1. Home
  2. Cisco Systems
  3. BPDU problem

BPDU problem

see the folloing logs:

001918: .Jul 2 00:44:28.825 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to down

001919: .Jul 2 00:44:33.540 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to up

001934: .Jul 5 06:38:17.506 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to down

001935: .Jul 5 06:38:22.321 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to up

001936: .Jul 8 06:03:01.727 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to down

001937: .Jul 8 06:03:06.333 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to up

This fastethernet 0/48 is connecting to another switch called 3750-IT (10.10.7.254). Show log on this switch gives you:

Ethernet2/0/19 with BPDU Guard enabled. Disabling port. (3750-IT-2)Jul 8

14:50:38.487 EDT: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port Fast

Ethernet2/0/19 with BPDU Guard enabled. Disabling port. (3750-IT-2)030459: Jul 8 14:50:40.475 EDT: %LINK-3-UPDOWN: Interface FastEthernet2/0/19, changed state to down

Jul 8 14:55:36.073 EDT: %PM-4-ERR_RECOVER: Attempting to recover from bpduguard err-disable state on Fa2/0/19 (3750-IT-2)

030460: Jul 8 14:55:39.722 EDT: %LINK-3-UPDOWN: Interface FastEthernet2/0/19, changed state to up

Jul 8 14:55:40.460 EDT: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet2/0/19 with BPDU Guard enabled. Disabling port. (3750-IT-2)

Jul 8 14:55:40.460 EDT: %PM-4-ERR_DISABLE: bpduguard error detected on Fa2/0/19, putting Fa2/0/19 in err-disable state (3750-IT-2)

Jul 8 14:55:40.502 EDT: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet2/0/19 with BPDU Guard enabled. Disabling port. (3750-IT-2)

Any idea how to fix this issue?

Thanks in advance.

Rob

Reply to
Rob
Loading thread data ...

On the 3750, turn off portfast on interface that connects to other switch. "no spanning-tree portfast".

BPDU guard works in conjuction with portfast. Portfast is used on interfaces that are not connecting to other L2 devices (switches), so that the interface will come up right away instead of waiting for spanning-tree to determine if another switch is connected to it. When spanning-tree is enabled, when a port comes up, the port is put into "listening" mode for 30 seconds. During this time, the switch can receive packets, but no packets are sent, other than spanning-tree BPDU's. Even though the port is "up" no traffic can be passed. After 30 seconds, the port is moved to the "forwarding" state and traffic is then able to be sent and received. When portfast is enabled, the port comes up right away both sending and receiving traffic. When you are enabling portfast, you are saying that "no layer 2 device should be connected to this port so enable it right away". If a BPDU (spanning-tree packet) is received on a port with portfast enabled, normal spanning tree methods are invoked immediately. The port goes into "listen" mode for 30 seconds. When BPDU guard is enabled, instead of starting the normal spanning-tree protocol initialization, the port is instead disabled.

Reply to
Thrill5

Two options.

  1. Turn BPDU-Guard off
  2. Disconnect the switch/bridge attached to the port.
Reply to
Paul Matthews

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.