Users Guide
321 | BranchController Config for Controllers Dell Networking W-Series ArubaOS 6.4.x| User Guide
server can access the network only after passing all these STP states. Some applications need to connect to the
network immediately, else they will timeout.
Enabling the PortFast feature causes a switch or a trunk port to enter the STP forwarding-state immediately or
upon a linkup event, thus bypassing the listening and learning states. The PortFast feature is enabled at a port
level, and this port can either be a physical or a logical port. When PortFast feature is enabled on a switch or a
trunk port, the port immediately transitions to the STP forwarding state.
Though PortFast is enabled the port still participates in STP. If the port happens to be part of topology that
could form a loop, the port eventually transitions into STP blocking mode. PortFast is usually configured on an
edge port, which means the port should not receive any STP BPDUs. If the port receives any STP BPDU, it
moves back to normal/regular mode and will participate in the listening and learning states.
In most deployments, edge ports are access ports. However, in this scenario there are no restrictions in
enabling the PortFast feature. The mode of the port changes from PortFast to non-PortFast when the port
receives a STP BPDU. To re-enable this feature on a port, run the shut command followed by a no-shut
command at the interface/port level.
Configuring PortFast on a non-edge port can cause instability to the STP topology.
BPDU Guard
BPDU Guard feature protects the port from receiving STP BPDUs, however the port can transmit STP BPDUs.
When a STP BPDU is received on a BPDU Guard enabled port, the port is shutdown and the state of the port
changes to ErrDis (Error-Disable) state. The port remains in the ErrDis state until the port status is manually
changed by using the configuration command shut followed by a no-shut applied on the interface. In most
deployments, BPDU Guard feature is configured over the PortFast enabled STP ports, but in this
implementation the BPDU Guard feature can be enabled on any of the STP ports, with or without PortFast
feature being enabled on these ports.
It is recommended not to enable the BPDUGuard feature on a trunk port that forms the STP topology.
Scenarios Supported on PortFast and BPDU Guard
PortFast and BPDU Guard features are applied at the port/interface level. These features can also be applied in
the following scenarios:
l RSTP and PVST modes
l Access and Trunk ports
l Physical and Logical ports
The PortFast and BPDU Guard features can be applied either independently or together.
In the global RSTPmode there is only one RSTP instance running in the entire controller. If the port that is
enabled with PortFast and BPDU Guard receives any STP BPDU it will effect all the ports, as the global RSTP
runs on a port basis.
In the PVST mode there can be multiple instances of RSTP running as they are based on per VLAN. Though it is
based on per VLAN, it will still behave in the same way as it does in the global RSTP mode. For example, if there
are five VLANs and each VLAN has a separate RSTP instance running, then any STP BPDU received on any of
these five ports effects all ports.
If an STP BPDU is received from any one of the five RSTP instances running, the port that is enabled with BPDU
Guard shuts down and goes to ErrDis state. In other words both PortFast and BPDU Guard features are
applied on a port basis for both global RSTP and PVST modes, even though the PVST runs on a per VLAN basis.