When unmanaged switches are connected to access ports, there's a risk that they may start participating in Spanning Tree Protocol (STP) or introduce loops. BPDU Guard is the most effective mechanism to mitigate this risk:
BPDU Guard disables a port immediately upon receiving any BPDU, ensuring that only end hosts (non-switch devices) are connected to access ports.
This protects the stability of the STP topology by preventing accidental or malicious introduction of switches into the Layer 2 domain.
Other options explained:
A (PortFast): Accelerates port transition to forwarding state but does not protect against loops caused by BPDUs.
B (UDLD): Detects unidirectional physical link failures but not STP participation.
C (Root guard): Prevents the connected device from becoming a root bridge but still allows BPDUs.
—
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit