Sign up and stay connected to your favorite communities.
or other switches send them too?
Non Root switches forward Hellos coming from the root; the root sends these Hellos based on the root’s configured Hello timer. Only the Root creates these BPDUs.
Also, in STP, only designated ports send BPDUs. In RSTP, all ports send them
In STP, only the root bridge initiates BPDU's as per the hello timer (2 seconds typically). These are sent out all designated ports, and when a BPDU is received by a non-root switch on a root port, it will send BPDU's out all designated ports. It will not send any out through the root port, nor any blocking ports. This is where bridge assurance and backbone fast comes from; when turned on a switch will place a port in an inconsistent state if it stops receiving BPDU's, or begin immediate convergence.
In RSTP, ALL switches generate their own BPDU's per the hello timer, so they will continue to send out BPDU's even if the root bridge goes offline and hasn't yet aged out. Additionally, they will send BPDU's out all ports with RSTP neighbors as part of the negotiation system RSTP uses.
Finally, all ports can send BPDU's regardless of being an access port or trunk port. In Cisco's PVST+ and RSTP modes, you'll get one per vlan on trunk ports. With MST, you'll get one per instance to MST neighbors, and one for the CIST for STP/RSTP neighbors.
You can connect an out-of-the-box switch to any port (access or trunk) and it will send BPDUs (security risk) you can configure BPDUGUARD, which err-disable the interface if it detects a BPDU
all switches send BPDU's from any port configured as a trunk
i thought only one designated port in each collision domain, so if we have 2 ports connected to two switches and each switch connected to 2-3 Vlans what will happen
I'm sorry I misspoke, all ports send BPDUs, only Trunk ports know what they are.In a lab you can configure BPDU Guard to see how the switch will react
That is also incorrect. All ports can process a BPDU, regardless of their mode as a trunk or access port. Simply turn on and connect any two ports on two Cisco switches and you'll see them come up as access ports, one switch will become the root bridge, and the other will have a root port pointing to the root bridge.
I guess that is correct when I think about it, possibly linked to BPDU guard on an access port.When I read some articles is sounded like all ports send them, but only trunks understand them
Nope, they'll all understand them on Catalyst switches. If you enable BPDU guard, the switch will shut down the port if it receives a BPDU (it can still send them). If you enable BPDU filter, it will ignore any received and won't send them either.
Ah interesting ... thanks for the clarification!