| BPDU protection | Link |
|---|---|
| |
| command | set protocol rstp interface ge-0/0/0 edge set protocol rstp bpdu-block-on-edge # OUTGOING : don't send RSTP's BPDU on access port / Edge port |
| layer2-control | set protocol layer2-control bpdu-block interface ge-0/0/0 # INCOMING block STP / BPDU packets on access port/ Edge port set protocol layer2-control disable-timeout 3600 [ 1 hour |
| show commands | |
| show commands | show spanning-tree interface ge-0/0/0 >>> look for port State: FWD or BLCK Physical link state: Up or Down BPDU Erro: None or Detected |
| clear BPDU error | |
| clear BPDU error | clear error bpdu interface ge-0/0/0 |
| Loop Protection | in case of none responsive neighbor , no hello BPDU >>> wait until hello BPDU comeback |
| stop to switch to from alternate role (+ blocking state) to designated role ( + fwd state ) | set protocol rstp interface ge-0/1/0 bpdu-timeout-action block set protocol rstp interface ge-0/1/1 bpdu-timeout-action block |
| Root Protection | Link |
| to avoid unwanted STP topology changes and root bridge placement |
|
| per interface ( on the Root bridge and backup root bridge) | set interface ge-0/0/6 no-root-port set interface ge-0/0/7 no-root-port |
| if offender detected go in blocking state | set protocol rstp interface ge-0/0/6 bpdu-timeout-action block set protocol rstp interface ge-0/0/7 bpdu-timeout-action block |
| offender switch the attached local port will be put in | Disable Role ( blocking state ) |
| show spanning-tree |
...