3Com 10014298 - page 203

Configuring MSTP 203

low-speed link and congestion will occur on the network. The root protection

function is used against such problem.

The root port and other blocked ports maintain their state according to the BPDUs

sent by an uplink switch. Once the link is blocked or has trouble, the ports cannot

receive BPDUs and the switch will select a root port again. In this case, the former

root port will turn into a specified port and the former blocked ports will enter the

forwarding state and a link loop will be created.

The security functions can control the generation of loop. After it is enabled, the

root port cannot be changed, the blocked port will remain in the discarding state

and will not forward packets.

You can use the following command to configure the security functions of the

switch.

Perform the following configuration in corresponding configuration modes.

After configured with BPDU protection, the switch will disable the edge port

through MSTP, which receives a BPDU, and notifies the network manager at the

same time. These ports can be resumed by the network manager only.

The port configured with root protection only plays the role of designated port on

every instance. Whenever such a port receives a higher-priority BPDU, that is, it is

about to turn into non-designated port, it will be set to listening state and will not

forward packets any more (as if the link to the port is disconnected). If the port has

not received any higher-priority BPDU for a certain period of time thereafter, it will

resume the normal state.

When you configure a port, only one configuration at a time can be effective

among loop protection, root protection, and edge port configuration.

By default, the switch does not enable BPDU protection, root protection, or edge

port protection.

Tabl e 212 Configure the Switch Security Function

Operation Command

Configure switch BPDU protection (from

system view)

stp bpdu-protection

Restore the disabled BPDU protection state as

defaulted (from system view)

undo stp bpdu-protection

Configure switch Root protection (from

system view)

stp interface interface-list

root-protection

Restore the disabled Root protection state as

defaulted (from system view)

undo stp interface interface-list

root-protection

Configure switch Root protection (from

Ethernet port view)

stp root-protection

Restore the disabled Root protection state as

defaulted (from Ethernet port view)

undo stp root-protection

Configure switch loop protection function

(from Ethernet port view)

stp loop-protection

Restore the disabled loop protection state, as

defaulted (from Ethernet port view)

stp loop-protection