TP-Link TL-SG3210 TL-SG3210 V1 CLI Reference Guide - Page 158
spanning-tree security
View all TP-Link TL-SG3210 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 158 highlights
Spanning Tree globally. To return to the default configuration, please use no spanning-tree tc-defend command. A switch removes MAC address entries upon receiving TC-BPDUs. If a malicious user continuously sends TC-BPDUs to a switch, the switch will be busy with removing MAC address entries, which may decrease the performance and stability of the network. Syntax spanning-tree tc-defend [ threshold threshold ] [ period period ] no spanning-tree tc-defend Parameter threshold -- TC Threshold, ranging from 1 to 100 packets. By default, it is 20. TC Threshold is the maximum number of the TC-BPDUs received by the switch in a TC Protect Cycle. period -- TC Protect Cycle, ranging from 1 to 10 in seconds. By default, it is 5. Command Mode Global Configuration Mode Example Configure TC Threshold as 30 packets, and TC Protect Cycle as 10 seconds: TP-LINK(config)# spanning-tree tc-defend threshold 30 period 10 spanning-tree security Description The spanning-tree security command is used to configure MSTP Port Protect. To return to the default configuration, please use no spanning-tree security command. Port Protect function is to prevent the devices from any malicious attack against STP features. Syntax spanning-tree security [loop { disable | enable }] [root { disable | enable }] [TC { disable | enable }] [defend { disable | enable }] [hold { disable | enable }] no spanning-tree security Parameter loop -- Enable/ Disable Loop Protect. By default, it is disabled. Loop Protect is to prevent the loops in the network brought by recalculating STP because of link failures and network congestions. root -- Enable/ Disable Root Protect. By default, it is disabled. Root Protect 146