We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 588 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)


319 New Members signed up the last 30 days!


100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Forum Replies

  1. Very clear and easy to understand. Great job :slight_smile:

  2. Hi Rene,
    What happens when Portfast is enabled on a port but BPDU filter is not globally enabled and the port receives a BPDU.


  3. Chandru,
    The port will lose its portfast status, and will continue to function like a normal port (without Portfast). It will not be disabled unless BPDU Guard was also enabled.

    FYI: Rene has a Lesson related to this topic here

  4. Thanks Andrew. I have one more question, What is the real use of BPDU filter command in a Global mode, if a normal portfast can achieve the same functionality. Why do we need to enable BPDU filter at the global level and what enhancement does it provide at the global level. BPDU filter lesson says.

    BPDUfilter can be configured globally or on the interface level and there’s a difference:

    Global: if you enable BPDUfilter globally then any interface with portfast enabled will not send or receive any BPDUs. When you receive a BPDU on a portfast enabled interface then it will lose its portfast status, disables BPDU filtering and acts as a normal interface.

  5. Chandru,
    BPDUFilter Global and Portfast serve very different purposes:

    The most important thing that portfast does is define which ports should be ignored for spanning-tree re-convergence events. In other words, you want to make sure your access-level ports, where people might be plugging/unplugging their devices all the time, will not cause the entire spanning-tree topology run its STP calculation every time an event occurs. Secondarily, it tells the port in question to skip the listening/learning and go straight to forwarding.

    One thing that PortFast does NOT do is prevent the sending of BPDUs--only BPDU Filtering does that.

    When running BPDUFilter, you should do so only at the global level. The reason is at the global level it has a built in protection mechanism where if a BPDU is received on a port that has global filtering enabled, this port will fall back to being a "normal" port that sends/receives BPDUs. This protection is not present when enabling filtering on a per port basis which may result in a layer 2 loop (broadcast storm).

12 more replies! Ask a question or join the discussion by visiting our Community Forum