How can I configure STP when a CE switch connects to a server

Basic Concept
If a specified port of a CE switch is connected to no other switching devices but directly connected to a server, the port can be configured as an edge port. The edge port will not participate in spanning tree calculation, which speeds up network topology convergence and enhances network stability.
In normal cases, an edge port does not receive any BPDUs. If a switch is attacked by forged BPDUs, edge ports will receive BPDUs. The switch then sets the edge ports as non-edge ports and recalculates the spanning tree, resulting in network flapping. You can configure BPDU protection to defend against network attacks of this type.

Configuration
When a CE switch connects to a server, configure the port connected to the server as an edge port and configure BPDU protection. The following takes the RSTP mode as an example:
system-view
[~HUAWEI] stp mode rstp //Set the STP working mode to RSTP.
[*HUAWEI] interface 10ge 1/0/1
[*HUAWEI-10GE1/0/1] stp edged-port enable //Configure the port as an edge port.
[*HUAWEI-10GE1/0/1] quit
[*HUAWEI] stp bpdu-protection //Enable BPDU protection.
[*HUAWEI] commit

Scroll to top