Command Manual (For Soliton) – MSTPH3C S3100 Series Ethernet Switches Chapter 1 MSTP Configuration Commands1-54entries frequently, which may affect spanning tree calculation, occupy large amount ofbandwidth and increase switch CPU utilization.With the TC-BPDU attack guard function enabled, a switch performs a removingoperation upon receiving a TC-BPDU and triggers a timer (set to 10 seconds by default)at the same time. Before the timer expires, the switch only performs the removingoperation for limited times (up to six times by default) regardless of the number of theTC-BPDUs it receives. Such a mechanism prevents a switch from being busy inremoving the MAC address table and ARP entries.Examples# Enable the TC-BPDU attack guard function on the switch. system-viewSystem View: return to User View with Ctrl+Z.[Sysname] stp tc-protection enable1.1.49 stp tc-protection thresholdSyntaxstp tc-protection threshold numberundo stp tc-protection thresholdViewSystem viewParametersnumber: Maximum number of times that a switch can remove the MAC address tableand ARP entries within each 10 seconds, in the range of 1 to 255.DescriptionUse the stp tc-protection threshold command to set the maximum number of timesthat a switch can remove the MAC address table and ARP entries within each 10seconds.Use the undo stp tc-protection threshold command to restore the default.Normally, a switch removes the MAC address table and ARP entries upon receiving aTC-BPDU. If a malicious user sends large amount of TC-BPDUs to a switch in a shortperiod, the switch may be busy in removing the MAC address table and ARP entries,which may affect spanning tree calculation, occupy a large amount of bandwidth andincrease switch CPU utilization.With the TC-BPDU attack guard function enabled, a switch performs a removingoperation upon receiving a TC-BPDU and triggers a timer (set to 10 seconds by default)at the same time. Before the timer expires, the switch only performs the removing