BPDU Guard and Hubs

Good morning.
I have a question about BPDU Guard. On CCNP Cisco Press I read: “Naturally, BPDU Guard does not prevent a bridging loop from forming if an Ethernet hub
is connected to the PortFast port. This is because a hub does not transmit BPDUs itself; it
merely repeats Ethernet frames from its other ports. A loop could form if the hub became
connected to two locations in the network, providing a path for frames to be looped
without any STP activity.”

Ok, I know that the Hubs are Layer 1 Device and never produce and send BPDU Frame.

But if I will use a Hub to connect the Switchport Portfast enabled of one Switch with other Switch, the Hub don’t relayed even BPDU frame? So the switchport portfast enabled should detect the BPDU even if there is a Hub between the two switchs.

Where is the problem? When I read che CCNP book I thought that the Hub relayed any ethernet frame but don’t relayed BPDU Frame.

Thanks a lot.

Hello Americo

The purpose of BPDU guard is to prevent someone connecting a switch to a port that has been configured using Portfast. If you connect such a switch, it will send BPDU packets and will automatically shutdown the port, thus preventing loops.

However, if you plug in a HUB to a port configured with Portfast and BPDU guard, the port will not shut down because the hub does not generate BPDUs. The switch cannot distinguish between a hub and a PC for example. So theoretically, one can connect the hub to multiple portfast ports of the same or different switches and loops will be created even if BPDU guard has been configured.

I hope this has been helpful!

Laz