Hello,

I am reading Sybex CCNA Sixth Edition.

I understand that BPDUGuard will completely disable a PortFast enabled port if it receives a BPDU frame. I believe that BPDUFilter will disable PortFast on a PortFast enabled access port that receives a BPDU frame and add the port back to the STP topology, thereby allowing the port to receive and send BPDUs. Please correct me if I am inaccurate. Here is where I am confused. Page 523 under BPDUFilter it states:
"... you can use BPDUFilter to completely stop BPDUs from coming to or going from that port. BPDUFilter filtering will immediately take a port out of PortFast if it receives a BPDU and force the port to be part of the STP topology again."

Is the bold an accurate statement? Without PortFast enabled couldn't the port send and receive BPDUs?

Also, page 524 states, "Understand that you typically would use one command or the other because both bpduguard and bpdufilter accomplish the same thing, so configuring both commands is somewhat overkill."

BPDUGuard disables a port, thereby stopping any potential loops. BPDUFilter keeps the port active and takes it out of PortFast, thereby allowing for possible loops. Not sure how these accomplish the same thing. Am I reading that incorrectly?

Thanks,

James

That's not quite the way it works. BPDUFilter effectively disables STP on that port, so you want to be damn sure you can't create a loop before you use it. BPDUGuard will put a port into the err-disabled state if it receives a BPDU. They are not the same thing.

Check out my blog on STP features http://altarespot.lessergods.eu/?p=43

I see. Thank you very much!