- Quite possibly the most misunderstood STP feature
- Two feature with the same same
- Locally (per-port) configured BPDU Filter
- Unconditional
- Filters all incoming and all out going BPDUs
- Equivalent of turning off STP on the port
Cmd: spanning-tree
bpdufilter enable
- Globally configured BPDU Filter
- Conditional on Portfast state
- Filters most of outgoing BPDUs
- Does not filter incoming BPDUs
- Configure:
- Mode Interface:
- Filter all incoming and outgoing BPDU, traffic can pass.
- Cho topology:
- Run spanning-tree vlan 10 all IOU.
- Config interface e0/1 IOU1 enable BPDU Filter
- Check int e0/1 truoc khi enable bpdufilter
IOU1#show span int e0/1 de
Port 2 (Ethernet0/1) of VLAN0010 is designated
forwarding
Port path cost 100, Port priority 128, Port
Identifier 128.2.
Designated root has priority 20490, address
aabb.cc00.0200
Designated bridge has priority 24586,
address aabb.cc00.0100
Designated port id is 128.2, designated path
cost 100
Timers: message age 0, forward delay 0, hold
0
Number of transitions to forwarding state: 1
Link type is shared by default
BPDU: sent 332, received 1
IOU1#
interface Ethernet0/1
switchport
access vlan 10
switchport mode
access
spanning-tree
bpdufilter enable
IOU1#show span int e0/1 de
Port 2 (Ethernet0/1) of VLAN0010 is designated
forwarding
Port path cost 100, Port priority 128, Port
Identifier 128.2.
Designated root has priority 20490, address
aabb.cc00.0200
Designated bridge has priority 24586,
address aabb.cc00.0100
Designated port id is 128.2, designated path
cost 100
Timers: message age 0, forward delay 0, hold
0
Number of transitions to forwarding state: 1
Link type is shared by default
Bpdu filter is enabled
BPDU: sent 332, received 1
- Goi tin BPDU nhận vào và gửi ra không đổi vì đã bị filter.
- Nhược điểm: gây ra loop khi filter BPDU ở block port
- BPDU filter (Pert-port) Có thể kết hợp các featuer khác theo nguyên tắc ở hình sau đây:
- Chiều out filter BPDU
- Chiều In hoạt động kết hợp theo nguyên tắc như trên:
- BPDU filter + BPDU guard --> BPDU guard disable
- BPDU filter + Portfast ---> OK con dê :v
- ….
- Mode Global.
- Conditional on Portfast state (rất quan trọng).
=> có nghĩa là portfast enable
-> bpdufilter enable và ngược lại.
Cmd: spanning-tree porfast bpdufilter
Enable trên các interface
operating porfast.
- Hoạt động theo hình sau.
- Chiều "out" Filter Most (not all of them) BPDU
- Chiều "in" (bỏ qua BPDU guard).
- Khi có 1 gói tin BPDU đi vào -> gặp portfast -> portfast disable -> BPDU filter disable -> interface running normal STP.
Port
2 (Ethernet0/1) of VLAN0010 is designated forwarding
Port path cost 100, Port priority 128, Port
Identifier 128.2.
Designated root has priority 20490, address
aabb.cc00.0200
Designated bridge has priority 24586,
address aabb.cc00.0100
Designated port id is 128.2, designated path
cost 100
Timers: message age 0, forward delay 0, hold
0
Number of transitions to forwarding state: 1
Link type is shared by default
BPDU: sent 332, received 1
- ƯU ĐIỂM: CHỐNG LOOP NHƯ TRƯỜNG HỢP CẤU HÌNH PER-PORT
No comments:
Post a Comment