(Spanning Tree Protocol) : Cisco Ccna Bootcamp
(Spanning Tree Protocol) : Cisco Ccna Bootcamp
(Spanning Tree Protocol) : Cisco Ccna Bootcamp
STP
(Spanning Tree Protocol)
Redundancy in a hierarchical
network
• As businesses become increasingly dependent on the
network, the availability of the network infrastructure
becomes a critical business concern.
–Redundancy is the solution for achieving the necessary
availability.
• Layer 2 redundancy improves the availability of the
network by implementing alternate network paths by
adding equipment and cabling.
• As you can see in the graphic:
–1. PC1 is communicating with PC4 over a redundantly
configured network topology.
–2. When the network link between switch S1 and switch
S2 is disrupted, the path between PC1 and PC4 is
automatically adjusted to compensate for the disruption.
–3. When the network connection between S1 and S2 is
restored, the path is then readjusted to route traffic
directly from S2 through S1 to get to PC4.
Internetworking 2
Issues with Redundancy: Layer 2 Loops
2. When S2 receives the broadcast frame it updates its MAC address table to record that PC1 is available on port
F0/11.
3. Because it is a broadcast frame, S2 forwards the frame out all switch ports, including Trunk1 and Trunk2.
4. When the broadcast frame arrives at switches S3 and S1, they update their MAC address tables to indicate that PC1 is
available out port F0/1 on S1 and port F0/2 on S3.
5. Because it is a broadcast frame, S3 and S1 forward it out all switch ports, except the one they received the frame on.
6. S3 then sends the frame to S1 and vice versa. Each switch updates its MAC address table with the incorrect port for
PC1.
Internetworking 3
Issues with Redundancy: Layer 2 Loops
Internetworking 6
Issues with Redundancy: Duplicate Unicast Frames
• Unicast frames sent onto a looped 4. S1 does have a MAC address entry for PC4, so it forwards the
network can result in duplicate frames frame out to PC4.
arriving at the destination device. 5. S3 also has an entry in its MAC address table for PC4, so it
forwards the unicast frame out Trunk3 to S1.
1. PC1 sends a unicast frame destined for PC4.
6. S1 receives the duplicate frame and once again forwards the
frame out to PC4.
7. PC4 has now received the same frame twice.
Internetworking 7
Real World Redundancy Issues: Loops in the Wiring Closet
Internetworking 9
STP Topology
Internetworking 11
The Root Bridge
• Every spanning-tree instance has a switch designated as the root
bridge.
–Root bridge serves as a reference point for STP calculations.
• All switches in the broadcast domain participate in the election
process.
–After a switch boots, it sends out BPDU frames containing the
switch BID and the root ID every 2 seconds.
• BID is made up of a priority value, an extended system ID,
and the MAC address of the switch.
–By default, the root ID matches the local BID for all switches on
the network.
• The root ID identifies the root bridge on the network.
• Initially, each switch identifies itself as the root bridge after
bootup.
• As the switches forward their BPDU frames, adjacent switches read
the root ID information from the BPDU frame.
–If the root ID from the BPDU received is lower than the root ID on
the receiving switch, the receiving switch updates its root ID
identifying the adjacent switch as the root bridge.
–The switch then forwards new BPDU frames with the lower root
ID to the other adjacent switches.
–Eventually, the switch with the lowest BID ends up being
identified as the root bridge for the spanning-tree instance.
Internetworking 12
Best Paths to the Root Bridge
• When the root bridge has been designated for the
spanning-tree instance, the STA starts the process of
determining the best paths to the root bridge from all
destinations in the broadcast domain.
–The path information is determined by summing up
the individual port costs along the path from the
destination to the root bridge.
• The default port costs are defined by the speed at which
the port operates.
–10-Gb/s Ethernet ports have a port cost of 2,
–1-Gb/s Ethernet ports have a port cost of 4,
–100-Mb/s Fast Ethernet ports have a port cost of 19
–10-Mb/s Ethernet ports have a port cost of 100.
–Although switch ports have a default port cost
associated with them, the port cost is configurable.
• To configure the port cost of an interface, enter the
spanning-tree cost value command in interface
configuration mode.
–The range value can be between 1 and 200,000,000.
–In the example, switch port F0/1 has been configured
with a port cost of 25 using the spanning-tree cost 25
interface configuration command on the F0/1 interface.
Internetworking 13
Best Paths to the Root Bridge
(continue)
• Path cost is the sum of all the port costs along the path
to the root bridge.
–The paths with the lowest path cost become the
preferred path, and all other redundant paths are
blocked.
• In the example, the path cost from switch S2 to the root
bridge switch S1, over path 1 is 19, while the path cost
over path 2 is 38.
–Because path 1 has a lower overall path cost to the
root bridge, it is the preferred path.
–STP then configures the redundant path to be
blocked, preventing a loop from occurring.
• To verify the port and path cost to the root bridge, enter
the show spanning-tree privileged EXEC mode
command.
–The Cost field in the output is the total path cost to
the root bridge.
–This value changes depending on how many switch
ports need to be traversed to get to the root bridge.
–In the output, each interface is also identified with
an individual port cost of 19.
• Another command to explore is the show spanning-tree
detail privileged EXEC mode command.
Internetworking 14
The BPDU Process
• Step 1. Initially, each switch identifies itself as the root bridge. Switch S1
has the lowest priority of all three switches. Because the priority is the
initial deciding factor when choosing a root bridge, S1 becomes the root
bridge. If the priority of all the switches was the same, the MAC address
would be the deciding factor.
Internetworking 16
The BPDU Process
Step 7. S1 sends out its BPDU frames.
Internetworking 17
BID Fields
Internetworking 20
Port Roles
• There are 4 port roles that switch automatically configured for STP
process.
1. Root Port - Root port exists on non-root bridges and it is the port with the
best path to the root bridge.
–Only one root port is allowed per bridge.
–S2 and S3 have root ports on the trunk links connecting back to S1.
2. Designated Port - The designated port exists on root and non-root bridges.
–For root bridges, all switch ports are designated ports.
–For non-root bridges, a designated port is the switch port that receives and
forwards frames toward the root bridge as needed.
–Only one designated port is allowed per segment.
–S1 has both sets of ports for its 2 trunk links configured as designated ports. S2
also has a designated port configured on the trunk link going toward S3.
3. Non-designated Port - The non-designated port is a switch port that is
blocked, so it is not forwarding data frames and not populating the MAC
address table with source addresses.
–A non-designated port is not a root port or a designated port.
–For some variants of STP, the non-designated port is called an alternate port.
–S3 has the only non-designated ports in the topology.
• The non-designated ports prevent the loop from occurring.
4. Disabled Port - The disabled port is a switch port that is administratively
shut down.
–A disabled port does not function in the spanning-tree process.
–There are no disabled ports in the example.
Internetworking 21
Port Roles
Internetworking 23
Port Role Decisions
Internetworking 25
Port Role Decisions
Internetworking 27
Port States
• Each switch port transitions through 5 possible port states and 3 BPDU timers.
–The spanning tree is determined immediately after a switch is finished booting up. If a
switch port were to transition directly from the blocking to the forwarding state, the port
could temporarily create a data loop if the switch was not aware of all topology information
at the time.
1. Blocking - The port is a non-designated port and does not participate in frame
forwarding.
–The port receives BPDU frames to determine the location and root ID of the root bridge
switch and what port roles each switch port should assume in the final active STP topology.
2. Listening - STP has determined that the port can participate in frame forwarding
according to the BPDU frames that the switch has received thus far.
–At this point, the switch port is not only receiving BPDU frames, it is also transmitting its
own BPDU frames and informing adjacent switches that the switch port is preparing to
participate in the active topology.
3. Learning - The port prepares to participate in frame forwarding and begins to
populate the MAC address table.
4. Forwarding - The port is considered part of the active topology and forwards frames
and also sends and receives BPDU frames.
5. Disabled - The Layer 2 port does not participate in STP and does not forward frames.
–The disabled state is set when the switch port is administratively disabled.
Internetworking 28
BPDU Timers
• The amount of time that a port stays in the various
port states depends on the BPDU timers.
• Only the switch in the role of root bridge may send
information through the tree to adjust the timers.
–Hello time (2 seconds)
–Forward delay (15 seconds)
–Maximum age (20 seconds)
• At power up: Every switch port goes through the
blocking, listening and learning states. The ports
then stabilize to the forwarding or blocking state.
[Tony] Time to take for converged is 30 seconds:
15 sec Listening + 15 sec Learning
• During a topology change: A port temporarily
implements the listening and learning states for a
specified period called the "forward delay interval.“
–They must also allow the frame lifetime to expire for
frames that have been forwarded using the old
topology
Time to take for converged is 50 seconds:
20 sec Blocking (max age) + 15 sec Listening + 15 sec Learning
Internetworking 29
STP Convergence Steps
Initially, all switch
ports are configured
• To understand the convergence process more for the blocking
thoroughly, it has been broken down into three state, which by
default lasts 20
distinct steps: seconds. This is
–Step 1. Elect a root bridge done to prevent a
–Step 2. Elect root ports loop from occurring
–Step 3. Elect designated and non-designated ports before STP has had
time to calculate the
best root paths and
configure all switch
ports to their specific
roles. While the
switch ports are in a
blocking state, they
are still able to send
and receive BPDU
frames so that the
spanning-tree root
election can
proceed.
Internetworking 30
Step 1. Electing a Root Bridge
• The first step of the spanning-tree process is
to elect a root bridge.
–The root bridge is the basis for all spanning-
tree path cost calculations.
–A root bridge election is triggered after a
switch has finished booting up, or when a path
failure has been detected on a network.
• Immediately after the switches have finished
booting up, they start sending BPDU frames
in an attempt to become the root bridge.
–Initially, all switches assume that they are the
root bridge for the broadcast domain.
–These BPDU frames are sent every 2 seconds
based on the default hello timer value.
• As each switch receives the BPDU frames
from its neighboring switches, they compare
the root ID from the received BPDU frame
with the root ID configured locally.
–If the root ID from the received BPDU frame is
lower than the root ID it currently has, the root
ID field is updated indicating the new best
candidate for the root bridge role.
Internetworking 31
Step 1. Electing a Root Bridge
Internetworking 32
Verify Root Bridge Election
Internetworking 33
Step 2. Elect Root Ports
Internetworking 34
Step 2. Elect Root Ports
Internetworking 35
Verify the Root Port
• You can verify the configuration of the root
ports using the show spanning-tree privileged
EXEC mode command.
–switch S1 has been identified as the root
bridge.
–The switch S2 F0/1 port and switch S3
F0/1 port are the two closest ports to the
root bridge and, therefore, should be
configured as root ports.
• switch S1 reveals that it is the root
bridge and consequently does not have
any root ports configured.
• switch S2 shows that switch port F0/1
is configured as a root port.
• switch S3 shows that switch port F0/1
is configured as a root port.
Internetworking 36
Step 3. Electing Designated Ports and
Non-Designated Ports
Internetworking 37
Step 3. Electing Designated Ports and Non-Designated Ports
Internetworking 38
Verify DP and Non-DP
• You can verify the designated and non-designated ports
using the show spanning-tree privileged EXEC mode
command.
• You can confirm the port configuration using the show
spanning-tree privileged EXEC mode command.
Internetworking 39
-- End of presentation --
Internetworking 40