Switch 7700 Command reference Guide, v2.0
Table Of Contents
- About This Software Version
- Organization of the Manual
- Intended Readership
- Conventions
- Related Manuals
- Logging in Commands
- authentication-mode
- auto-execute command
- command-privilege level
- databits
- display history-command
- display user-interface
- display users
- flow-control
- free user-interface
- header
- history-command max-size
- idle-timeout
- lock
- modem
- modem auto-answer
- modem timer answer
- parity
- quit
- return
- screen-length
- send
- service-type telnet level
- set authentication password
- shell
- speed
- stopbits
- super
- super password
- sysname
- system-view
- telnet
- user-interface
- user privilege level
- Ethernet Port Configuration Commands
- Ethernet Port Link Aggregation Commands
- VLAN Configuration Commands
- GARP Configuration Commands
- GVRP Configuration Commands
- IP Address Configuration Commands
- ARP Configuration Commands
- DHCP Relay Configuration Commands
- IP Performance Configuration Commands
- Routing Table Display Commands
- Static Route Configuration Command
- RIP Configuration Commands
- OSPF Configuration Commands
- abr-summary
- area
- asbr-summary
- authentication-mode
- default cost
- default interval
- default limit
- default tag
- default type
- default-cost
- default-route-advertise
- display ospf abr-asbr
- display ospf asbr-summary
- display ospf brief
- display ospf cumulative
- display ospf error
- display ospf interface
- display ospf lsdb
- display ospf nexthop
- display ospf peer
- display ospf request-queue
- display ospf retrans-queue
- display ospf routing
- display ospf vlink
- filter-policy export
- filter-policy import
- import-route
- network
- nssa
- ospf
- ospf authentication-mode
- ospf cost
- ospf dr-priority
- ospf mtu-enable
- ospf network-type
- ospf timer dead
- ospf timer hello
- ospf timer poll
- ospf timer retransmit
- ospf trans-delay
- peer
- preference
- reset ospf all
- router id
- silent-interface
- spf-schedule-interval
- stub
- vlink-peer
- Integrated IS-IS Configuration Commands
- area-authentication- mode
- default-route-advertise
- display isis interface
- display isis lsdb
- display isis mesh-group
- display isis peer
- display isis route
- display isis spf-log
- domain-authentication- mode
- filter-policy export
- filter-policy import
- ignore-lsp-checksum- error
- import-route
- isis
- isis authentication-mode
- isis circuit-level
- isis cost
- isis dis-priority
- isis enable
- isis mesh-group
- isis timer csnp
- isis timer dead
- isis timer hello
- isis timer lsp
- isis timer retransmit
- is-level
- log-peer-change
- network-entity
- preference
- reset isis all
- reset isis peer
- set-overload
- silent-interface
- spf-delay-interval
- spf-slice-size
- summary
- timer lsp-max-age
- timer lsp-refresh
- timer spf
- BGP Configuration Commands
- aggregate
- bgp
- compare-different-as- med
- confederation id
- confederation nonstandard
- confederation peer-as
- dampening
- debugging bgp
- default local-preference
- default med
- display bgp group
- display bgp network
- display bgp paths
- display bgp peer
- display bgp routing-table
- display bgp routing-table as-path-acl
- display bgp routing-table cidr
- display bgp routing-table community
- display bgp routing-table community-list
- display bgp routing-table dampening
- display bgp routing-table different-origin-as
- display bgp routing-table flap-info
- display bgp routing-table peer
- display bgp routing-table regular-expression
- filter-policy export
- filter-policy import
- group
- import-route
- ip as-path acl
- ip community-list
- network
- peer advertise-community
- peer allow-as-loop
- peer as-number
- peer as-path-acl
- peer connect-interface
- peer default-route-advertise
- peer description
- peer ebgp-max-hop
- peer enable
- peer filter-policy
- peer group
- peer ip-prefix
- peer next-hop-local
- peer public-as-only
- peer reflect-client
- peer route-policy
- peer route-update-interval
- peer timer
- reflect between-clients
- reflect cluster-id
- reset bgp
- reset bgp flap-info
- reset bgp group
- reset dampening
- summary automatic
- timer
- IP Routing Policy Configuration Commands
- apply as-path
- apply community
- apply cost
- apply cost-type
- apply ip next-hop
- apply isis
- apply local-preference
- apply origin
- apply tag
- display ip ip-prefix
- display route-policy
- filter-policy export
- filter-policy import
- if-match { acl | ip-prefix }
- if-match as-path
- if-match community
- if-match cost
- if-match interface
- if-match ip next-hop
- if-match tag
- ip ip-prefix
- route-policy
- Route Capacity Configuration Commands
- GMRP Configuration Commands
- IGMP Snooping Configuration Commands
- Multicast Common Configuration Commands
- PIM Configuration Commands
- ACL Configuration Command List
- QoS Configuration Commands List
- display mirroring-group
- display priority-trust
- display qos cos-local-precedence- map
- display qos-interface queue-scheduler
- display qos-interface all
- display qos-interface traffic-bandwidth
- display qos-interface traffic-limit
- display qos-interface traffic-priority
- display qos-interface traffic-red
- display qos-interface traffic-statistic
- mirroring-group
- priority
- priority trust
- priority-trust
- qos cos-local-precedence- map
- queue-scheduler
- reset traffic-statistic
- traffic-bandwidth
- traffic-limit
- traffic-priority
- traffic-red
- traffic-statistic
- Logon user’s ACL Control Command
- RSTP Configuration Commands
- MSTP Configuration Commands
- active region-configuration
- check region-configuration
- display stp
- display stp region-configuration
- instance
- region-name
- reset stp
- revision-level
- stp
- stp bpdu-protection
- stp bridge-diameter
- stp bridge-priority
- stp edged-port
- stp instance cost
- stp instance port priority
- stp instance root primary
- stp instance root secondary
- stp interface
- stp interface edged-port
- stp interface instance cost
- stp interface instance port priority
- stp interface loop-protection
- stp interface mcheck
- stp interface point-to-point
- stp interface root-protection
- stp interface transit-limit
- stp loop-protection
- stp max-hops
- stp mcheck
- stp mode
- stp point-to-point
- stp region-configuration
- stp root-protection
- stp timer forward-delay
- stp timer hello
- stp timer max-age
- stp transit-limit
- vlan-mapping modulo
- 802.1x Configuration Commands
- AAA Configuration Commands
- RADIUS Protocol Configuration Commands
- data-flow-format
- display local-server statistics
- display radius
- display radius statistics
- display stop-accounting-buffer
- key
- local-server
- primary accounting
- primary authentication
- radius scheme
- reset stop-accounting-buffer
- retry
- retry realtime-accounting
- retry stop-accounting
- secondary accounting
- secondary authentication
- server-type
- state
- stop-accounting-buffer enable
- timer
- timer realtime-accounting
- user-name-format
- VRRP Configuration Commands
- HA Configuration Commands
- File System Management Commands
- Configuration File Management Commands
- FTP Server Configuration Commands
- FTP Client Commands
- TFTP Configuration Commands
- MAC Address Table Management Commands
- Device Management Commands
- Basic System Configuration and Management Commands
- System Status and System Information Display Commands
- System Debug Commands
- Network Connection Test Commands
- Log Commands
- display channel
- display info-center
- info-center console channel
- info-center enable
- info-center logbuffer
- info-center loghost
- info-center monitor channel
- info-center snmp channel
- info-center source
- info-center timestamp
- info-center trapbuffer
- rename channel
- reset logbuffer
- reset trapbuffer
- terminal debugging
- terminal logging
- terminal monitor
- terminal trapping
- SNMP Configuration Commands
- display snmp-agent community
- display snmp-agent
- display snmp-agent group
- display snmp-agent mib-view
- display snmp-agent statistics
- display snmp-agent sys-info contact
- display snmp-agent sys-info location
- display snmp-agent sys-info version
- display snmp-agent usm-user
- snmp-agent local-engineid
- snmp-agent community
- snmp-agent group
- snmp-agent mib-view
- snmp-agent packet max-size
- snmp-agent sys-info
- snmp-agent target-host
- snmp-agent trap enable
- snmp-agent trap life
- snmp-agent trap queue-size
- snmp-agent trap source
- snmp-agent usm-user
- undo snmp-agent
- RMON Configuration Commands
- NTP Configuration Commands
- debugging ntp-service
- display ntp-service sessions
- display ntp-service status
- display ntp-service trace
- ntp-service access
- ntp-service authentication enable
- ntp-service authentication-keyid
- ntp-service broadcast-client
- ntp-service broadcast-server
- ntp-service max-dynamic sessions
- ntp-service multicast-client
- ntp-service multicast-server
- ntp-service refclock-master
- ntp-service reliable authentication-keyid
- ntp-service source-interface
- ntp-service in-interface disable
- ntp-service unicast-peer
- ntp-service unicast-server
RSTP Configuration Commands 305
Example
Enable RSTP on a switch.
[SW7700]stp enable
Disable RSTP on Ethernet1/0/1.
[SW7700-Ethernet1/0/1]stp disable
stp bpdu-protection Syntax
stp bpdu-protection
undo stp bpdu-protection
View
System view
Parameter
None
Description
Using the stp bpdu-protection command, you can enable BPDU protection on a
switch. Using the
undo stp bpdu-protection command, you can resume the
default status of BPDU protection function.
By default, BPDU protection is not enabled.
For an access layer device, the access port is generally connected to the user
terminal (such as a PC) or file server directly and configured as an edge port to
implement the fast transition. When such port receives BPDU packet, the system
will set it to non-edge port and recalculate the spanning tree, which will cause
network topology flapping. In normal cases, these ports will not receive any BPDU
packets. However, someone may forge BPDU to maliciously attack the switch and
cause network flapping.
RSTP provides BPDU protection function against such attack. After BPDU
protection function is enabled on a switch, the system will disable an edge port
that has received BPDU and notify the network manager about it. The disabled
port can only be resumed by network manager.
Example
Enable BPDU protection function on a switch.
[SW7700]stp bpdu-protection
stp cost Syntax
stp cost cost
undo stp cost
View
Ethernet port view