Wired Intelligent Edge (Campus Switching and Routing)

Reply

About BPDU protection feature

Hi experts,

 

I have two doubts about this feature:

 

  1. I saw the BPDU protection feature is enabled on a per-port basis with the command "spanning-tree <port-list> bpdu-protection". Cisco has the command "spanning-tree portfast bpduguard" which allows to enable the feature in all the portfast ports at the same time. Is there any command to enable this feature in all auto-edge ports at the same time in Aruba?
  2. When this feature is enabled, is the port disabled always it receives a BPDU or only when it receives a better BPDU?

Regards,

Julián

Highlighted
MVP Expert

Re: About BPDU protection feature

Greetings!

 

Addressing your questions in order:

 

  1. ArubaOS-Switch allows configuration of BPDU protection on a per-port basis only; we do not have an equivalent to the command you provided. I will provide feedback to engineering.
  2. BPDU protection will shut down a port if any BPDU is received.  To cause a port to shut down only when a superior BPDU is received, you would instead use the root guard feature, which is configured in a nearly identical manner to BPDU protection:
switch(config)# spanning-tree <port-list> root-guard 


Matt Fern
Technical Marketing Engineer, Wired Intelligent Edge

Aruba, a Hewlett Packard Enterprise company

8000 FOOTHILLS BLVD  |  ROSEVILLE, CA 95747
T: 916.540.1759  |  E: mfern@hpe.com   |   Matt @ Twitter

Re: About BPDU protection feature

Hi Matthew,

 

Many thanks, very clear :)

 

Regards,

Julián

New Contributor

Re: About BPDU protection feature

Hi,

 

On Cisco switches it's possible to automatically recover using the errdisable command. Do Aruba have something similar?

 

Best regards,

Trond Hundstuen

Re: About BPDU protection feature

Hi Trond,

 

This is from the User Guide:

 

Re-enabling a port blocked by BPDU protection


Ports disabled by BPDU Protection remain disabled unless BPDU

Protection is removed from the switch or by configuring a nonzero BPDU protection timeout. For example, if you want to re-enable protected ports 60 seconds after receiving a BPDU, you would use this command:
switch(config)#: spanning-tree bpdu-protection-timeout 60

 

Regards,

Julián

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: