matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Better documentation of BDPU guard 

Document that guard disable the port and how to reenable it

Signed-off-by: Bastien Roucariès <rouca@debian.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This commit is contained in:
Bastien Roucariès 2020-04-13 01:50:36 +02:00 committed by Stephen Hemminger
parent 420febf961
commit 19bbebc459
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
man/man8/bridge.8
View File

@ -340,7 +340,18 @@ STP BPDUs.
.BR "guard on " or " guard off " .BR "guard on " or " guard off "
Controls whether STP BPDUs will be processed by the bridge port. By default, Controls whether STP BPDUs will be processed by the bridge port. By default,
the flag is turned off allowed BPDU processing. Turning this flag on will the flag is turned off allowed BPDU processing. Turning this flag on will
cause the port to stop processing STP BPDUs. disables
the bridge port if a STP BPDU packet is received.
If running Spanning Tree on bridge, hostile devices on the network
may send BPDU on a port and cause network failure. Setting
.B guard on
will detect and stop this by disabling the port.
The port will be restarted if link is brought down, or
removed and reattached. For example if guard is enable on
eth0:
.B ip link set dev eth0 down; ip link set dev eth0 up
.TP .TP
.BR "hairpin on " or " hairpin off " .BR "hairpin on " or " hairpin off "