| Recent
Articles |
A Guide To IPv6 Address Types
Learning IPv6 is paramount in your efforts to pass the BSCI exam and go on to earn your CCNP, and it´s going to help in your real-world networking career as well.
OSPF Router Types
When you´re preparing to pass the BSCI exam on the way to the coveted Cisco CCNP certification, you can be quickly overwhelmed by the sheer amount of BGP and OSPF knowledge you must demonstrate a mastery of.
Cisco CCNA Exam Tutorial: Route Summarization For RIP, EIGRP, And OSPF
Preparing to pass the CCNA exam and earn this important Cisco certification?
Static Routing Tutorial
In studying for your CCNA exam and preparing to earn this valuable certification, you may be tempted to spend little time studying static routing and head right for the more exciting dynamic routing protocols like...
Four Important Commands For Your CCNA / CCNP Home Lab
More CCNA and CCNP candidates than ever before are putting together their own home practice labs. It´s more affordable than it ever has been, and I receive...
How to Install and Configure a Forum
Once you've built your website, you might like to offer your visitors an opportunity to interact with it, and to talk to you and each other without having to use email. Forums are absolutely ideal for this purpose.
|
|
|
|
04.13.06
Configuring PortFast And BPDU Guard
 By
Chris Bryant
In your CCNA studies, you learned about PortFast and the trouble it can cause if configured on the wrong port!
Suitable only for switch ports connected directly to a single host, PortFast allows a port running STP to go directly from blocking to forwarding mode.
A Cisco router will give you a warning when you configure PortFast:
Not only will the switch warn you about the proper usage of PortFast, but you must put the port into access mode before PortFast will take effect.
Now, youīd think that would be enough of a warning, right? But there is a chance - just a chance - that someone is going to manage to connect a switch to a port running Portfast. That could lead to two major problems, the first being the formation of a switching loop. Remember, the reason we have listening and learning modes is to help prevent switching loops. The next problem is that there could be a new root bridge elected - and it could be a switch that isnīt even in your network!
BPDU Guard protects against this disastrous possibility. If any BPDU comes in on a port thatīs running BPDU Guard, the port will be shut down and placed into error disabled state, shown on the switch as err-disabled. A port placed in err-disabled state must be reopened manually.
BPDU Guard is off on all ports by default, and is enabled as shown here:
Itīs a good idea to enable BPDU Guard on any port youīre running PortFast on. Thereīs no cost in overhead, and it does prevent the possibility of a switch sending BPDUs into a port configured with PortFast - not to mention the possibility of a switch not under your control becoming a root switch to your network!
About the Author:
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage (www.thebryantadvantage.com), home of FREE CCNA and CCNP tutorials and daily exam questions, as well as The Ultimate CCNA and CCNP Study Packages.
|
