To make switch dynamically assign it priority lower than best one advertised in received BPDUs from all other switches in the segment:
BPDU Guard shuts down a port that receives a BPDU. When configured globally, BPDU Guard is only effective on ports in the operational PortFast state. When configured at the interface level, BPDU Guard shuts the port down as soon as the port receives a BPDU, regardless of the PortFast configuration.
BPDU Guard can also be applied not only in interface, but also in "Switch(config)#" global configuration mode. When enabled globally, BPDU Guard applies to all interfaces that are in an operational PortFast state.
The STP Root Guard feature prevents a port from becoming root port or blocked port. If a port configured for root guard receives a superior BPDU, the port immediately goes to the root-inconsistent (blocked) state - thus Root Guard feature prevents surrounding switches from announcing themselves as Root Bridges.
When configured on a port, this feature forces that port to remain as designated port and prevent it from becoming a root port. If another switch announces a superior (lower) BPDU on a port where root guard is enabled, the local switch will not allow the new switch to become the root.
Storm-control broadcast level 10 command limits that interface to only transmit at most 10% of its interface bandwidth worth of broadcast packets - if we have a 10-Mbps Ethernet line connected, we allow up to 1 Mbps of broadcasts every second before suppressing anything. 0.0 percent suppresses all traffic.
to disable DTP on this port use nonegotiate. Switchport type must be manually set as access or trunk
instead of vlan 1, we can assign ip address to another vlan and shut down vlan 1 if management vlan was there. Other switches in segment also have IP addreses from that range
to acess this vlan, a subinterface is needed