Sign up and stay connected to your favorite communities.

sign uplog in
3

BPDU only sent from root switch?

or other switches send them too?

11 comments
72% Upvoted
What are your thoughts? Log in or Sign uplog insign up

Non Root switches forward Hellos coming from the root; the root sends these Hellos based on the root’s configured Hello timer. Only the Root creates these BPDUs.

Also, in STP, only designated ports send BPDUs. In RSTP, all ports send them

Just 'cause it ain't in my flair doesn't mean I don't have certs
1 point · 3 months ago · edited 3 months ago

In STP, only the root bridge initiates BPDU's as per the hello timer (2 seconds typically). These are sent out all designated ports, and when a BPDU is received by a non-root switch on a root port, it will send BPDU's out all designated ports. It will not send any out through the root port, nor any blocking ports. This is where bridge assurance and backbone fast comes from; when turned on a switch will place a port in an inconsistent state if it stops receiving BPDU's, or begin immediate convergence.

In RSTP, ALL switches generate their own BPDU's per the hello timer, so they will continue to send out BPDU's even if the root bridge goes offline and hasn't yet aged out. Additionally, they will send BPDU's out all ports with RSTP neighbors as part of the negotiation system RSTP uses.

Finally, all ports can send BPDU's regardless of being an access port or trunk port. In Cisco's PVST+ and RSTP modes, you'll get one per vlan on trunk ports. With MST, you'll get one per instance to MST neighbors, and one for the CIST for STP/RSTP neighbors.

CCENT | CCNA
1 point · 3 months ago

You can connect an out-of-the-box switch to any port (access or trunk) and it will send BPDUs (security risk) you can configure BPDUGUARD, which err-disable the interface if it detects a BPDU

CCNA R/S :: Sec+ :: Net+ :: A+
0 points · 3 months ago

all switches send BPDU's from any port configured as a trunk

Original Poster1 point · 3 months ago

i thought only one designated port in each collision domain, so if we have 2 ports connected to two switches and each switch connected to 2-3 Vlans what will happen

CCNA R/S :: Sec+ :: Net+ :: A+
1 point · 3 months ago

I'm sorry I misspoke, all ports send BPDUs, only Trunk ports know what they are.
In a lab you can configure BPDU Guard to see how the switch will react

Just 'cause it ain't in my flair doesn't mean I don't have certs
2 points · 3 months ago · edited 3 months ago

That is also incorrect. All ports can process a BPDU, regardless of their mode as a trunk or access port. Simply turn on and connect any two ports on two Cisco switches and you'll see them come up as access ports, one switch will become the root bridge, and the other will have a root port pointing to the root bridge.

CCNA R/S :: Sec+ :: Net+ :: A+
1 point · 3 months ago

I guess that is correct when I think about it, possibly linked to BPDU guard on an access port.
When I read some articles is sounded like all ports send them, but only trunks understand them

Just 'cause it ain't in my flair doesn't mean I don't have certs
1 point · 3 months ago

Nope, they'll all understand them on Catalyst switches. If you enable BPDU guard, the switch will shut down the port if it receives a BPDU (it can still send them). If you enable BPDU filter, it will ignore any received and won't send them either.

CCNA R/S :: Sec+ :: Net+ :: A+
1 point · 3 months ago

Ah interesting ... thanks for the clarification!

Just 'cause it ain't in my flair doesn't mean I don't have certs
1 point · 3 months ago

NP

Community Details

31.8k

Subscribers

248

Online

Create Post

r/ccna Rules

1.
No posting of illegal materials
2.
No posting of braindumps
3.
Be courteous and helpful
4.
Don't ask others to complete your labs
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.