PG1X

My Knowledge Base

User Tools

Site Tools


tech:network:cisco:stp:bpduguard:bpduguard

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tech:network:cisco:stp:bpduguard:bpduguard [2019/06/07 23:33] (current)
wnoguchi created
Line 1: Line 1:
 +====== STP: BPDU Guard ======
 +
 +{{tag>​BPDU-Guard BPDU STP Catalyst Cisco Networking}}
 +
 +===== Topology =====
 +
 +{{:​tech:​network:​cisco:​stp:​bpduguard:​pasted:​20190607-233341.png}}
 +
 +==== Log ====
 +
 +<​code>​
 +SW1#sh spanning-tree vlan 1
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   32769
 +             ​Address ​    ​0022.bd89.2180
 +             ​Cost ​       19
 +             ​Port ​       4 (FastEthernet1/​0/​2)
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   32769  (priority 32768 sys-id-ext 1)
 +             ​Address ​    ​e8ed.f315.9380
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  300 sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa1/​0/​1 ​            Altn BLK 19        128.3    P2p 
 +Fa1/​0/​2 ​            Root FWD 19        128.4    P2p 
 +
 +
 +
 +</​code>​
 +
 +<​code>​
 +ASW2#conf t
 +Enter configuration commands, one per line.  End with CNTL/Z.
 +ASW2(config)#​spa
 +ASW2(config)#​spanning-tree vla
 +ASW2(config)#​spanning-tree vlan 1 pri
 +ASW2(config)#​spanning-tree vlan 1 priority ​
 +ASW2(config)#​spanning-tree vlan 1 priority ?
 +  <​0-61440> ​ bridge priority in increments of 4096
 +
 +ASW2(config)#​spanning-tree vlan 1 priority 0
 +ASW2(config)#​
 +*Mar  1 00:​01:​42.601:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to down
 +ASW2(config)#​
 +*Mar  1 00:​01:​43.599:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to down
 +ASW2(config)#​^Z
 +ASW2#sh
 +*Mar  1 00:​02:​30.734:​ %SYS-5-CONFIG_I:​ Configured from console by console
 +ASW2#sh spa
 +ASW2#sh spanning-tree int f0/1
 +no spanning tree info available for FastEthernet0/​1 ​
 +
 +ASW2#sh spanning-tree int f0/1
 +no spanning tree info available for FastEthernet0/​1 ​
 +
 +ASW2#sh spanning-tree ​        
 +
 +No spanning tree instance exists.
 +
 +ASW2#sh spanning-tree ​
 +
 +No spanning tree instance exists.
 +
 +ASW2#
 +*Mar  1 00:​04:​48.953:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to up
 +*Mar  1 00:​04:​49.960:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to up
 +ASW2#sh spa
 +ASW2#sh spanning-tree ​
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   1
 +             ​Address ​    ​0026.ca6b.e980
 +             This bridge is the root
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   1      (priority 0 sys-id-ext 1)
 +             ​Address ​    ​0026.ca6b.e980
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  300 sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg FWD 19        128.1    P2p 
 +
 +
 +ASW2#sh spanning-tree f0/1
 +                      ^
 +% Invalid input detected at '​^'​ marker.
 +
 +ASW2#sh spanning-tree int f0/1
 +
 +Vlan                Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +VLAN0001 ​           Desg FWD 19        128.1    P2p 
 +ASW2#sh spanning-tree int f0/1 detail
 + Port 1 (FastEthernet0/​1) of VLAN0001 is designated forwarding ​
 +   Port path cost 19, Port priority 128, Port Identifier 128.1.
 +   ​Designated root has priority 1, address 0026.ca6b.e980
 +   ​Designated bridge has priority 1, address 0026.ca6b.e980
 +   ​Designated port id is 128.1, designated path cost 0
 +   ​Timers:​ message age 0, forward delay 0, hold 0
 +   ​Number of transitions to forwarding state: 1
 +   Link type is point-to-point by default
 +   BPDU: sent 48, received 1
 +ASW2#sh spanning-tree int f0/1 detail
 + Port 1 (FastEthernet0/​1) of VLAN0001 is designated forwarding ​
 +   Port path cost 19, Port priority 128, Port Identifier 128.1.
 +   ​Designated root has priority 1, address 0026.ca6b.e980
 +   ​Designated bridge has priority 1, address 0026.ca6b.e980
 +   ​Designated port id is 128.1, designated path cost 0
 +   ​Timers:​ message age 0, forward delay 0, hold 0
 +   ​Number of transitions to forwarding state: 1
 +   Link type is point-to-point by default
 +   BPDU: sent 50, received 1
 +ASW2#
 +*Mar  1 00:​07:​10.352:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to down
 +ASW2#
 +*Mar  1 00:​07:​11.350:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to down
 +ASW2#sh spanning-tree int f0/1 detail
 +no spanning tree info available for FastEthernet0/​1 ​
 +
 +ASW2#
 +*Mar  1 00:​47:​31.505:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to up
 +ASW2#
 +*Mar  1 00:​47:​32.512:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to up
 +ASW2#
 +*Mar  1 00:​48:​07.149:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to down
 +ASW2#
 +*Mar  1 00:​48:​08.147:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to down
 +ASW2#
 +*Mar  1 00:​48:​13.264:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to up
 +*Mar  1 00:​48:​14.271:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to up
 +ASW2#sh spa
 +ASW2#sh spanning-tree ​
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   1
 +             ​Address ​    ​0026.ca6b.e980
 +             This bridge is the root
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   1      (priority 0 sys-id-ext 1)
 +             ​Address ​    ​0026.ca6b.e980
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  15  sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg LRN 19        128.1    P2p 
 +
 +
 +ASW2#
 +*Mar  1 00:​49:​07.924:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to down
 +ASW2#
 +*Mar  1 00:​49:​08.922:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to down
 +ASW2#sh spanning-tree ​
 +
 +No spanning tree instance exists.
 +
 +ASW2#
 +*Mar  1 00:​49:​32.368:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to up
 +*Mar  1 00:​49:​33.375:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to up
 +ASW2#
 +*Mar  1 00:​50:​15.528:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to down
 +ASW2#
 +*Mar  1 00:​50:​16.526:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to down
 +ASW2#
 +*Mar  1 00:​50:​33.404:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to up
 +*Mar  1 00:​50:​34.411:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to up
 +ASW2#sh spanning-tree  ​
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   1
 +             ​Address ​    ​0026.ca6b.e980
 +             This bridge is the root
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   1      (priority 0 sys-id-ext 1)
 +             ​Address ​    ​0026.ca6b.e980
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  15  sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg LRN 19        128.1    P2p 
 +
 +
 +ASW2#
 +*Mar  1 00:​51:​12.528:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​1,​ changed state to down
 +ASW2#sh spanning-tree ​
 +*Mar  1 00:​51:​13.527:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​1,​ changed state to down
 +ASW2#sh spanning-tree ​
 +
 +No spanning tree instance exists.
 +
 +ASW2#
 +</​code>​
 +
 +<​code>​
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg FWD 19        128.1    P2p 
 +Fa0/2               Desg FWD 19        128.2    P2p 
 +Fa0/4               Desg FWD 19        128.4    P2p 
 +Fa0/6               Root LIS 19        128.6    P2p 
 +
 +
 +ASW1(config-if)#​spa ​                      
 +ASW1(config-if)#​spanning-tree po
 +ASW1(config-if)#​spanning-tree portfa
 +ASW1(config-if)#​spanning-tree portfast ​
 +%Warning: portfast should only be enabled on ports connected to a single
 + host. Connecting hubs, concentrators,​ switches, bridges, etc... to this
 + ​interface ​ when portfast is enabled, can cause temporary bridging loops.
 + Use with CAUTION
 +
 +%Portfast has been configured on FastEthernet0/​6 but will only
 + have effect when the interface is in a non-trunking mode.
 +ASW1(config-if)#​
 +*Mar  1 01:​22:​14.774:​ %SPANTREE-2-BLOCK_BPDUGUARD:​ Received BPDU on port FastEthernet0/​6 with BPDU Guard enabled. Disabling port.
 +ASW1(config-if)#​
 +*Mar  1 01:​22:​14.774:​ %PM-4-ERR_DISABLE:​ bpduguard error detected on Fa0/6, putting Fa0/6 in err-disable state
 +*Mar  1 01:​22:​15.781:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​6,​ changed state to down
 +ASW1(config-if)#​
 +*Mar  1 01:​22:​16.787:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​6,​ changed state to down
 +ASW1(config-if)#​do sh span vlan 1      ​
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   32769
 +             ​Address ​    ​0022.bd89.2180
 +             This bridge is the root
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   32769  (priority 32768 sys-id-ext 1)
 +             ​Address ​    ​0022.bd89.2180
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  15  sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg FWD 19        128.1    P2p 
 +Fa0/2               Desg FWD 19        128.2    P2p 
 +Fa0/4               Desg FWD 19        128.4    P2p 
 +
 +
 +ASW1(config-if)#​
 +*Mar  1 01:​25:​16.211:​ %PM-4-ERR_RECOVER:​ Attempting to recover from bpduguard err-disable state on Fa0/8
 +ASW1(config-if)#​
 +*Mar  1 01:​27:​14.776:​ %PM-4-ERR_RECOVER:​ Attempting to recover from bpduguard err-disable state on Fa0/6
 +ASW1(config-if)#​
 +*Mar  1 01:​27:​17.846:​ %SPANTREE-2-BLOCK_BPDUGUARD:​ Received BPDU on port FastEthernet0/​6 with BPDU Guard enabled. Disabling port.
 +ASW1(config-if)#​
 +*Mar  1 01:​27:​17.846:​ %PM-4-ERR_DISABLE:​ bpduguard error detected on Fa0/6, putting Fa0/6 in err-disable state
 +ASW1(config-if)#​
 +*Mar  1 01:​32:​17.856:​ %PM-4-ERR_RECOVER:​ Attempting to recover from bpduguard err-disable state on Fa0/6
 +ASW1(config-if)#​
 +*Mar  1 01:​32:​20.583:​ %SPANTREE-2-BLOCK_BPDUGUARD:​ Received BPDU on port FastEthernet0/​6 with BPDU Guard enabled. Disabling port.
 +ASW1(config-if)#​
 +*Mar  1 01:​32:​20.583:​ %PM-4-ERR_DISABLE:​ bpduguard error detected on Fa0/6, putting Fa0/6 in err-disable state
 +ASW1(config-if)#​
 +ASW1(config-if)#​
 +*Mar  1 01:​34:​41.184:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​4,​ changed state to down
 +ASW1(config-if)#​
 +*Mar  1 01:​34:​42.182:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​4,​ changed state to down
 +ASW1(config-if)#​
 +*Mar  1 01:​34:​57.198:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​7,​ changed state to up
 +*Mar  1 01:​34:​58.205:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​7,​ changed state to up
 +ASW1(config-if)#​
 +ASW1(config-if)#​^Z
 +ASW1#sh span
 +*Mar  1 01:​35:​43.797:​ %SYS-5-CONFIG_I:​ Configured from console by console
 +ASW1#sh spannngi
 +ASW1#sh spann   
 +ASW1#sh spanning-tree vlan 1
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   1
 +             ​Address ​    ​0026.ca6b.e980
 +             ​Cost ​       19
 +             ​Port ​       7 (FastEthernet0/​7)
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   32769  (priority 32768 sys-id-ext 1)
 +             ​Address ​    ​0022.bd89.2180
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  15  sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg FWD 19        128.1    P2p 
 +Fa0/2               Desg FWD 19        128.2    P2p 
 +Fa0/7               Root FWD 19        128.7    P2p 
 +
 +
 +
 +</​code>​
 +
 +<​code>​
 +ASW2#sh spanning-tree vlan 1
 +
 +VLAN0001
 +  Spanning tree enabled protocol ieee
 +  Root ID    Priority ​   1
 +             ​Address ​    ​0026.ca6b.e980
 +             This bridge is the root
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +
 +  Bridge ID  Priority ​   1      (priority 0 sys-id-ext 1)
 +             ​Address ​    ​0026.ca6b.e980
 +             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 +             Aging Time  300 sec
 +
 +Interface ​          Role Sts Cost      Prio.Nbr Type
 +------------------- ---- --- --------- -------- --------------------------------
 +Fa0/1               Desg FWD 19        128.1    P2p 
 +
 +
 +
 +</​code>​
 +
 +<​code>​
 +ASW1#
 +*Mar  1 01:​37:​20.593:​ %PM-4-ERR_RECOVER:​ Attempting to recover from bpduguard err-disable state on Fa0/6
 +ASW1#
 +*Mar  1 01:​37:​24.267:​ %LINK-3-UPDOWN:​ Interface FastEthernet0/​6,​ changed state to up
 +*Mar  1 01:​37:​25.274:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface FastEthernet0/​6,​ changed state to up
 +
 +</​code>​
 +
 +===== References =====
 +
 +  - [[https://​www.infraexpert.com/​study/​stpz11.html|STPの拡張技術 - BPDUガード]]
  
tech/network/cisco/stp/bpduguard/bpduguard.txt · Last modified: 2019/06/07 23:33 by wnoguchi