Home > PortFast Questions

PortFast Questions

November 20th, 2019 Go to comments

Question 1

Explanation

If a BPDU is received on a port where BPDU guard is configured, that port is put into errdisable state (nearly the same as shutdown state) immediately. BPDU Guard is often configured on a PortFast-enabled port to prevent a switch from connecting to. When that switch begins to send BPDU to a BPDU guard port, it will be blocked immediately.

Question 2

Question 3

Explanation

Answer A is not correct as PortFast only skips listening and learning state, not “skip all spanning-tree states” (which includes forwarding state).

Question 4

Explanation

The Portfast feature can be configured on both access or trunk port. This feature instructs the port to skip listening and learning state and move to forwarding state immediately.

“Skip 802.1D timers” here means “skip the listening and learning timers” so in fact these two answers have same meanings.

Question 5

Question 6

Question 7

Explanation

At the global level, you can enable BPDU filtering on Port Fast-enabled interfaces by using the spanning-tree portfast bpdufilter default global configuration command. This command prevents interfaces that are in a Port Fast-operational state from sending or receiving BPDUs. The interfaces still send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to these interfaces do not receive BPDUs. If a BPDU is received on a Port Fast-enabled interface, the interface loses its Port Fast-operational status, and BPDU filtering is disabled.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html

The first and second underlined sentences are very contradictory. The first one says it prevents an interface from receiving BPDUs while the second one says when it receives BPDUs, BPDU filtering is disabled!

The fact is this command will prevent an interface from sending BPDUs only. But if it receives BPDUs, it will lose its Port Fast feature and return to a normal switching port (with STP enabled).

Note: There is another important thing we want to mention here: there are two ways to configure BPDU filtering feature, one in global configuration mode and one under a specific interface:

Configuring BPDU filter globally:
Switch(config)#spanning-tree portfast bpdufilter default
 
Configure BPDU Filter on the interface:
Switch(config-if)#spanning-tree bpdufilter enable (this overrides the global bpdufilter command above)

But the effect of these two commands are different and you should remember:
+ When BPDU filtering is enabled globally; and if BPDUs are seen, the port loses its PortFast status, BPDU filtering is disabled, the port returns to normal state
+ When BPDU filtering is enabled on a specific port, it prevents this port from sending or receiving BPDUs (so if BPDUs are seen, they will be dropped)

Question 8

Comments
  1. NotYetCCNP
    January 15th, 2020

    Q8. Why answer is not C? Does anybody have any confirmation that answer A is correct? I was unable to find any documents/articles/manuals confirming that its possible to use “switchport mode access” and “spanning-tree portfast trunk” commands on the same port.

  2. ugee
    January 18th, 2020

    Q8

    Question 8

    Which statement describes the result of issuing the spanning-tree portfast trunk command under interface configuration mode?
    A. The port is allowed to go into the forwarding state immediately regardless of whether the interface is configured as an access or trunk port.
    B. The port enters the errdisable state if BPDUs are received.
    C. Trunk interfaces can be configured for PortFast.
    D. The portfast trunk port immediately replaces the lost root port with an alternate root port.

    @NotYetCCNP
    This should be C
    https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg/b_1524e_consolidated_3750x_3560x_cg_chapter_01000001.html

  3. Wanker
    February 1st, 2020

    I believe Q8 is actually A. I can’t really see why C is wrong but A just feels “more right” to me. I initially thought spanning-tree portfast trunk would only enable portfast for trunk interfaces, however it actually also applies to access ports.

    So in short, “spanning-tree portfast” applies to only access whereas “spanning-tree portfast trunk” applies to access and trunk, meaning A is correct

  4. flkang
    February 6th, 2020

    Q8

    I have tested in real gear

    if)#spannig-tree portfast trunk –> issue on a operational access port, I skips lis/lrn states
    Then I’ve change the port to operational trunk and also skips list/lern states.

    So A is correct.

    Just not sure why C it is not.

  1. No trackbacks yet.