Header GIF
Site is Under Maintenance
Please come back again in...
00 Days
00 Hours
00 Minutes
00 Seconds
Home
• cisco ios •
• network management •

Introduction to Spanning-Tree Protocol (STP)

Spanning-Tree Protocol (STP) is a network protocol used to prevent loops in Ethernet networks by creating a loop-free logical topology. It operates by identifying and disabling redundant paths between network switches, ensuring that there is only one active path at any time. STP achieves this through the election of a root bridge and the calculation of the shortest path to the root for each switch. If the active path fails, STP can automatically re-enable the next best path, providing network resilience and reliability.

This tutorial is an introduction to the Spanning-Tree Protocol (STP). You will learn why we need it, how it works, and how you check the Spanning-Tree topology on your Cisco switches.

1. Why Do We Need Spanning-Tree Protocol (STP)?

What exactly is a loop, and how can it occur? Let's consider an example:


In the illustration above, we have two switches connected by a single cable, which creates a single point of failure. To eliminate this vulnerability, we can add another cable between the switches. To get rid of this single point of failure, we will add another cable:


With the extra cable, we now have redundancy. Unfortunately for us, however, redundancy also carries with it the potential to create endless loops. Why do we have a loop in the scenario above? Let me describe it to you:

When H1 sends an ARP request to find the MAC address of H2, this request is transmitted as a broadcast frame. SW1 receives the broadcast and forwards it out on all its interfaces, except the one it came in on. SW2 then receives this broadcast frame as well.

Now, how does SW2 handle those broadcast frames? It will forward the frame from every interface except the one it received it on. For example, if the frame arrives on interface Fa0/0, it will be forwarded out of Fa1/0, and if another frame arrives on Fa1/0, it will be sent out of Fa0/0. This creates a loop, as both switches continue to forward the frames back and forth endlessly.

This looping can lead to two possible outcomes; either you fix the loop by disconnecting one of the cable, or one of the switches may crash due to being overwhelmed with traffic. Ethernet frames lack a TTL (Time to Live) value, meaning they can loop indefinitely. Besides ARP requests, other types of broadcast traffic can also contribute to this issue; for instance, when a switch doesn't recognize a destination MAC address, it will flood the frame across all ports.

2. How Spanning-Tree Solves Loops

Spanning-Tree will help us to create a loop-free technology by blocking certain interfaces. Let's take a look at how Spanning-Tree works! Here's an example:



In the layout above, we have three switches connected in a triangle, which introduces redundancy but also creates a potential loop condition. For simplicity, the MAC addresses are represented as follows:
  • SW1: MAC AAA
  • SW2: MAC BBB
  • SW3: MAC CCC
With Spanning-Tree Protocol (STP) enabled, all switches exchange special frames known as BPDUs (Bridge Protocol Data Units). Each BPDU contains two critical pieces of information required for optimal spanning-tree operation:
  • MAC Address
  • Priority
Together, the MAC address and priority form the bridge ID. These BPDUs are exchanged among the switches as depicted in the diagram below, allowing STP to determine the best paths and prevent loops in the network.


Spanning-Tree Protocol (STP) relies on the bridge ID for its calculations. Here's how this process works:

First, STP elects a root bridge based on the lowest bridge ID. The switch with the lowest bridge ID is considered the best candidate. By default, the priority is set to 32768, but this value can be adjusted, if desired.

In our example, SW1 will be designated as the root bridge. Since all switches have the same default priority, the MAC address will serve as the tiebreaker. Because SW1 has the lowest MAC address, it holds the best bridge ID and is therefore elected as the root bridge.

All ports on the root bridge are automatically designated and remain in a forwarding state. This allows for optimal data flow within the network. You can see this configuration illustrated in the following diagram:


In the diagram above, SW1 has been elected as the root bridge, indicated by the "D" on its interfaces, which stands for designated.

Now that we have established the root bridge, the next step is for all non-root bridges (that is every switch that is not the root) to determine the shortest path to the root bridge. This shortest path is referred to as the "root port."

Let's examine the example to see how each non-root bridge identifies its root port:


In the illustration, I've marked an "R" for "root port" on SW2 and SW3, indicating that their Fa0/0 interfaces provide the shortest path to the root bridge. While I've simplified this example, it's important to note that the "shortest path" in Spanning-Tree Protocol (STP) considers the speed of each interface, with each having an associated cost. Here's a break down of the interface costs:
  • 10 Mbit = Cost 100
  • 100 Mbit = Cost 19
  • 1000 Mbit = Cost 4
Great! We now have designated ports on the root bridge and root ports on the non-root bridges; however, we still have a loop that exists and needs to be addressed by shutting down one of the ports between SW2 and SW3. The question is: which port should we disable - SW2's or SW3's?

To determine this, we refer back to the bridge ID, which is a combination of priority and MAC address. 

Bridge ID = Priority + MAC Address

Both switches share the same priority, but since SW2 has a lower MAC address, it "wins" this competition. Consequently, SW3 will need to block its port, effectively breaking the cyclic loop. You can see this represented in the following example below:


In the diagram illustrating the connection between SW2 and SW3, you can see that Fa1/0 interface of SW3 is labeled "A," indicating that it is an alternative port. An alternate port is blocked to prevent loops and is sometimes referred to as a Non-Designated (ND) port. By disabling this interface, we effectively resolve our loop problem, ensuring stable and efficient network operation.

Since the default priority is 32768, the MAC address serves as the tiebreaker when selecting the root bridge. In a production network, which switch do you think is more likely to be elected as the root bridge: your brand-new switch or that old, dusty switch that's been sitting unused for the past eight years?

Most likely, the older switch will be chosen, as it probably has a lower MAC address. This isn't an ideal situation, however, which is why we can adjust the priority to influence which switch becomes the elected root bridge.

Are you following along? Great! Now that you understand the basics of Spanning-Tree, let's dive in a bit deeper into its foundational components.

If you've ever worked with Cisco switches, you may have noticed that when you plug in a cable, the LED above the interface initially lights up an amber orange and then turns green after a while. This indicates that Spanning-Tree is assessing the state of the interface. Here's what happens when you connect a cable:

1. Listening Mode (15 seconds): The port listens for BPDUs but does not learn MAC addresses or transmit data.

2. Learning Mode (15 seconds): The port continues to send and receive BPDUs and begins to learn MAC addresses, but still does not transmit data.

3. Forwarding Mode: Finally, the port transitions to forwarding mode, allowing data transmissions to occur.

You can refer to the following diagram for a visual representation of this process:


3. Spanning-Tree Configuration on Cisco Switches

Now that you have a solid understanding of Spanning-Tree Protocol (STP), let's explore how to configure it on Cisco switches. We'll use the same topology we discussed earlier, though the interfaces may differ.

In this setup, we'll walk through the configuration steps to ensure proper Spanning-Tree operation, allowing us to manage loops and maintain an efficient network. Let's get started!

Here is our topology:


Spanning-Tree is enabled by default; let's start by checking some show commands.

SW1#show spanning-tree

VLAN0001
Spanning tree enabled protocol ieee
Root ID    Priority    32769
Address     000f.34ca.1000
Cost        19
Port        19 (FastEthernet0/17)
Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
Address     0011.bb0b.3600
Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/14              Desg FWD 19        128.16   P2p
Fa0/17              Root FWD 19        128.19   P2p
The show spanning-tree command is one of the most essential commands to remember when working with Cisco switches. It provides a wealth of information about the spanning tree configuration and status. Let's break down the key elements you'll find in its output:

1. Bridge ID: Displays the bridge ID of the switch, which consists of its priority and MAC address.

2. Root Bridge: Indicates whether the switch is the root bridge and shows the root bridge's ID.

3. Port Roles: Lists the roles of each port (e.g., designated, root, or blocked).

4. Port States: Shows the state of each port (listening, learning, or forwarding).

5. Cost: Displays the cost associated with each port, helping to determine the best path to the root bridge.

Here, we are looking at the Spanning-Tree information for VLAN1. Spanning-Tree has multiple versions and the default version on Cisco switches is PVST (Per VLAN Spanning-Tree). This is the Spanning-Tree for VLAN1.

Root ID      Priority    32769
             Address     000f.34ca.1000
             Cost        19
             Port        19 (FastEthernet0/17)
Here, you see the information of the root bridge. You can see that it has a priority of 32769 and its MAC address is 000f.34ca.1000. From the perspective of SW1, it has a cost of 19 to reach the root bridge. The port that leads to the root bridge is called the root port and for SW1 this is Fa0/17.

Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0011.bb0b.3600
This part shows us the information about the local switch, SW1 in our case. There's something funny about the priority here, however. We can see it showing us two main things:
  • Priority 32769
  • Priority 32768 sys-id-ext 1
The sys-id-ext value that you see is the VLAN number. The priority is 32768, but Spanning-Tree will add the VLAN number, so we end up with a priority value of 32769. Last, but not least, we can see the MAC address of SW1, which is 0011.bb0b.3600.

Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
Here's some important information on the different times that Spanning-Tree uses:

1. Hello Time: Every 2 seconds a BPDU is sent.

2. Max Age: If we don't receive BPDUs for 20 seconds, we know something has changed in the network topology, and we need to re-check the topology.

3. Forward Delay: This timer is used for the listening and learning states. We remain in each state for the duration of the forward delay, which is 15 seconds by default.

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/14              Desg FWD 19        128.16   P2p 
Fa0/17              Root FWD 19        128.19   P2p
The last part of the show spanning-tree command shows us the interfaces and their statuses. Notice how SW1 has two interfaces:
  • Fa0/14 is a designated port and in (FWD) forwarding mode.
  • Fa0/17 is a root port and in (FWD) forwarding mode.
The prio.nbr you see here is the port priority that I explained earlier. We'll play with this in a bit.

Because only non-root switches have a root port, I can conclude that SW1 is a non-root switch. I know that Fa0/17 on SW1 leads to the root bridge.

Let's take a look at SW2 to see what we find:

SW2#show spanning-tree 

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     000f.34ca.1000
             Cost        19
             Port        18 (FastEthernet0/16)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

 Bridge ID  Priority    32769 (priority 32768 sys-id-ext 1)
             Address     0019.569d.5700
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/14              Altn BLK 19      128.16   P2p 
Fa0/16              Root FWD 19      128.18   P2p
What do we see here?

Root ID    Priority    32769
             Address     000f.34ca.1000
             Cost        19
             Port        18 (FastEthernet0/16)
Here we see information about the root bridge. This information is similar to what we saw on SW1. The root port for SW2 seems to be Fa0/16.

Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0019.569d.5700
This is the information about SW2. The priority is the same as on SW1. Only the MAC address (0019.569d.5700) is different.

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/14              Altn BLK 19        128.16   P2p 
Fa0/16              Root FWD 19        128.18   P2p
This part looks interesting; there are two things we see here:
  • Interface Fa0/14 is an alternate port and in (BLK) blocking mode.
  • Interface Fa0/16 is a root port and in (FWD) forwarding mode.
Let's check in on SW3:

SW3#show spanning-tree 

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     000f.34ca.1000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     000f.34ca.1000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/14           Desg FWD 19        128.14   P2p 
Fa0/16           Desg FWD 19        128.16   P2p
Let's break down what's going on here:

Root ID    Priority    32769
             Address     000f.34ca.1000
             This bridge is the root
Bingo! SW3 is the root bridge in this network. We already knew that because SW1 and SW2 are both non-root, but this is how we verify it by looking at SW3.

Bridge ID    Priority    32769  (priority 32768 sys-id-ext 1)
             Address     000f.34ca.1000
We can also see the MAC address of SW3:

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/14           Desg FWD 19        128.14   P2p 
Fa0/16           Desg FWD 19        128.16   P2p
Both interfaces on SW3 are designated ports and in (FWD) forwarding mode.

You have now seen what the Spanning-Tree topology looks like. Why was SW3 chosen as the root bridge? We'll have to verify the bridge ID for the answer to that:

SW1#show spanning-tree | begin Bridge ID
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0011.bb0b.3600
SW2#show spanning-tree | begin Bridge ID
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0019.569d.5700
SW3#show spanning-tree | begin Bridge ID
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     000f.34ca.1000
The priority is the same on all of the switches (32768), so we have to look at the MAC addresses:
  • SW1: 0011.bb0b.3600
  • SW2: 0019.569d.5700
  • SW3: 000f.34ca.1000
SW3 has the lowest MAC address, so it becomes the root bridge. Why was the Fa0/14 interface on SW2 blocked and not the Fa0/14 interface on SW1? Once again, we have to look at the bridge identifier. The priority is 32768 on both switches, so we have to compare the MAC address:
  • SW1: 0011.bb0b.3600
  • SW2: 0019.569d.5700
SW1 has a lower MAC address and thus a better bridge identifier. That's why SW2 "lost" the battle and had to shut down its Fa0/14 interface.

That's it! You have now learned how Spanning-Tree Protocol (STP) works and how you can check the Spanning-Tree topology on your Cisco switches. If you enjoyed this lesson, please feel free to drop a comment below!

Happy STP'ing!


Rate This Article

Thanks for reading: Introduction to Spanning-Tree Protocol (STP), Sorry, my English is bad:)

Getting Info...

About the Author

I'm Aevon...Just a gal with an insane passion for all things cybersecurity. 17 years in the industry and still love what I'm doing.
#• cisco ios • #• network management • #• STP •

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
More Details
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.