Header Only - DO NOT REMOVE - Extreme Networks

how to filter bpdu frames


Userlevel 4
Create Date: Jul 6 2012 4:24AM

Hi,

I'm desperately trying to make xos switches drop bpdu. I'm not using STP , but I have have some old no-extreme switches that keep broadcast bpdu. Since my network is huge, I need that XOS switches drop those bpdus.

I've managed to do that on cisco and almost any other switch with cisco-like CLI

Is there someway to do that on XOS?

(from Stefano_Ferrari)

5 replies

Userlevel 4
Create Date: Jul 6 2012 9:02AM

Hi,

following concept guide:

-----
Dynamic ACL for STP

create access-list bpdu1 "ethernet-destination-address 01:80:C2:00:00:00;" "deny; count bpdu1"
conf access-list add "bpdu1" first ports 6 ingress

To configure a dynamic ACL for blocking PVST frames on port 6, use the following:

create access-list bpdu2 "ethernet-destination-address 01:00:0c🇨🇨cc:cd;" "deny; count bpdu2"
conf access-list add "bpdu2" first ports 6 ingress

----------

--
Jarek
(from Jaroslaw_Kasjaniuk)
Is this a valid answer? Please confirm.Thanks.
Userlevel 5
Hi Suleima,

Yes, this is a valid answer. In fact it is copied out of our concepts guide.

Thanks,

Ron
Hi Ron,

Actually am very new to Extreme..

For Vlan7 - ZU1 and port 4, Need to config bdpu filter enable ( Like Cisco). The STP functionality is not required (listening, learning, disabled). Would you please comment how to proceed on that and what would be the command?

Thanks!
Suleima
Userlevel 4
By default, switch will drop the BPDU packet if STP is not configured on the switch and switch will generate the EMS log messages with "STP.InBPDU.Drop". However, you can configure the above dynamic ACL to block the BPDU traffic coming on port. Refer the ACL chapter from EXOS concept guide for sample configuration.

Reply