The Spanning Tree Protocol (STP)

 Prevents loops, loops cause broadcast storms

 Allows redundant links

STP is used in bridged LANs to prevent bridging loops. It is a means for

preventing loops at layer two, while split horizon prevents loops at layer 3.

STP configures the active topology of a Bridged LAN into a single spanning tree, such that there
is at most one data route between any two end stations, eliminating data loops.

Provides fault tolerance by automatically reconfiguring the spanning tree topology as a result of
Bridge failure or a path breakdown and the automatic accommodation of any Bridge or Bridge
Port added to the Bridged LAN without forming data loops.

Bridge Priority - Numerical value held by switches. All Catalyst switches are priority 32768
Bridge ID = Priority Value and switch MAC Address.

Spanning Tree Algorithm examines the switched network and places each port in the loop into
either Forwarding or Blocking state, thereby shutting down any redundant links and preventing
network loops occurring.

Question

The switches are connected together creating a loop. What is the type of loop that is caused in
this setup and what is the name of the protocol that prevents this from becoming a problem?

A. routing loops, hold down timers

B. switching loops, split horizon
C. routing loops, split horizon
D. switching loops, VTP
E. routing loops, STP
F. switching loops, STP

Answer F
STP prevents switching loops from being formed on switches with multiple paths.
Split horizon prevents routing loops in distance vector protocols.

Without Spanning Tree redundant links cause loops

With Spanning Tree enable port is blocked and loops are avoided
Spanning Tree Terms

Root bridge This is the bridge with the lowest bridge ID.
Blocking and forwarding decisions are made from the perspective of the root bridge.

BPDU To decide which switch is the root switch, each switch begins by claiming to be the Root
Switch they all send out an STP messages called BPDU's (Bridge Protocol Data Unit). A fight-
off happens to determine the final root based on a unique Bridge ID contained within the BPDU.

Bridge ID The Bridge ID is made up of two components;

a priority value and switch MAC address.

By default each switch begins off with a priority of 32,768. The switch with the lowest BID wins
the honor of being the Root Bridge.

Root port This is the port with the lowest path cost to the root bridge. The root port is used for
communicating with the root bridge. Non-root switches determine which port is closest to the root
switch and places the port with the least cost (based on hops and/or bandwidth) into the
forwarding state. A non-root-bridge device has only one root port.
The root bridge has no root port.

If there is more than one path with the same cost, the port connecting to the switch with the
lowest BID becomes the RP.

Designated port this has been determined as having the best (lowest) cost. A designated port
will be marked as a forwarding port.

NonDesignated port has a higher cost than the designated port Nondesignated ports are put in
blocking mode.

Forwarding port this port forwards frames

Blocked port this port is blocked in order to prevent loops it does listen to frames

Any port that is not either a root port or a designated port is placed into the blocking state.
Once the switches have all assigned ports then the switched network is said to be " Converged”.
Selecting the Root Bridge

To determine the root bridge you combine the priority of each bridge with its MAC. If two
switches/bridges have the same priority value (default 32768) the lowest MAC address becomes
the root bridge.
You can change the bridge ID by lowering its priority so it will become a root bridge automatically.

Switch A is the root bridge because it’s the one with the lowest bridge ID. Switch B must shut
down one of its ports connected to Switch A to prevent a switching loop from occurring.

STP will shut down the link with the lowest bandwidth, here both links are 100Mbps so STP will
shut down the highest port number ie Fa0/12.

Question
What is the first parameter used to determine which switch is selected as the root bridge in a
spanning-tree network?

A. highest path cost

B. highest priority number
C. highest Layer 2 address
D. lowest priority number
E. lowest path cost
F. lowest Layer 2 address

Answer D

lowest priority number

Changing the default Priority to select the root bridge.

Lets make Switch B the root, 1st determine the default priority using the show spanning-tree
command.

do show spanning tree finds the Root Bridge

The root switch can be manually determined by issuing show spanning-tree on the switches
within each VLAN. The root switch will report 'I am the root of the spanning tree' whereas non-
root switches will report something like 'Current root has priority 32768, address 0002.b9fc.b700'.
The returned address is the MAC address of the root switch.
do show spanning-tree

The 1st output the Root ID is the root bridge information for the network.
The 2nd output the Bridge ID is the spanning tree information for Switch B and VLAN1.
We can see Switch B and the root bridge MAC address do not match.

Switch B’s priority is 32768 the default, here its listed as 32769 as the VLAN ID is added so for
VLAN2 priority would be 32770.

You can set priority to any value from 0 through 61440 in increments of 4096.
Setting it to 0 means the switch will always be the root bridge.

Now lets check we have changed the priority of Switch B to become the root bridge.
The ports on a Switch running STP transition through five different states

Switch ports are most often in either the blocking or forwarding state. A forwarding port is one that
has been determined to have the lowest cost to the root bridge. But when and if the network
experiences a topology change (because of a failed link or because someone adds in a new
switch), you’ll find the ports on a switch in listening and learning state.
As mentioned, blocking ports is a strategy for preventing network loops. Once a switch
determines the best path to the root bridge, then all other ports will be in blocking mode.

Blocked ports can still receive BPDUs—they just don’t send out any frames.

Convergence occurs when all ports on bridges/switches have transitioned to either

forwarding or blocking modes no data will be forwarded until convergence is complete

STP Topology Changes and Enhancements

In the event of a topology change, formerly blocked ports might transition to a forwarding state.
It might take up to 50 seconds to transition from a blocking state to a forwarding state.

An exception to this 50s is if Cisco enhancements are in place to speed up convergence

PortFast If your sure you won’t create a switching loop if STP is disabled, Portfast will skip
listening and learning states on end-devices such as servers, PCs, and printers. BPDU Guard
will add protection by disabling a port if the interface receives a BPDU.

S1#config t
S1(config)#int range f0/3-4
S1(config-if-range)#spanning-tree portfast (disable, trunk)

Disable disables portfast for the interface

Trunk enables portfast on the interface even in trunk mode

UplinkFast Skips the listening and learning transitions when a link failure occurs on its root
port on a switch with redundant links. Uplinkfast discovers the blocked alternative paths to the
root bridge before the primary links fails and brings them into play.

S1#config t
S1(config)#spanning-tree uplinkfast

BackboneFast Speeds up convergence by skipping the max age time when switches learn of
a failure indirectly. So Backbonefast is used to speed convergence when a link not directly
connected to the switch fails.

S1#config t
S1(config)#spanning-tree backbonefast

EtherChannel was created for Cisco switches to enable multiple parallel links between two
switches to use all the bandwidth by treating them as a logical bundle in which STP will not
block the individual links.

Customizing a Switch Configuration

Spanning Tree Protocol - 802.1d STP is designed to prevent loops in a switch/bridged topology to
eliminate the endless propagation of broadcast around the loop.

When we start to deploy switches for redundancy we run into spanning tree.
Assume all five switches have the same priority of 32768, study the MAC address of each switch.
Look at the priority and MAC address of each device determine the root bridge and also figure out
which is the root port on each of the switches. (Hint root ports are always designated ports, which
means they are always in forwarding mode)

Next try to establish which ports will be in blocking mode.

Answer

Since switch A has the lowest MAC address and all five use the default priority Switch A is the
root bridge, remember a root bridge always has every port in forwarding mode (designated ports)

To determine the root ports on switch B and switch C just follow the connection to the root bridge.
Each direct connection to the bridge will be a root port so it will become designated. On switches
D and E the ports connected to switches B and C are switches D and E’s closest ports to the root
bridge (lowest cost) so those ports are root ports and are in forwarding mode (designated)

Can you tell which of the ports between switch D and E must be shutdown so a network loop
doesn’t occur?

Since the connections from switches D and E to switches B and C are root ports, those can’t be
shutdown. Next the bridge ID is used to determine designated and nondesignated ports so
because switch D has the lowest (best) bridge ID switch E’s port to Switch D will become
nondesignated (blocking) and switch D’s connection to switch E will be designated (forwarding).
Bridge ID = MAC Address

If there are fewer than 6 switches in the network you can let STP just do its job if there a dozens
of switches you need to set the root switch or STP may never converge between switches and
the network could go down.