Decoding Spanning Tree Protocol (STP): A Comprehensive Guide

Most network engineers design LANs with redundant links between switches to provide higher availability as switch hardware and cable problems might occur.

In networks with redundant links, broadcast frames could loop indefinitely—a broadcast storm. Since switches were built to forward unknown unicast frames, broadcasting ARP requests to locate unknown or shutdown devices may result in switching or bridging loops.

Another problem is multiple frame copies, which could occur when a frame arrives from different segments at the same time, which could also lead to MAC address table thrashing.

Let’s consider the following scenario:

• PC A sends an ARP packet.
• The upper hub forwards that packet to all ports, except to the port
• here the packet came from.
• S1 and S2 receive the packet at ports f1 and save PC A’s MAC
• S1 and S2 forward the packets through their f2 ports.
• The lower hub receives two packets from two sides. It sends the packet
• It received on the left side interface (from S1) to its right side ( to S2 )
• To PC B. The same happens for the packet it receives from
• S1 and S2 receive a packet whose source MAC address is still PC A’s MAC address!
• S1 and S2 both save this MAC address on their f2 interfaces.

STP (Spanning Tree Protocol)

STP (Spanning Tree Protocol IEEE 801.1D) “scans” the network to find all links, making sure that there are no loops by “switching off” all redundant links.

It first uses the STA (Spanning Tree Algorithm ) to figure out the topology, and then identifies the links that form loops. Those links are blocked one by one, removing loops.

For this to function properly, all switches must cooperate: one of the switches is chosen as a reference point the “Root Bridge” and becomes the root of the tree.

?

An Example:

Since the spanning tree is enabled, all our switches will send a special frame to each other called a BPDU.

“Bridge Protocol Data Unit”

This is what it looks like:

STP- Why configure manually

When you boot a switch, STP is on by default. I still think you should configure it manually. Here’s why:

• If you let STP create the “tree” on its own, it might pick an older switch to be Root, which could end up getting much more traffic than the other, newer switches.
• Also, it’s unaware of any specific VLAN configurations on a link if one trunk link can carry all VLANs, but another one can’t, and STP blocks the first one you’re in trouble.

As an administrator, you can pick the Root switch (bridge) manually, which will greatly influence the resulting tree.

?

STP: How to configure?

Switch(config)# spanning tree vlan VLAN_ID root primary

Switch(config)# spanning tree vlan VLAN_ID root secondary

Switch(config)# spanning tree vlan VLAN_ID priority PRIORITY        

?

The default priority value is 32768, so it’s enough to set any value lower than that for the given switch to become Root. The priority value must be an increment of 4096. The highest possible value is 61440.

?

STP: multiple VLAN

Spanning Tree Protocol was initially designed to work with bridges, and support only one LAN (or one VLAN).

Even if you have multiple VLANs in your network, you can still only have a single instance of STP all VLANs will share the same tree. But to best utilize your gear, you should have a different tree for each VLAN.

This is achieved by running a separate instance of STA per VLAN. It’s called PVST Per VLAN Spanning Tree

STP: PVST Faster

After a change is made, the network takes 30 to 50 seconds to converge. To improve this, a “rapid” version of STP was introduced by IEEE.

A network that uses RSTP Rapid Spanning Tree Protocol ) will converge faster, but it still depends on the size of the network. For smaller networks, it’s a matter of seconds.

Switch(config)#spanning tree mode rapid pvst        

Portfast

In case the administrator knows that a port will for sure not be in a loop, they can configure the port to converge faster STA takes its time, but if it knows that a loop is not possible on a given interface, it can simply skip the procedure and send the port into forwarding state right away.

Switch(config if)#spanning tree portfast        

?

?STP – Spanning Tree Protocol (802.1D)

?STP states do not change the other information about the interface: connected/not connected (#show interfaces status), and operational state – access/trunk (#show interfaces switchport), it only adds an additional STP state.

?

?STP versions and types:

IEEE 802.1d (STP, CST – Common Spanning-Tree): slow but requires very little bridge resources.

PVST+: Cisco proprietary enhancement for STP that provides a separate 802.1d spanning-tree instance for each VLAN. Creates more efficiency of the links in the network, but is just as slow as 802.1d, and it does use more bridge resources than 802.1d.

IEEE 802.1w (RSTP – Rapid Spanning-Tree Protocol): enhanced BPDU exchange, faster network convergence, but still allows only one RB per VLAN. Bridge resources used with RSTP are higher than CSTs but less than PVST+.

Rapid PVST+: Cisco’s version of RSTP also uses PVST+ and provides a separate instance of 802.1w per VLAN. Fast convergence times and optimal traffic flow require the most CPU and memory of all.

?

Bridge port roles:

FORWARDING PORT – forwards frames and will either be a root port or a DR.

BLOCKING PORT (blocked port) – won’t forward frames in order to prevent loops. A blocked port will still listen to BPDU frames from neighbor switches, but it will drop any and all other received frames and will never transmit a frame.

ALTERNATE PORT – corresponds to the BLOCKING state of 802.1d (STP), and is a term used with the newer 802.1w (Rapid STP). An alternate port is located on a switch connected to a LAN segment with two or more switches connected, where one of the other switches holds the DP. The alternate port is a backup for RP.

BACKUP PORT – also corresponds to the BLOCKING state of 802.1d, and is a term now used with the newer 802.1w. A backup port is connected to a LAN segment where another port on that switch is acting as the DP. A backup port is a backup for DP.

STP port states:

Forwarding state – use the interface as normal

Blocking state – block all user traffic; do not send or receive user traffic on that interface (in that VLAN), except STP messages (and some other overhead messages)

Disabled state – technically not a transition state; a port in the administratively disabled state doesn’t participate in frame forwarding or STP. Is virtually nonoperational

Listening state – listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in the listening state prepares to forward data frames without populating the MAC address

table. Old (unused) MAC addresses are removed from the table during this state. Switches populate the MAC address table in learning and forwarding modes only

Learning state – listens to BPDUs and learns all the paths in the switched network. A port in the learning state populates the MAC address table but still does not forward data frames. “Forward delay” refers to the time it takes to transition a port from listening mode to learning mode, which is set to 15s. by default and can be seen in the #show spanning-tree output

“Working” ports/interfaces (those in a connected state) are all interfaces that COULD forward frames if STP placed them into a forwarding state. Failed interfaces (for example, interfaces with no cable installed) or administratively shutdown interfaces are placed into an STP-disabled state.

“Port Cost” determines the best path when multiple links are used between two switches. The cost of a link is determined by its bandwidth.

“Path Cost” = “Root Cost”: all unique paths to the RB are analyzed individually, and a PATH COST is calculated by adding up the individual outbound PORT COSTS encountered on the (outbound) way to the Root Bridge.

“STP stable states”: Blocking, Forwarding, Disabled

“STP transitory states”: Listening, Learning

?

STP steps:

(1) STP ELECTS A ROOT SWITCH (Root Bridge – RB). Switch with the lowest BID value (priority) becomes the RB. All “working” interfaces on the root switch become Designated Ports (DPs)

• BID, original format: Priority (2B) + Universal, burned-in MAC of the switch
• BID; system ID extention:

1. Priority; multiple of 4096, from 0 to 61440 (4 bits); 32768 by default
2. System ID extention; typically holds VLAN ID (12 bits); 1) + 2) = 16 bits
3. System ID = MAC address of the switch (6 bytes)

(2) EACH “NONROOT BRIDGE” CHOOSES ITS ROOT PORT – the lowest cost interface to reach the RB through. Root switches don’t have RPs. Each switch in a given network has EXACTLY 1 root port per VLAN. RB will send “Root Cost = 0” in Hello packets.

STP tiebreakers when choosing the Root Port:

1. cost to the RB -> when that ties ->
2. lowest neighbor BID ->
3. lowest neighbor port priority ->
4. lowest neighbor internal port number (Fa0/1, F0/2, etc.)

In these tie-breakers, only those paths that are tied are considered;

3 and 4 only come into play when 2 switches connect to each other with multiple links

(3) DESIGNATED PORT ELECTION: on each network segment (link), the port that advertises the lowest price to RB becomes DP. All other ports in that segment will, if they’re not RP, become “non-designated” ports and they’ll be put into either a “blocking” or “discarding” mode.

Access ports will also automatically become DPs because the switch is the only device on the segment to send Hellos -> switch is sending least-cost Hellos.

Network segments are marked with red circles.

How STP works in steady-state (nothing changing in the STP topology):

1. The root creates and sends a Hello BPDU, with a root cost of 0, out of all its forwarding (working) interfaces;
2. The non-root switches receive the Hello on their root ports. After changing the Hello to list their own BID as the sender’s BID, and listing their own root cost, the switch forwards the Hello out of all designated ports.
3. Steps 1 and 2 repeat until something changes.

When a switch ceases to receive Hellos or receives a changed Hello -> something has failed -> the switch starts the process of changing the spanning-tree topology.

If an interface fails on a switch, the switch can assume that Hellos won’t be arriving in that interface anymore.

Hello BPDU fields:

1. Root bridge ID -> BID of the switch that the sender of this Hello believes to currently be the root switch (RB).
2. Sender’s BID -> BID of the switch sending this Hello BPDU.
3. Sender’s ROOT COST -> STP cost between this switch and the current root.
4. Timer values on the RB -> Hello timer, MaxAge, and Forward delay timer.

?

STP timers (RB dictates timers):

1. Hello (2 seconds): the time period between Hellos created by the root.
2. MaxAge (10 times Hello): how long any switch should wait, after ceasing to hear Hellos, before trying to change the STP topology.
3. Forward delay (15 seconds): when an interface changes from blocking to forwarding state, a port stays in an interim (ме?увреме, meanwhile) listening state, and then an interim learning state for >forward delay< # of seconds. This helps prevent temporary loops.

RSTP – Rapid STP (IEEE 802.1w):

• RSTP calls the blocking state “the discarding state”
• STP converges in 50 seconds (by default), RSTP converges within a few seconds, and in slow conditions, in about 10 seconds
• In RSTP, MaxAge is 3 times Hello
• RSTP Alternate Ports are the switch’s other ports that could be used as a Root Port if the existing RP ever fails. To become an alternate port, an interface must receive Hellos that identify the same root switch (RB) as the root port. The alternate port can take over for the former RP very rapidly, without waiting in other interim STP states (listening, learning). There are no timers, the change (convergence) happens within a second
• RSTP Backup Port replaces a designated port when a DP fails. This is only needed in a network where a switch connects two ports to a Hub

?

• RSTP port types:

1. point-to-point ports -> ports that connect two switches;
2. point-to-point edge ports -> ports that connect to a single endpoint device at the edge of a network, like PCs and servers;
3. shared ports -> ports connected to a hub (half duplex).

?Both 1 and 2 are full duplex.

Portfast: allows a switch to immediately transition from blocking to forwarding, bypassing listening and learning states. Should only be enabled on ports where no other bridges, switches, or other STP-speaking devices will be connected. If enabled, the port will move to an STP forwarding state and forward traffic as soon as the NIC is active on the end device connected to the port.

BPDU guard: disables a port if any BPDUs are received on the port. Should only be enabled on access/Portfast interfaces.

Benefits of STP:

1. Loop Prevention: By intelligently blocking redundant links, STP prevents loops from forming in the network, thereby ensuring data integrity and preventing broadcast storms.
2. Redundancy: STP enables the use of redundant links for fault tolerance without the risk of creating network loops, improving network availability and reliability.
3. Automatic Configuration: STP operates dynamically, automatically adapting to changes in the network topology without requiring manual intervention from network administrators.

Note: Let us know how was the article.

STP Lab Topology:

Lab Guide:

If you need this lab guide with a complete configuration command let me know in the comment section.

Thank you for your time.