The BPDU (Bridge Protocol Data Unit) guard feature can be globally enabled on the switch or can be enabled per port, but the feature operates with some differences. At the global level, you enable BPDU guard on the Port Fast-enabled ports by using the spanning-tree portfast bpduguard default global configuration command. The Spanning tree shuts down the ports that are in a Port Fast-operational state if any BPDU is received on them. In a valid configuration, the Port Fast-enabled ports do not receive BPDUs. Receiving a BPDU on a Port Fast-enabled port means an invalid configuration, such as the connection of an unauthorized device, and the BPDU guard feature puts the port in the error-disabled state. When this happens, the switch shuts down the entire port on which the violation occurred.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article