Can ACLs on S series switches filter BPDU packets

For S series switches (except S1700 switches):
Information about STP and RSTP is transmitted in BPDUs. A BPDU packet is encapsulated into an Ethernet frame and its destination MAC address is a multicast MAC address 0180-C200-0000. A Layer 2 ACL (with the number ranging from 4000 to 4999) with the destination MAC address configured as 0180-C200-0000 can filter BPDU packets.
[HUAWEI] acl 4001
[HUAWEI-acl-L2-4001] rule 5 permit destination-mac 0180-c200-0000

Scroll to top