EarnKori Headline Animator

Search This Blog

May 28, 2011

Spanning tree protocols stp configurations

Spanning Tree Protocols

In our last article we learn about basic functions of switching. We mentioned that one of the functions of a switch was Layer 2 Loop removal. The Spanning Tree Protocol (STP) carries out this function. STP is a critical feature; without it many switched networks would completely stop to function. Either accidentally or intentionally in the process of creating a redundant network, the problem arises when we create a looped switched path. A loop can be defined as two or more switches that are interconnected by two or more physical links. Switching loops create three major problems:
  • Broadcast storms—Switches must flood broadcasts, so a looped topology will create multiple copies of a single broadcast and perpetually cycle them through the loop.
  • MAC table instability—Loops make it appear that a single MAC address is reachable on multiple ports of a switch, and the switch is constantly updating the MAC table.
  • Duplicate frames— Because there are multiple paths to a single MAC, it is possible that a frame could be duplicated in order to be flooded out all paths to a single destination MAC.
All these problems are serious and will bring a network to an effective standstill unless prevented

Removing layer-2 loops

Spanning Tree Protocol (STP - 802.1d) The main function of the Spanning Tree Protocol (STP) is to remove layer-2 loops from your topology. For STP to function, the switches need to share information. What they share are bridge protocol data units

Root Port

After the root switch is elected, every other switch in the network needs to choose a single port on itself that it will use to reach the root. This port is called the root port.
The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest-cost port becomes the root port. If multiple links have the same cost, the bridge with the lower advertising bridge ID is used. Since multiple links can be from the same device, the lowest port number will be used.

Root Bridge

Switch with the lowest switch ID is chosen as root. The switch ID is made up of two components:
  • The switch's priority, which defaults to 32,768 on Cisco switches (two bytes in length)
  • The switch's MAC address (six bytes in length)
All other decisions in the network—such as which port is to be blocked and which port is to be put in forwarding mode—are made from the perspective of this root bridge


Which are sent out as multicast information that only other layer-2 devices are listening to. BPDUs are used to share information, and these are sent out as multicasts every two seconds. The BPDU contains the bridge's or switch's ID, made up of a priority value and the MAC address. BPDUs are used for the election process.

Path Costs

Path costs are calculated from the root switch. A path cost is basically the accumulated port costs from the root switch to other switches in the topology. When the root advertises BPDUs out its interfaces, the default path cost value in the BPDU frame is 0. When a connected switch receives this BPDU, it increments the path cost by the cost of its local incoming port. If the port was a Fast Ethernet port, then the path cost would be figured like this: 0 (the root's path cost) + 19 (the switch's port cost) = 19. This switch, when it advertises BPDUs to switches behind it, will include the updated path cost. As the BPDUs propagate further and further from the root switch, the accumulated path cost values become higher and higher.
Connection Type New Cost Value Old Cost Value
10Gb 2 1
1Gb 4 1
100Mb 19 10
10Mb 100 100
Remember that path costs are incremented as a BPDU comes into a port, not when a BPDU is advertised out of a port.
Designated Port A designated port is one that has been determined as having the best (lowest) cost. A designated port will be marked as a forwarding port. Each (LAN) segment also has a single port that is uses to reach the root. This port is called a designated port
Forwarding port A forwarding port forwards frames.
Blocked port A blocked port is the port that, in order to prevent loops, will not forward frames. However, a blocked port will always listen to frames
Nondesignated port A nondesignated port is one with a higher cost than the designated port. Nondesignated ports are put in blocking mode—they are not forwarding ports.

Port States


Ports will go into a blocking state under one of three conditions:
  • Election of a root switch (for instance, when you turn on all the switches in a network)
  • When a switch receives a BPDU on a port that indicates a better path to the root switch than the port the switch is currently using to reach the root
  • If a port is not a root port or a designated port.
A port in a blocked state will remain there for 20 seconds by default during this state; the port is only listening to and processing BPDUs on its interfaces. Any other frames that the switch receives on a blocked port are dropped.


the port is still listening for BPDUs and double-checking the layer-2 topology. Again, the only traffic that is being processed in this state consists of BPDUs; all other traffic is dropped. default for this value is 15 seconds.


Port is still listening for and processing BPDUs on the port; however, unlike while in the listening state, the port begins to process user frames. When processing user frames, the switch is examining the source addresses in the frames and updating its CAM table, but the switch is still not forwarding these frames out destination ports. Defaults to 15 seconds


the port will process BPDUs, update its CAM table with frames that it receives, and forward user traffic through the port.


A port in a disabled state is not participating in STP.


STP convergence has occurred when all root and designated ports are in a forwarding state and all other ports are in a blocking state.


STP doesn't guarantee an optimized loop-free network. PVST supports one instance of STP per VLAN.

Rapid Spanning Tree Protocol

The 802.1d standard was designed back when waiting for 30 to 50 seconds for layer 2 convergence wasn’t a problem. However, in today’s networks, this can cause serious performance problems for networks that use real-time applications, such as voice over IP (VoIP) or video.
The Rapid Spanning Tree Protocol (RSTP) is an IEEE standard, defined in 802.1w, which is interoperable with 802.1d and an extension to it. With RSTP, there are only three port states:
  • discarding (it is basically the grouping of 802.1d’s blocking, listening, and disabled states).
  • Learning
  • Forwarding

Additional Port Roles

With RSTP, there is still a root switch and there are still root and designated ports, performing the same roles as those in 802.1d. However, RSTP adds two additional port types: alternate ports and backup ports.
These two ports are similar to the ports in a blocking state in 802.1d.
An alternate port is a port that has an alternative path or paths to the root but is currently in a discarding state.
A backup port is a port on a segment that could be used to reach the root switch, but an active port is already designated for the segment.
The best way to look at this is that an alternate port is a secondary, unused root port, and a backup port is a secondary, unused designated port.


With 802.1w, if a BPDU is not received in three expected hello periods (6 seconds), STP information can be aged out instantly and the switch considers that its neighbor is lost and actions should be taken. This is different from 802.1d, where the switch had to miss the BPDUs from the root—here, if the switch misses three consecutive hellos from a neighbor, actions are immediately taken.

No comments: