vSphere vNetwork

 View Only

  • 1.  BPDU filters

    Posted Feb 22, 2016 05:44 PM

    Is it possible to implement BPDU filtering in ESXi? Can I do it on a standard switch or do I need a distributed switch?  Can I do it on an NSX distributed switch?

    Thanks



  • 2.  RE: BPDU filters

    Posted Feb 29, 2016 10:36 AM

    BPDU filtering is basically a STP functionality. Since the dvswitch doesnt loop it should not be nescessary to use BPDU guard.



  • 3.  RE: BPDU filters

    Posted Feb 29, 2016 02:10 PM

    Yes, but if the physical switch is configured incorrectly, it is possible for BPDU's to be sent to the ESXi host - so my question is, how to filter them if that should happen, and on which types of vswitches (standard switch, distributed switch, nsx distributed switch) is it possible to filter them.



  • 4.  RE: BPDU filters
    Best Answer

    Posted Mar 01, 2016 02:30 PM

    BDPU filtering is a host-wide and not a vSwitch setting. As such it works with both, standard and distributed vSwitches. There is no special license or add-on like NSX required, to enable it, you just have to set the host parameter Net.BlockGuestBPDU to 1. This will block all BDPU frames sent from any guest on any vSwitch on the host.

    See these articles for more details:

    VMware KB: Understanding the BPDU Filter feature in vSphere 5.1

    vSphere 5.1 - VDS New Features - BPDU Filter - VMware vSphere Blog - VMware Blogs



  • 5.  RE: BPDU filters

    Posted Mar 01, 2016 02:36 PM

    ok great - thanks!