stp-port-modify
This command is used to configure Bridge Protocol Data Unit (BPDU) processing by one or more ports on a switch.
Syntax stp-port-modify
|
port port-list |
Specifies the switch network data port number, range or list of ports to be modified. Range for port numbers is from 1 to 64. |
|
Specify one or more of the following options: |
|
|
block|no-block |
Specify if the port blocks BPDUs. |
|
filter|no-filter |
Specify if the port filters BPDUs. |
|
edge|no-edge |
Specify if the port is an Edge port. The port can transition directly to a forwarding state but lose Edge port status as soon as any BPDU packets are received. |
|
bpdu-guard|no-bpdu-guard |
Specify if BPDU guard is on or off. |
|
root-guard|no-root-guard |
Specify if root guard is on or off. |
|
priority integer |
Specify the STP port priority as a value between 0, and 240. The default value is 128. |
|
cost number |
Specify the cost as a number between 1, and 200000000. The default value is 2000. |
Defaults None.
Access CLI
History
|
Version 1.2 |
Command introduced. |
|
Version 2.2 |
The parameter edge|no-edge added to support RSTP. The parameter guard|no-guard added. |
|
Version 2.3 |
The parameter cost added. |
|
Version 2.4.1 |
The parameter priority added. |
|
Version 2.6.0 |
The parameter guard changed to bpdu-guard, and a new parameter root-guard added. |
Usage STP is a standard inter-switch protocol is used to ensure that an ad hoc network topology is loop-free at Layer 2, on a per VLAN basis. If your network connections form loops, and STP is disabled, packets recirculate between the switches, and causes a decrease in network performance. If you are certain that your network is loop-free, you do not need to enable STP. BPDUs are used in the election of the STP root switch, and should not be received from an end host port. This command can block one port or multiple ports from processing BPDUs to prevent a malicious end host from masquerading as a switch, and participating in the STP root election.If a BPDU is received by a port that is configured to block BPDUs, the port is shut down. Alternatively, you can filter BPDUs on a port. If the port is configured to filter BPDUs, the BPDU packet is dropped but the port is not shut down.
Examples To block BPDUs, and shut down port 17, use the following command:
CLI (network-admin@switch) > stp-port-modify port 17 block on