I'm trying to understand if two ports on the same switch, are in portfast mode, will a loop be created when the two ports are connected to each other. i.e. if FastEthernet 0/2 and 0/3 are both set to portfast and are then connected via an ethernet cable directly to each other, or via a hub, will one of the ports go into 'blocking'.
I've tested this behavior using Cisco's Packet Tracer and FastEthernet 0/3 ends up being blocked. Below is an excerpt from the running config:
!
spanning-tree mode rapid-pvst
!
interface FastEthernet0/1
!
interface FastEthernet0/2
spanning-tree portfast
!
interface FastEthernet0/3
spanning-tree portfast
!
The following is the show spanning-tree output:
Switch#show spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0060.3EB7.B631
Cost 19
Port 1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.D315.4BD5
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/3 Altn BLK 19 128.3 Shr
Fa0/2 Desg FWD 19 128.2 Shr
Fa0/1 Root FWD 19 128.1 P2p
Switch#
If the behavior described above, is expected when using portfast, what advantage is there to using bpduguard? As it would appear a lot sources recommend using portfast and bpduguard together.
Best Answer
Port fast bypasses the usual STP phases and goes straight into forwarding. This is useful for ports connected to end-devices which use DHCP. It does not stop BPDUs, and there are those who advocate using it on all ports, although Cisco has a different take on it:
BPDU guard will disable (errdisable) a port which receives BPDUs. The helps to prevent rogue switches and STP loops. Cisco has a document which explains BPDU guard: