DGS-3710 Series Layer 2 Managed Gigabit Switch CLI Reference Guide
123
Chapter 10
BPDU Attack
Protection Commands
config bpdu_protection ports
[<portlist> | all] {state [enable | disable] | mode [drop | block |
shutdown]}(1)
config bpdu_protection recovery_timer
[<sec 60-1000000> | infinite]
config bpdu_protection
[trap | log] [none | attack_detected | attack_cleared | both]
enable bpdu_protection
disable bpdu_protection
show bpdu_protection
{ports {<portlist>}}
10-1
config bpdu_protection ports
Description
This command is used to configure port state and mode for BPDU protection.
Format
config bpdu_protection ports [<portlist> | all] {state [enable | disable] | mode [drop | block |
shutdown]}(1)
Parameters
<portlist>
- Specifies a range of ports to be configured.
all
- Specifies to set all ports in the system.
state
- Specifies the BPDU protection state. The default state is disabled.
enable
- Enable the BPDU protection state.
disable
- Disable the BPDU protection state.
mode
- Specifies the BPDU protection mode. The default mode is shutdown.
drop
- Specifies to drop all received BPDU packets when the port enters the under attack
state.
block
- Specifies to drop all packets (include BPDU and normal packets) when the port enters
the under attack state.
shutdown
- Specifies to shut down the port when the port enters the under attack state.
Restrictions
Only Administrator and Operator-level users can issue this command.
Example
To configure port state to enable and drop mode: