Command Manual (For Soliton) – MSTPH3C S3100 Series Ethernet Switches Chapter 1 MSTP Configuration Commands1-161.1.14 stp bpdu-protectionSyntaxstp bpdu-protectionundo stp bpdu-protectionViewSystem viewParametersNoneDescriptionUse the stp bpdu-protection command to enable the BPDU guard function on theswitch.Use the undo stp bpdu-protection command to restore to the default state of theBPDU guard function.By default, the BPDU guard function is disabled.Normally, the access ports of the devices operating on the access layer are directlyconnected to terminals (such as PCs) or file servers. These ports are usuallyconfigured as edge ports to implement rapid transition. But they resume non-edge portsautomatically upon receiving configuration BPDUs, which causes spanning treesrecalculation and network topology jitter.Normally, no configuration BPDU will reach edge ports. But malicious users can attacka network by sending configuration BPDUs deliberately to edge ports to cause networkjitter. You can prevent such attacks by enabling the BPDU guard function. With thisfunction enabled on a switch, the switch shuts down the edge ports that receiveconfiguration BPDUs and then reports these cases to the administrator. If an edge portis shut down, only the administrator can restore it.Examples# Enable the BPDU guard function. system-viewSystem View: return to User View with Ctrl+Z.[Sysname] stp bpdu-protection1.1.15 stp bridge-diameterSyntaxstp bridge-diameter bridgenum