Virtual Connect and Bridge Protocol Data Units (BPDU)

Rinaldo had a customer question on what Virtual Connect does with Bridge Protocol Data Unit (BPDU)packets:






The customer has a BPDU Guard security mechanism on the upstream switches. If a blade server accidentally or maliciously starts sending BPDUs from the enclosure to the rest of the network, the switch disables the connected physical port. In this scenario, as the vNet’s uplink ports are disabled, all the other servers connected to the same vNet  will loose connectivity.  

What is the Virtual Connect’s behavior in this case, do we drop BPDU packets  or let them flow thru the VC? If we let them flow are there workarounds to solve this issue?




Vincent answered:




Hi Rinaldo,


Virtual Connect normally drops BPDUs it knows about, namely the ones following the IEEE 802.1D standard, and it forwards the ones for other variants of spanning tree like Cisco’s PVST.



Any experience with BPDU packets and Virtual Connect? Let us know please and help Rinaldo out.