3Com Switch 4200G Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

141

142

143

144

145

146

147

148

149

150

136 CHAPTER 20: MSTP CONFIGURATION

Performing the mCheck operation in system view

Performing the mCheck operation in Ethernet port view

CAUTION: The stp mcheck command takes effect only when the switch operate in

MSTP mode, and does not take effect when the switch operates in STP/RSTP mode.)

Configuration Example

1 Perform the mCheck operation on GigabitEthernet1/0/1 port (assuming that the

switch operates in MSTP mode and the port operates in the STP/RSTP mode).

■ Configure in system view.

<S4200G> system-view

System View: return to User View with Ctrl+Z.

[4200G] stp interface GigabitEthernet1/0/1 mcheck

■ Configure in Ethernet port view.

<S4200G> system-view

System View: return to User View with Ctrl+Z.

[4200G] interface GigabitEthernet1/0/1

[4200G-GigabitEthernet1/0/1] stp mcheck

Protection Function

Configuration

Introduction The following protection functions are provided on MSTP-enabled switches: BPDU

protection, root protection, loop prevention, and TC-BPDU attack prevention.

BPDU protection

Normally, the access ports of the devices operating on the access layer directly

connect to terminals (such as PCs) or file servers. These ports are usually configured as

edge ports to achieve rapid transition. But they resume non-edge ports automatically

upon receiving configuration BPDUs, which causes spanning tree regeneration and

network topology jitter.

Normally, no configuration BPDU will reach edge ports. But malicious users can attack

a network by sending configuration BPDUs deliberately to edge ports to cause

network jitter. You can prevent this type of attacks by utilizing the BPDU protection

function. With this function enabled on a switch, the switch shuts down the edge

ports that receive configuration BPDUs and then reports these cases to the

administrator. If a port is shut down, only the administrator can restore it.

Table 109 Perform the mCheck operation in system view

Operation Command Description

Enter system view System-view —

Perform the mCheck

operation

stp [ interface interface-list ]

mcheck

Required

Table 110 Perform the mCheck operation in Ethernet port view

Operation Command Description

Enter system view system-view —

Enter Ethernet port

view

interface interface-type

interface-number

—

Perform the mCheck

operation

stp mcheck Required