So, is not the loop hazard current in all instances?
TL;DR: Sure, there’s a short-term hazard with portfast in any case.
With spanning tree protocol enabled, a change port first enters the Studying state when a hyperlink comes up. On this state it already learns MAC addresses and listens to BPDUs, studying its spanning tree position, nevertheless it doesn’t ahead frames but, in case there’s a loop.
Since that usually creates an issue with finish nodes that count on full L2 connectivity when a hyperlink is up (consider DHCP), you’ll be able to put the ports in portfast mode (admin-edge-mode on some switches).
In that mode, a port skips Studying state and enters Forwarding state straight away after hyperlink up. That port nonetheless participates in spanning tree protocol nevertheless it begins forwarding frames earlier than it really is aware of its position within the spanning tree. That approach, a loop might go undetected for a brief interval.
In a nutshell, it is best to use portfast/admin edge with ports in direction of finish nodes that you do not count on to take part in a loop. Inter-switch ports and particularly redundant meshing ports ought to by no means be configured for portfast.
bpduguard can also be supposed for use with end-node ports, nevertheless it disables a port (=bodily hyperlink down) that BDPUs are obtained on, both completely till you reenable the port or for a configured interval. It is used to guard in opposition to rogue switches or gross misconfiguration in your community. Disabling a port has an affect in your community availability, so it is not for each use case.
Each portfast and bpduguard could also be used individually or together.
in case the port has no bpduguard, loops could be fashioned. however why?
As defined above, bpduguard protects in opposition to rogue, STP-enabled switches. xSTP can’t detect loops fashioned by switches/bridges that neither generate nor ahead BPDUs. With portfast, an STP-enabled port skips the educational state and begins forwarding earlier than it is ready to detect a loop by way of STP. When it receives the primary BPDUs and determines the proper port state, it stops forwarding, ending the loop.
does the port actually revert to regular STP operations (LSN/LRN/FWD) as quickly because it receives the primary bpdu?
The port state algorithm is managed by obtained BPDUs, so relying on the end result, the port enters both state. A portfast port works like every STP-enabled port, simply skipping the (secure) studying state to allow speedy forwarding after hyperlink up.