PortFast + BPDU Guard | STP Optional Features

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey what's up guys welcome to surfers in this video we're going to be looking at stp optional features portfast and bpdu guard if you've watched the video on stp then you'll know the biggest problem with 802 to 1 D is the conversions the reason for this is the time it takes to go from a non forwarding state to a forwarding State so just as a reminder a port needs to pass through the listening and learning transitional states and stay there for 15 seconds by default before it can enter a forwarding States mentioned on the STP video that this doesn't only affect ports connected to switches if you've ever plugged a computer into a real sister switch or even used packet tracer you may have noticed that the port doesn't turn green straightaway it turns orange and stays there for a bit this is because the port is going through these states first enters the listening state for 15 seconds the learning state for 15 seconds then finally it enters a forwarding state where traffic can start to pass through the problem of this is most computers these days boot up in less than 30 seconds or you might even plug in a laptop has already switched on then when the Internet's not working you might start running ipconfig and trying to troubleshoot why the Internet's not working part of this troubleshooting might even be unplugging the cable and then plugging it back in starting the whole process again this is where portfast comes in port fast pretty much just says let's get rid of all this and essentially disable as STP or together this lets the port start forwarding as soon as it's plugged in great but STP wasn't just created for a laugh nope it was created to stop switching loops so disabling it can be dangerous you must use port fast with caution what happens if Brian from down the hall rocks up with his switch takes an Ethernet cable and plugs it in reverse TP disabled you run the risk of kratom switching loops and we've all seen the effect that this has on the network from the STP video you'll remember that switches will send BPD use to negotiate a route bridge when Brian switch sends a bpdu to our switch with no protection it will accept it and probably cause loop but if the switch has bpdu guard enabled then this protects us from these kind of situations the switch will see the BPD you realize it's connected to another switch block the poor and put it into a funny little state called error disabled I say is a funny little state because it's not always immediately obvious when looking at the interface stages that is in an error disabled state you'll see what I mean in a minute okay so let's quickly go over the configuration for fast and bpdu guard can be enabled with only one command each first let's see what happens when we don't use poor fast is our switch if we do a quick show spanning tree command we can see there is no connections at the moment a computer Paul comes up and if we run the same command we can see the interface is in a listening state it will stay here for 15 seconds but I'll speed this up if we run the command again we can see it's in the learning state again it will stay here for 15 seconds and if we run the command one more time finally it's in a forwarding State so let's configure portfast on this interface so I'll unplug the computer enter the configuration terminal interface fastethernet 0/1 to enter the interface configuration switch port mode access to make sure this interface is an access port and the command to turn on port fast on this interface is spanning-tree portfast when you enter this command Ciccio gives you a warning message which says warning port fire should only be enabled on ports connected to a single host this is reminding you that port fires can cause potential switching loops if not used correctly you have been warned so that's portfast enabled for this interface but this switch is for mostly access ports then we don't want to be doing this on all interfaces doing what we can do instead is turn on port faster by default then disable it on any ports that need to connect the switches this makes sense if you have a switch where only a couple of ports connect to other switches so we'll exit out of this interface command v 1.is spanning-tree portfast default and again you'll get the same warning quesa let's test it will exit out command shows spanning-tree vlan1 and we'll see there's no devices connected plug in the computer and we'll run the command again as you can see the interface has gone straight to forwarding no faffing around with listening and learning states just straight into forwarding you're going to want to know some show commands for troubleshooting the first one is show spanning-tree summary here you can see if portfast default is enabled the next one is show spanning-tree interface fastethernet 0/1 portfast this is a very straight to-the-point command and tells you if port fast is enabled on that interface and of course we can always check the running config and see the commands we entered you okay so that's poor fast let's clear the screen and look at bpdu guard back to the configuration terminal and again we can turn on BBD you guard on a per interface basis by going into the interface configuration and the command is spanning tree PD you've got enable or if we want to do it globally we can exit out of here and run the command spanning-tree portfast bpdu guard default show commands for bpdu guard are pretty much the same as portfast we have show spanning-tree summary which shows if BPT you card is on by default show spanning-tree interface fastethernet 0/1 detail this command shows us if portfast and bpdu guard is enabled on the interface show running config to show our commands now I've been using the pipe command with the B to show everything that begins with the word interface okay so with the configuration done let's see it in action I'll unplug the computer from earlier now I'll plug in a switch to the interface with port past and bpdu guard enabled and see what happens the port comes up and it will take a couple of seconds to receive a bpdu there it is the switch received a bpdu and disabled the poor putting it into an error disabled state earlier I said this date can be a bit of a funny one that's because if I run a show IP interface brief command and it shows the interfaces down where does it tell you that as an error disabled state this could be important to remember when troubleshooting probably the best place to check if you think an interface could be an error disabled state is to use the command show interfaces status Harrod say whoa this will quickly show you the interface and the reason for being in a narrow disabled State there are some other reasons an interface might go into a narrow disable state but this time it's because of our bpdu guard violation another place to look out for this is the command show interface fastethernet 0/1 or whatever interface you are using at the top it will show the error disable of state so to fix this you need to first fix the cause of the problem so let's remove the switch then we need to go back into our interface configuration and issue this shutdown command then no anchorman this will remove the error disabled state to prove this worked we will exit here and run the show interface status error disabled command again as we can see no interfaces are showing now we will plug in the computer again the show IP interface brief command we can see that the interface is no up and it's working again that's it for both fast and bpdu guard pretty straightforward and simple but it can be a little bit tricky to troubleshoot if you don't know where to look if you like this video let us know by leaving a thumbs up commenting and subscribing the feedback we get from you guys is what keeps the videos coming thank you for watching

Info

Channel: CertBros

Views: 82,099

Rating: 4.9503508 out of 5

Keywords: Portfast, BPDU Guard, STP, Spanning Tree, Spanning Tree Portfast, Spanning Tree BPDU Guard, Portfast Explained, BPDU Guard Explained, BPDUGuard, bpdu, cisco, ccna

Id: n3en4EcHms0

Channel Id: undefined

Length: 11min 28sec (688 seconds)

Published: Mon Oct 23 2017