Topic 5
Spanning tree protocol

• Redundancy
• Spanning tree concepts
– BPDUs
– Root bridge and elections
– Port roles
– Port states
– Timers
– PortFast and BPDU guard
• Spanning tree evolves

• Networks need redundancy to be highly available
• Redundancy is achieved by having alternate devices and alternate links
• In a switching environment, whenever multiple paths exist layer 2 loops can occur
• Layer 2 loops escalate to broadcast storms which very quickly overwhelm switches and the network is down
• In complex wiring closets, connections can be accidentally duplicated resulting in lost connectivity

• Broadcast frames circulate and cause MAC address tables to constantly update and fill causing the switch to flood on all ports
• Duplicate unicast frames arrive at the destination and are dropped

• Redundancy protects the network from a single point of failure
• STP protects the network from layer 2 loops
• STP:
– Only one logical path between switches
– Blocks alternate links
– Blocked links do not forward data frames
– Blocked links receive STP frames
– If a cable or switch fails, STP unblocks the link to provide an alternative path

• IEEE 802.1d standard
• Determines which ports to block
• Single switch is elected as a root bridge
• On each other switch, STA calculates which link has the shortest path to the root bridge
• STA assigns roles to switchports on the switch:
– Root port (non-root bridges)
• The port with the shortest path to the root bridge
– Designated port
• Non-root port that is allowed to forward data
– Non-designated port
• Put into a blocked state to prevent loops

• BID is a unique number to identify switches
• Consists of :
– Bridge priority, defaults to 32768 (1 to 65526)
– MAC address of switch
– Extended system ID (VLAN ID)
• BID can be set by admin by changing the priority value (in increments of 4096)
• The switch with the lowest BID is elected as the root bridge

• The root bridge is the STP reference point for the broadcast domain
• Election process:
– Each switch sends out BPDUs every 2 secs
– BPDUs contain the switch BID and the root BID
– Switch receives BPDUs from other switches
– IF the root BID in the update < root BID of the switch
• Switch updates its rootBID to the new value
– Switch forwards BPDUs with new root BID
– BPDUs circulate and converge to one root BID – that of the elected root bridge

• BPDUs are sent out by the root bridge
• BPDU contain a field for path cost which is updated by each switch that receives it
• Path cost is calculated by adding port cost of the receiving port to the path cost in the BPDU
• Port costs are based on the speed of the port
– 10gig = 2, gig = 4, fa = 19, eth = 100 (to set IEEE values)
– Port cost can be manually set by admin
• spanning-tree cost value
• no spanning-tree cost (to set IEEE values)
• The lowest cost path forwards and the other alternate paths are blocked

• On start, each switch sets the root BID with its own BID and sends out BPDUs every two seconds (hello interval) on all switchports
• Switch records its own BID, root BID and path cost to root bridge
• Switch receives BPDUs
– If root BID < local BID (I am not root bridge)
• Update root BID on switch
• Update the path cost by adding cost of port receiving BPDU
(0 +19 = 19)
• Send BPDUs with the updated rootBID and path cost values to other switches
– If root BID = local BID (I am root bridge)
• Received BPDUs are dropped
• No values are updated

• Root port
– One root port per non-root switch
– If there two equal cost paths from switch to root bridge
• Which port has lowest port priority? 128 is the default
• Which port has lowest interface ID?
– Port with lowest value becomes root port, other becomes alternate port and is blocked
• Designated port
– One designated port per segment
– Designated port receives and forwards frames
– All ports on the root bridge are designated
– If a segment has equal cost paths from each end of the segment
• Switches send each other BPDUs to determine which switch has the lower BID
• Switch with lower BID places its port into designated role, the port is blocked
• Non-designated port (alternate port)
– Is blocked to prevent loops
– Does not forward frames or populate its MAC address table
– Does continue to receive BPDUs
– If a link fails, the non-designated port may transition to a forwarding state

• Switchports transition through five states to forward data
– Blocking
• The port receives BPDUs to determine the root bridge location and its STP role
– Listening
• Port is receiving and transmitting BPDUs to inform adjacent switches that it is preparing to transition to forwarding state
– Learning
• Port populates its MAC address table to prepare to forward data
– Forwarding
• Port is active and forwards frames and sends and receives BPDUs
– Disabled
• Administratively shutdown

Port timers determine the time the port spends in each STP state
• Forward delay
– time spent in listening and learning states, by default 15 + 15 secs
• Max age
– length of time the switch saves BPDU information
– after 20 seconds of receiving no BPDUs, the link to root is considered down
• Hello time
– time between each BPDU frame sent – two second default
• Default values allow for convergence on a network of diameter 7
(number of switches that separate hosts at far ends of the network)
– Reconfigure timers by configuring the network diameter (do this with caution)
– Only the root bridge can send information to adjust timers

This bridge wins the election starts sending
BPDUS down all port
Root
Bridge
1Gig
DP
Root
DP
DP
100Mbps
100Mbps
100Mbps
Switch 4
100Mbps
100Mbps SP 2
SP 1
Switch 3
Switch 1 Switch 2
All ports start with a state of blocking

• Allows a port to transition from blocking to forwarding without the listening and learning delay
• Supports DHCP by allowing the DHCP request to go out immediately and avoids the DHCP timeout due to switch transitioning time
• Cisco® proprietary
(config-if)#spanning-tree portfast

• BPDU guard places a PortFast port into blocking state if a BPDU is received on that port
– Protects a port configured with PortFast
– If a switch is attached to a port configured with
PortFast a layer 2 loop may occur, followed by a broadcast storm

• When any switch has a topology change it sends a topology change notification BPDU to the root bridge
• The root bridge sets the TC flag on BPDUs it sends to all switches
• Switches reduce the aging time on STP information to flush out stale information and speed up convergence

• STP is enabled by default
• Method 1
Spanning-tree VLAN VID root primary
Spanning-tree VLAN VID root secondary (backup root)
• Method 2
Spanning-tree VLAN VID priority value
• Verify configuration
Show spanning tree

• PVST
– Spanning tree for each VLAN (using ISL)
– Different STP root bridges for each VLAN
– BackboneFast, UplinkFast and PortFast
• PVST+
– Spanning tree for each VLAN (using 802.1q)
• RSTP
– Version 2 with faster convergence
• Rapid PVST+
– Cisco® RSTP
• MSTP
– Multiple VLANs mapped to the same spanning tree instance
– Multiple paths and load balancing

• Select the switches for primary and secondary root bridges for each VLAN
• Configure root bridges
(config)#spanning-tree VLAN VLANID root primary
(config)#spanning-tree VLAN VLANID root secondary
• Verify configuration
#Show spanning-tree active
#Show run to see priority values

• Default settings for Cisco® 2960
– VLAN 1
– PVST+
– Priority 32768
– Port priority 128
– Port cost Gig = 4, fa = 19, eth = 100
– Hello time = 2 secs
– Forwarding delay = 15 + 15 secs
– Max age = 20 secs

• Redundancy
• Spanning tree concepts
– BPDUs
– Root bridge and elections
– Port roles
– Port states
– Timers
– PortFast and BPDU guard
• Spanning tree evolves

Topic 5
Spanning tree protocol