PortFast is a Spanning Tree enhancement added to RSTP and MST to allow host-connected interfaces to quickly transition from blocking state to forwarding. PortFast accomplishes this by allowing edge interfaces to transition directly from blocking to forwarding, which is much faster than the normal blocking > listening > learning > forwarding process.
PortFast also prevents Spanning Tree Topology Change Notifications from being sent to the root bridge when PortFast ports change state. Normally, every time a switch interface transitions from blocking to forwarding (or vise versa) a TCN is generated, forwarded towards the Root Bridge, and the entire network must age out their MAC tables since a change has been detected. This can lead to continuous TCN flooding and MAC relearning in networks with clients that are often disconnected/reconnected. PortFast stops that cycle by preventing the TCNs from being sent on edge ports.
Also, PortFast interfaces send STP BPDUs but do not expect to receive them. BPDUs would only be received if another switch was directly connected to the interface and could lead to switching loops. If a BPDU is received, the PortFast interface will be operationally disabled and will require a shut/no shut to bring the interface back up.
A common issue with host-connected switch ports not running the PortFast feature is DHCP timeouts. If the client DHCP discovery period ends before the port transitions to the forwarding state, DHCP timeout errors can occur. Some overly sensitive DHCP clients do not wait the the 30 seconds that normal STP ports take to transition through the listening and learning states and therefore will give up prematurely. PortFast fixes that.
There are two ways to configure the PortFast feature on a Cisco switch. PortFast can be applied at the individual port level using the spanning-tree portfast command or globally using the spanning-tree portfast default command. Keep in mind that both of these commands only apply to ports operating in access mode. The idea is that interfaces with directly-connected host would operate in access mode while interfaces connected to other switches would operate in trunk mode.
Option 1: Interface-level PortFast Configuration
Notice the warnings in the output above. Cisco does a good job of making it clear that enabling PortFast should be configured on host-connected interfaces only.
Option 2: Global PortFast Configuration
When PortFast is enabled globally, it can be explicitly disabled on individual ports using the spanning-tree portfast disable interface subcommand.
Additional PortFast Commands
PortFast Host Configuration
Cisco has created a handy interface-level command, switchport host, that acts like a macro to automatically optimize an interface for host connectivity. As you can see in the output below, it configures static access mode, PortFast, and disables any preexisting EtherChannel configuration on the interface by executing their individual commands.
Be aware that there is not a “no” option to the switchport host command. To undo its benefits, an administrator must change the mode, PortFast, or channel group configurations separately.
PortFast Trunk Configuration
PortFast does not apply to interfaces operating in trunking mode, however the interface-level spanning-tree portfast trunk command was added to do just that. This is commonly used when a router or server is directly connected and multiple VLANs need to be trunked to the connected device.
Be careful to never activate PortFast on a port connected to another switch. This bypasses the normal loop prevention mechanisms in Spanning Tree and can lead to switching loops. Let modern implementations of Spanning Tree like RSTP or MST handle fast switch-to-switch negotiation.