Configuration Condition
None
Configure the Priority of a Port
A port ID consists of port priority and port index. Port ID affects election of the port role. A smaller port ID indicates a higher priority. One port may have different port priority in different spanning tree instances.
Table 9-9 Configuring the Priority of a Port
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode.
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode.
|
interface link-aggregation link-aggregation-id
|
|
Configure the priority of a port.
|
spanning-tree mst instance instance-id port-priority priority-value
|
Mandatory.
By default, the priority of the port in all spanning tree instances is 128.
|
|
In the vist/rapid-vist mode, configure the priority of a port.
|
spanning-tree vlan vlan-id port-priority priority-value
|
Mandatory.
By default, the priority of the port in all spanning tree instances is 128.
|
-
The step of port priorities is 16, that is, the valid values include: 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240.
Configure the Default Path Cost Standard for a Port
Compared with the path cost calculated based on the IEEE 802.1D-1998 standard, the path cost calculated based on the IEEE 802.1T-2001 is larger. With the increase of the link rate, the path cost value quickly decreases.
Table 9-10 Configuring the Default Path Cost Standard for a Port
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Configure the default path cost standard for a port.
|
spanning-tree pathcost method { dot1D-1998 | dot1T-2001 }
|
Mandatory.
By default, the IEEE 802.1T-2001 standard is used to calculate the default path cost of the port.
|
Configure the Path Cost of a Port
The port path cost affects election of the port role. A smaller port path cost means a better link. One port may have different port path cost in different spanning tree instances.
Table 9-11 Configuring the Path Cost of a Port
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode.
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode.
|
interface link-aggregation link-aggregation-id
|
|
Configure the path cost of a port.
|
spanning-tree mst instance instance-id cost cost-value
|
Mandatory.
By default, the path cost is automatically calculated according to the port rate.
|
| In the vist/rapid-vist mode, configure the path cost of the port |
spanning-tree vlan vlan-id cost cost-value
|
Mandatory
By default, the path cost is automatically calculated according to the port rate.
|
Configure Length Check of BPDU Packet
Configuring the length check of the BPDU packet can let the port check the length of the received BPDU packet, so as to prevent the attack of the BPDU packet with the invalid length.
Table 9-12 Configure the length check of the BPDU packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Configure the length check of the BPDU packet
|
spanning-tree bpdu length-check
|
Mandatory
By default, do not enable the length check of the BPDU packet.
|
Configure Maximum Length of BPDU Packet
Configure the maximum length of the valid BPDU packet when checking the length of the BPDU packet.
Table 9-13 Configure the maximum length of the BPDU packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Configure the maximum length of the BPDU packet
|
spanning-tree bpdu max-length max-length
|
Mandatory
By default, the maximum length is 1500 bytes.
|
Configure Maximum Transmitting Rate of BPDU Packets
The maximum transmitting rate of BPDU packets limits the number of BPDU packets that can be transmitted during the Hello Time of a device. This prevents the device from sending too many BPDU packets which may cause frequent spanning tree calculation for other devices.
Table 9-14 Configuring the Maximum Transmitting Rate of BPDU Packets
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Configure the maximum transmitting rate of BPDU packets.
|
spanning-tree transmit hold-count hold-count-number
|
By default, a port can send a maximum of 6 BPDU packets within Hello Time.
|
Configure Source MAC Check of BPDU Packet
Configuring the source mac check of the BPDU packet can let the port check the source MAC of the received BPDU packet, so as to prevent the BPDU packet attack of the invalid device.
Table 9-15 Configure the source mac check of the BPDU packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode
|
interface link-aggregation link-aggregation-id
|
|
Configure the source mac check of the BPDU packet
|
spanning-tree bpdu src- mac-match src-mac
|
Mandatory
By default, the port does not enable the source MAC check of the BPDU packet.
|
Configure Timeout Factor of BPDU Packets
In a stable network topology, designated port will send a BPDU packet to neighbored device every HELLO TIME. Usually if the device doesn't receive the BPDU packet from upper devices within three times of the timeout (3*HELLO TIME), it is considered that the network topology changes, which will start a spanning tree re-election.
However in a stable network topology, if the upper device can’t receive the BPDU packet in the case of busy or any other reason, it will start a spanning tree re-election. In this case, you can configure the timeout factor to avoid such calculation.
Table 9-16 Configure the timeout factor of BPDU packets
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Configure time factor of BPDU packets
|
spanning-tree timer-facor times-number
|
By default, if the device doesn't receive the BPDU packet from upper devices within three times of the timeout (3*HELLO TIME), it is considered that the network topology changes, which will start a spanning tree re-election. In stacking environment, it is recommended to configure the timeout factor as 6.
|
|
In the vist/rapid-vist mode, configure time factor of BPDU packets
|
spanning-tree vlan vlan-id timer-facor times-number
|
By default, if the device doesn't receive the BPDU packet from upper devices within three times of the timeout (3*HELLO TIME), it is considered that the network topology changes, which will start a spanning tree re-election. In stacking environment, it is recommended to configure the timeout factor as 6.
|
Configure an Edge Port
Edge ports are the ports that are directly connected to user terminals. If an edge port is UP/DOWN, it does not cause temporary loops. Therefore, an edge port can quickly migrate from the Discarding status to the Forwarding status without delay time. In addition, if an edge port is UP/DOWN, it does not send TC BPDUs. This prevents unnecessary spanning tree re-calculation.
If an edge port receives BPDU packets, it becomes a non-edge port again. Then, the port can become the edge port again only after it is reset.
Table 9-17 Configuring Edge Ports
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode.
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode.
|
interface link-aggregation link-aggregation-id
|
|
Configure an edge port.
|
spanning-tree portfast edgeport
|
Mandatory.
By default, a port is a not an edge port.
|
-
Before specifying the port as the edge port, confirm whether the port is directly connected with the user terminal. Otherwise, it may cause the temporary loop after configuring as the edge port.
Configure Auto Detection of Edge Port
Configuring the auto detection of the edge port can let the port connected to the terminal automatically identified as edge port, so as to prevent the online/offline of the terminal device from making the spanning tree re-calculation cause the network shock.
If receiving the BPDU packet after being identified as the edge port, it changes to the non-edge port again.
Table 9-18 Configure the auto detection of the edge port
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode
|
interface link-aggregation link-aggregation-id
|
|
Configure the auto detection of the edge port
|
spanning-tree portfast autoedge
|
Mandatory
By default, the auto detection of the edge port is enabled in the single- machine mode, and is disabled in the stacking mode.
|
Force Auto Detection of Edge Port
Because of the configuration or environment, the current port may be identified as the edge port or non-edge port wrongly. Here, the user can execute the command to trigger the port to perform the edge port detection so that the port can identify whether itself is the edge port correctly.
Table 9-19 Configure the auto detection of the edge port
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode
|
interface link-aggregation link-aggregation-id
|
| Force the auto detection of the edge port |
spanning-tree portfast autoedge force |
Mandatory |
-
The command can take effect only when the port enables the auto edge port detection.
Configure Port Link Type
If two devices are directly connected, you can configure the port link type to point-to- point link. The ports of the point-to-point link type can quickly migrate from the Discarding status to the Forwarding status without delay time.
Table 9-20 Configuring the Port Link Type
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode.
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode.
|
interface link-aggregation link-aggregation-id
|
|
Configure the port link type.
|
spanning-tree link-type { point-to-point | shared }
|
Mandatory.
By default, the port link type is set according to the port duplex mode. If the port works in the full duplex mode, the port is set to the point-to-point link type. If the port works in the half duplex mode, the port is set to the shared link type.
|
-
The port link type should be configured according to the actual physical link. If the actual physical link of the port is not point-to-point link, and is configured as the point- to-point link wrongly, it may cause the temporary loop.
- When the local port link type is the share link type, the local port does not support the auto identifying function of the edge port. If the peer port performs the auto identifying of the edge port, it may make the peer port be identified as the edge port wrongly.
Configure Port Bridge Assurance Function
After the bridge assurance function is enabled on the current port, the port will send BPDU regardless of its spanning tree role (even AlternatePort or BackupPort). If the port does not receive BPDU from the peer device for a period of time, the port state will switch to the Blocking state and will not participate in spanning tree calculation. If the BPDU of the peer device is received in the future, the current port will resume normal spanning tree calculation.
Table 9-21 Configure the port Bridge Assurance function
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode.
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode.
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration takes effect only on the current port. After entering the aggregation group configuration mode, the subsequent configuration takes effect only on the aggregation group.
|
|
Enter the aggregation group configuration mode.
|
interface link- aggregation link- aggregation-id
|
|
Configure the port link type
|
spanning-tree bridge- assurance enable
|
Mandatory
By default, the Bridge Assurance function of the port is not enabled.
|
The configuration strictions of Bridge-Assurance:
- It is mutually exclusive with BPDU-Guard, BPDU-Filter, Port-Fast (adminEdge, autoEdge) of the port. If one of these functions is configured on the port, Bridge-Assurance cannot be configured (there will be a print prompt).
- In STP mode, RP and AP cannot send BPDU at will, so the Bridge-Assurance configuration in STP mode is not effective, but can be configured.
Switch
.png){kind=icon}
.png){kind=logo}
.jpg)
.png){kind=logo}
