What is the purpose of the STP PortFast BPDU guard feature?

What is the purpose of the STP PortFast BPDU guard feature?

What is the purpose of the STP PortFast BPDU guard feature?

A.
enforce the placement of the root bridge in the network

B.
ensure that a port is transitioned to a forwarding state quickly if a BPDU is received

C.
enforce the borders of an STP domain

D.
ensure that any BPDUs received are forwarded into the STP domain

Explanation:
STP configures meshed topology into a loop-free, tree-like topology. When the link on a bridge
port goes up, STP calculation occurs on that port. The result of the calculation is the transition of
the port into forwarding or blocking state. The result depends on the position of the port in the
network and the STP parameters. This calculation and transition period usually takes about 30 to
50 seconds. At that time, no user data pass via the port. Some user applications can time out
during the period.
In order to allow immediate transition of the port into forwarding state, enable the STP PortFast
feature.
PortFast immediately transitions the port into STP forwarding mode upon linkup. The port still
participates in STP. So if the port is to be a part of the loop, the port eventually transitions into STP
blocking mode.
As long as the port participates in STP, some device can assume the root bridge function and
affect active STP topology. To assume the root bridge function, the device would be attached to
the port and would run STP with a lower bridge priority than that of the current root bridge. If
another device assumes the root bridge function in this way, it renders the network suboptimal.
This is a simple form of a denial of service (DoS) attack on the network. The temporary
introduction and subsequent removal of STP devices with low (0) bridge priority cause a
permanent STP recalculation.
The STP PortFast BPDU guard enhancement allows network designers to enforce the STP
domain borders and keep the active topology predictable. The devices behind the ports that have
STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the

BPDU guard operation disables the port that has PortFast configured. The BPDU guard transitions
the port into errdisable state, and a message appears on the console. This message is an
example:
2000 May 12 15:13:32 %SPANTREE-2-RX_PORTFAST:Received BPDU on PortFast enable port.
Disabling 2/1
2000 May 12 15:13:32 %PAGP-5-PORTFROMSTP:Port 2/1 left bridge port 2/1

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml#to
pic1

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *