! interface FastEthernet0/1 switchport access vlan 11 switchport mode access ! interface FastEthernet0/2 switchport access vlan 11 switchport mode access ! -------------------------------------------------------------------------------- C2950#debug spanning-tree ? all All Spanning Tree debugging messages backbonefast BackboneFast events bpdu Spanning tree BPDU bpdu-opt Optimized BPDU handling config Spanning tree config changes csuf/csrt STP CSUF/CSRT etherchannel EtherChannel support events Spanning tree topology events exceptions Spanning tree exceptions general Spanning tree general mstp MSTP debug commands pvst+ PVST+ events root Spanning tree root events snmp Spanning Tree SNMP handling switch Switch Shim debug commands synchronization STP state sync events uplinkfast UplinkFast events C2950#debug spanning-tree events Spanning Tree event debugging is on C2950# 00:02:36: setting bridge id (which=3) prio 32779 prio cfg 32768 sysid 11 (on) id 800B.0008.20ff.1080 00:02:36: set portid: VLAN0011 Fa0/1: new port id 8001 00:02:36: STP: VLAN0011 Fa0/1 -> listening 00:02:36: set portid: VLAN0011 Fa0/2: new port id 8002 00:02:36: STP: VLAN0011 Fa0/2 -> listening 00:02:38: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 00:02:38: STP: VLAN0011 Fa0/2 -> blocking 00:02:38: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up 00:02:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 00:02:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up 00:02:51: STP: VLAN0011 Fa0/1 -> learning 00:03:06: STP: VLAN0011 Fa0/1 -> forwarding C2950# C2950#sh spanning-tree VLAN0011 Spanning tree enabled protocol ieee Root ID Priority 32779 Address 0008.20ff.1080 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32779 (priority 32768 sys-id-ext 11) Address 0008.20ff.1080 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 19 128.1 P2p Fa0/2 Back BLK 19 128.2 P2p C2950# ================================================================================ ! spanning-tree portfast bpduguard default ! ! interface FastEthernet0/1 switchport access vlan 11 switchport mode access spanning-tree bpdufilter enable ! interface FastEthernet0/2 switchport access vlan 11 switchport mode access spanning-tree bpdufilter enable ! -------------------------------------------------------------------------------- C2950# 00:04:25: setting bridge id (which=3) prio 32779 prio cfg 32768 sysid 11 (on) id 800B.0008.20ff.1080 00:04:25: set portid: VLAN0011 Fa0/1: new port id 8001 00:04:25: STP: VLAN0011 Fa0/1 -> listening 00:04:25: set portid: VLAN0011 Fa0/2: new port id 8002 00:04:25: STP: VLAN0011 Fa0/2 -> listening 00:04:27: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 00:04:27: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up 00:04:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 00:04:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up 00:04:40: STP: VLAN0011 Fa0/1 -> learning 00:04:40: STP: VLAN0011 Fa0/2 -> learning 00:04:55: STP: VLAN0011 Fa0/1 -> forwarding 00:04:55: STP: VLAN0011 Fa0/2 -> forwarding C2950# C2950#sh spanning-tree VLAN0011 Spanning tree enabled protocol ieee Root ID Priority 32779 Address 0008.20ff.1080 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32779 (priority 32768 sys-id-ext 11) Address 0008.20ff.1080 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 19 128.1 P2p Fa0/2 Desg FWD 19 128.2 P2p C2950# ================================================================================ ! spanning-tree portfast bpduguard ! ! interface FastEthernet0/1 switchport access vlan 11 switchport mode access spanning-tree portfast spanning-tree bpdufilter enable ! interface FastEthernet0/2 switchport access vlan 11 switchport mode access spanning-tree portfast spanning-tree bpdufilter enable ! -------------------------------------------------------------------------------- C2950# 00:05:49: setting bridge id (which=3) prio 32779 prio cfg 32768 sysid 11 (on) id 800B.0008.20ff.1080 00:05:49: set portid: VLAN0011 Fa0/1: new port id 8001 00:05:49: STP: VLAN0011 Fa0/1 ->jump to forwarding from blocking 00:05:49: set portid: VLAN0011 Fa0/2: new port id 8002 00:05:49: STP: VLAN0011 Fa0/2 ->jump to forwarding from blocking 00:05:51: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 00:05:51: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up 00:05:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 00:05:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up C2950# C2950#sh spanning-tree VLAN0011 Spanning tree enabled protocol ieee Root ID Priority 32779 Address 0008.20ff.1080 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32779 (priority 32768 sys-id-ext 11) Address 0008.20ff.1080 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 19 128.1 Edge P2p Fa0/2 Desg FWD 19 128.2 Edge P2p C2950# ================================================================================ ! spanning-tree portfast bpduguard ! ! interface FastEthernet0/1 switchport access vlan 11 switchport mode access spanning-tree portfast ! interface FastEthernet0/2 switchport access vlan 11 switchport mode access spanning-tree portfast spanning-tree bpdufilter enable ! -------------------------------------------------------------------------------- C2950#conf t Enter configuration commands, one per line. End with CNTL/Z. C2950(config)#int fa0/1 C2950(config-if)#no spanning-tree bpdufilter ?C2950(config-if)#no spanning-tree bpdufilter C2950(config-if)#exit C2950(config)# C2950(config)#do sh spanning-tree int fa0/1 detail Port 1 (FastEthernet0/1) of VLAN0011 is forwarding Port path cost 19, Port priority 128, Port Identifier 128.1. Designated root has priority 32779, address 0008.20ff.1080 Designated bridge has priority 32779, address 0008.20ff.1080 Designated port id is 128.1, designated path cost 0 Timers: message age 0, forward delay 0, hold 0 Number of transitions to forwarding state: 1 The port is in the portfast mode Link type is point-to-point by default Bpdu guard is enabled by default BPDU: sent 5, received 0 C2950(config)# C2950(config)#do sh spanning-tree int fa0/2 detail Port 2 (FastEthernet0/2) of VLAN0011 is forwarding Port path cost 19, Port priority 128, Port Identifier 128.2. Designated root has priority 32779, address 0008.20ff.1080 Designated bridge has priority 32779, address 0008.20ff.1080 Designated port id is 128.2, designated path cost 0 Timers: message age 0, forward delay 0, hold 0 Number of transitions to forwarding state: 1 The port is in the portfast mode Link type is point-to-point by default Bpdu guard is enabled by default Bpdu filter is enabled BPDU: sent 0, received 0 C2950(config)# C2950(config)#do sh spanning-tree VLAN0011 Spanning tree enabled protocol ieee Root ID Priority 32779 Address 0008.20ff.1080 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32779 (priority 32768 sys-id-ext 11) Address 0008.20ff.1080 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 19 128.1 Edge P2p Fa0/2 Desg FWD 19 128.2 Edge P2p C2950(config)# C2950(config)#int fa0/2 C2950(config-if)#no spanning-tree bpdufilter C2950(config-if)# 00:10:01: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet0/2 with BPDU Guard enabled. Disabling port. 00:10:01: %PM-4-ERR_DISABLE: bpduguard error detected on Fa0/2, putting Fa0/2 in err-disable state 00:10:01: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet0/1 with BPDU Guard enabled. Disabling port. 00:10:01: %PM-4-ERR_DISABLE: bpduguard error detected on Fa0/1, putting Fa0/1 in err-disable state 00:10:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down 00:10:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down 00:10:03: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to down 00:10:03: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down C2950(config-if)#
Tuesday, April 5, 2011
Fun with PortFast, BPDU Guard, and BPDU Filtering
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment