PortFast, BPDUguard and BPDUfilter

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

3 hours 35 minutes
Video Transcription
Welcome to this disco CCMP switch 201 15 Exam prep Siri's My name is full pension Ali On it It is episode where the focus on port fast bpd you guard and bpd you filter. You could enable port fast to speed up the time it takes the transition from the blocking that a forward in state on your exports on global configuration, Would you see the command
spine entry
port Fast default on this would enable port files globally on all your exports.
Additionally, there is also on interfere subcontract oration command we can use which is spanning tree port for us by itself. On every edge port is connected the like a serval on you want a trunk?
So violence their server. Then you can see the command spine in Freeport Fast trunk.
But you would not see this common
on your trunk ports goingto other switches.
Bpd guard
is an additional feature. You can enable what bpd regard basically does as soon as it receives a bpd. You on an export. It disables the port globally. You Would you see the command Spanish report fast v p d you guard default. There is also one interferes up configuration command which is spanning tree bpd, you guard
and then you would specify if he wanted enable or disable the future
on interferes basis. Also not BP Dugard would send a notification when it disables an interferes, which is ideal once you have long been set up in your network
bpd filter. On the other hand, when you applied globally, it will be disabled. If export receives a bpd and then the port is gonna transition and start sending bpd You as a regulars finance report. However,
if you enable DPD filter on interfere sub configuration level, it will silently filter
any BP do you receive But it would not shut down the port. This can create the potential switch and look within your network. If for some strange reason you connect to switch the one of the ports. Were you unable to bpd filter globally? Enable bpd You filter the command. Miss Pond entry port fast bpd filter default
on from the interferes up configuration. Would
you really see the command spanning tree bpd? You filter and then you specify either the enable option or the disabled option. It would silently filter. Oh DPD, you if it's applied at the interfere subcontract oration mood, I'm gonna bring up a lot knows we'll see how we would enable for class ppd, yogurt and bpd filter in this lab.
We'll work in the anyway. That's this one,
so we can see how we would set up for twice bpd. You guard on bpd filter. So here in Hanoi, access one
enable port files globally, Commander Spine Entry Port, Fast default.
And this is going to give us a warning message telling us that this commanding able support fast by default on all interfaces in this kid's. It's advising us that we should disable port fast on our trunk ports that are going the artist, which is in this case, and why Access one is connected to
and like, or one on fast n A zero *** training for on anyway, court to one facet Nazir's actuated tree. So the disable port fast on those two transports. I'll use the Interface Range command
on the Commander's finance report, fast disabled, and there's no disabled sport fast on these trunk ling's, so you wouldn't want to run support fast on your trunk legs that are going to other switches it forever. Your trunk in some villains like the server. Then you can enable port fast on an address. Additional keyword trunk.
Great. Now we can see port Fast default is enabled. When I run, the show is financially some recommend. And if I wanted to enable port fast on an individual link in this case is a fascinating zero slash one interferes that connects to the PC. So this is how we would enable port fast
Now everyone enable bpd you guard globally command this spanning tree
board fuss.
But this time we would specify bpd you guard
And then we would add on this key word before
LVPD guard is enabled globally. So for demonstration purposes aren't report fast is disabled on these two trunk interfaces is your secretary entry and fast 0 24 So I enable BP do guard on this specific interferes that's going up the core one which is a facet of 06 24 interface on here. I'm going to specify enable
No Well, press enter now I'm gonna shut this in the face and bring it all back
here we get a notification which we mentioned on a slight and it's telling us received bpd You on port fast. It means you're such 24 with DPD word enable. This stable import additionally tells us it's putting the interferes in error. Disabled state No way to show into his status on I feel throughout output to just look for error disabled interfaces. We can see
the five seat men's ears like training for it is currently in the area disabled state.
To fix this, I would need to remove the command and then it's your shot on No shot common and then in the face would come out of their disabled state because if I simply do a shot and no shot without taking off the bpd, you guard command from the interferes in the face would go back into the area. Disable State is gonna take a few seconds before it goes back into the area. Disabled state.
There we go.
We can see bpd. Regard is placed in the port into the area stable state.
So the truly fix this, we'll take off the command. Then it's your shot and then a notion.
So that's how we would bring the poor Toto very disabled. If Bpd Ugarte would have shot the poor dog. Now let's start on bpd. You filter on this specific port to the command, respond entry bpd you filter enable another shot and no shot. The interface, but you're not is this time we're not going to get any era and in the face is going to remain up. So as you can see, bpd filter
silently drops B p d
which could potentially create a switch and loop within your switch network Know that DP The filter is enable we're gonna start to see messages such as Mark flop here we can see it's telling us that villain one is flopping between the two trunk ports. But you're not going to see the interferes go down into area disable. Then the face will remain up.
So just keep that in mind whenever you're enable in bpd, you filter
within your switched environments. So this is how we will set up the port fast. The bpd you guard on the bpd, you filter features off spanning tree. All right, let's go back to the slides. They have a post assessment question which command enables bpd. You guard globally a spine entry bpd, you guard or be fined entry. DPD you guard default or C
spun entry
sport Fast bpd. You guard the fault.
On answer is C
spine entry Port fuss bpd. You guard default.
In today's episode, we continued with spine and free. This time we focused on Port Fast VP du Gard on bpd filter. In next episode, we were up up spine entry by looking at Luke guard on route card. This is Phillip Mention Ali and I want to thank you for choosing savory.
Up Next
CCNP Switch - 300-115

This course is engineered to prepare you for your CISCO Certified Network Professional CCNP Switch 300 - 115. In this course, we will cover all the main domains present in the current version of the CCNP Exam which are centered around infrastructure security and services and layer 2 technologies.

Instructed By