What Is BPDU Guard?

Save

BPDU stands for Bridge Protocol Data Unit, which is a packet of data, sent out on local area networks or LANs, that works to detect loops in a network. Loops can cause duplicate data packets to be sent out, which can take up bandwidth on a network. BPDU guard protects computers from receiving unauthorized data packets that may contain computer viruses.

Switch

  • A switch on a network works similar to a router. The BPDU filter on a LAN switch uses a default PortFast BPDU filter command; this prevents computers in a PortFast state from sending and receiving BPDUs. In BPDU protocol, LAN switches exchange data to select a root switch, configure the network, and then compare parameters with the other BPDUs that LAN switches send out on the network. If several BPDU links lead to the root bridge in the LAN switch, one computer port is allowed to communicate with the root bridge while the other computer ports on the LAN are turned off, to prevent a loop of data.

PortFast

  • A PortFast interface allows a computer to immediately connect to a network. Computers that are connected to a single server network do not receive BPDUs. This is because the protocol called the BPDU Guard command turns off computer ports that are port-fast enabled if any BPDUs are received by them. This is to prevent data loops from happening on a Layer 2 network, which is a local area network made with switches or bridged routers.

BPDU Guard

  • Most of the time, when a PortFast-enabled port receives an invalid
    BPDU, it is because an unathorized device has connected to the LAN and is attempting to exchange data with a computer. When the BPDU guard detects this, it changes the computer's port status to error-disabled and the switch turns off the port, thus preventing malware and hackers from accessing the computer.

BPDU Filtering

  • BPDU filtering can be enabled on a LAN switch or computer with the BPDU filter command. Filtering prevents switches and computer ports that are currently in the port-fast state from sending or receiving BPDUs. The filtering will stop a port from sending or receiving a BPDU, if it is not configured by BPDU guard to do so. If a BPDU is received, the PortFast state is removed, BPDU filtering is disabled and the port returns to its original state.

References

  • Photo Credit Jack Hollingsworth/Photodisc/Getty Images
Promoted By Zergnet

Comments

Related Searches

M
Is DIY in your DNA? Become part of our maker community.
Submit Your Work!