-Disabled Blocking
state and no trac is forwarded on the port.
• If no BPDU is received from a remote device, loop guard places the port in a Loop-Inconsistent Blocking
state and no trac is forwarded on the port.
To display the type of STP guard (Portfast BPDU, root, or loop guard) enabled on a port, enter the show
spanning-tree 0
command.
Spanning Tree Protocol (STP)
1435