Spanning Tree Protocol (STP) allows Ethernet LANs to have the added benefits of installing redundant links in a LAN, while overcoming the known problems that occur when adding those extra links. Using redundant links in a LAN design allows the LAN to keep working even when some links fail or even when some entire switches fail. Proper LAN design should add enough redundancy so that no single point of failure crashes the LAN; STP allows the design to use redundancy without causing some other problems.
Without some mechanism like Spanning Tree Protocol (STP) or Rapid STP (RSTP), a LAN with redundant links would cause Ethernet frames to loop for an indefinite period of time. With STP or RSTP enabled, some switches block ports so that these ports do not forward frames. STP and RSTP intelligently choose which ports block, with two goals in mind:
- All devices in a VLAN can send frames to all other devices. In other words, STP or RSTP does not block too many ports, cutting off some parts of the LAN from other parts.
- Frames have a short life and do not loop around the network indefinitely.
What exactly Spanning Tree Does?
TP/RSTP prevents loops by placing each switch port in either a forwarding state or a blocking state. Interfaces in the forwarding state act as normal, forwarding and receiving frames. However, interfaces in a blocking state do not process any frames except STP/RSTP messages (and some other overhead messages). Interfaces that block do not forward user frames, do not learn MAC addresses of received frames, and do not process received user frames.
Below shows a simple STP/RSTP tree that solves the problem shown in Figure 9-1 by placing one port on SW3 in the blocking state.
Now when Bob sends a broadcast frame, the frame does not loop. As shown in the steps in the figure:
- Step 1. Bob sends the frame to SW3.
- Step 2. SW3 forwards the frame only to SW1, but not out Gi0/2 to SW2, because SW3’s Gi0/2 interface is in a blocking state.
- Step 3. SW1 floods the frame out both Fa0/11 and Gi0/1.
- Step 4. SW2 floods the frame out Fa0/12 and Gi0/1.
- Step 5. SW3 physically receives the frame, but it ignores the frame received from SW2 because SW3’s Gi0/2 interface is in a blocking state.
Spanning-tree Terms
1. Root bridge & Election : The root bridge is the bridge with the lowest and, therefore, the best bridge ID. The switches within the STP network elect a root bridge, which becomes the focal point in the network. All other decisions in the network, like which ports on the non root bridges should be blocked or put in forwarding mode, are made from the perspective of the root bridge, and once it has been elected, all other bridges must create a single path to it. The port with the best path to the root bridge is called the root port.
Election is perform on the basis of Bridge ID which is of 8 bytes. In which 2 bytes is of priority and 6 byte is of MAC address. By default priority is 32768. The lower bridge id is preferred for RB. First priority is taken and is it is tie then mac address is seen. In below topology both using the default priority of 32,768, the MAC address will be the determining factor instead. And because Switch A’s MAC address is 0000.0cab.3274 and Switch B’s MAC address is 0000.0cf6.9370, Switch A becomes the root bridge.
2. Non-root bridge : These are all bridges that aren’t the root bridge. Non-root bridges exchange BPDUs with all the other bridges and update the STP topology database on all switches. This prevents loops and helps defend against link failures.
3. BPDU : All switches exchange information to use for the subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU) that it sends to a neighbor with the parameters in the BPDU that it receives from other neighbors. Inside the BPDU is the bridge ID.
4. Bridge ID : The bridge ID is how STP keeps track of all the switches in the network. It’s determined by a combination of the bridge priority, which is 32,768 by default on all Cisco switches, and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network. Once the root bridge is established, every other switch must make a single path to it.
5. Path cost : A switch may encounter one or more switches on its path to the Root Bridge, and there may be more than one possible path. All unique paths are analyzed individually, and a path cost is calculated for each unique path by adding the individual port costs encountered on the way to the Root Bridge.
Bridge Port Roles
- Root port (RP) : The root port is the link with the lowest path cost to the root bridge. If more than one link connects to the root bridge, then a port cost is found by checking the bandwidth of each link. The lowest-cost port becomes the root port. When multiple links connect to the same device, the port connected to the lowest port number on the upstream switch will be the one that’s used. The root bridge can never have a root port designation, while every other switch in a network must have one and only one root port.
- Designated port (DP) : A designated port is one that’s been determined to have the best i.e lowest cost to get to on a given network segment, compared to other ports on that segment. A designated port will be marked as a forwarding port, and you can have only one forwarding port per network segment.
- Blocked port : A blocked port won’t forward frames in order to prevent loops. A blocked port will still always listen to BPDU frames from neighbor switches, but it will drop any and all other frames received and will never transmit a frame.
Spanning-Tree Port States
The ports on a bridge or switch can transition data through five different states:
- Disable : A port in the administratively disabled state doesn’t participate in frame forwarding or STP.
- Blocked : A blocked port won’t forward frames; it just listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths. All ports are in blocking state by default when the switch is powered up.
- Listening : This port listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in listening state prepares to forward data frames without populating the MAC address table. Time taken by this state is 15 Sec to enter learning state.
- Learning : The switch port listens to BPDUs and learns all the paths in the switched network. A port in learning state populates the MAC address table but still doesn’t forward data frames. Time taken by this state is 15 Sec.
- Forwarding : This port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the learning state, it will enter the forwarding state. Time taken by this state is 2 Sec.
STP Timers
STP utilizes three timers to ensure all switches remain synchronized, and to allow enough time for the Spanning Tree process to ensure a loop-free environment.
- Hello Timer – Default is 2 seconds. Indicates how often BPDU’s are sent by switches.
- Forward Delay – Default is 15 seconds. Indicates a delay period in both the listening and learning states of a port, for a total of 30 seconds. This delay ensures STP has ample time to detect and eliminate loops.
- Max Age – Default is 20 seconds. Indicates how long a switch will keep BPDU information from a neighboring switch before discarding it. In other words, if a switch fails to receive BPDU’s from a neighboring switch for the Max Age period, it will remove that switch’s information from the STP topology database.
All timer values can be adjusted, and should only be adjusted on the Root Bridge. The Root Bridge will propagate the changed timers to all other switches participating in STP. Non-Root switches will ignore their locally configured timers. The timers are measured in seconds. To adjust the three STP timers for VLAN 10:
Switch(config)# spanning-tree vlan 10 hello-time 10
Switch(config)# spanning-tree vlan 10 forward-time 20
Switch(config)# spanning-tree vlan 10 max-age 40
