Module 3 - Spanning-Tree Protocol PDF

HANOICTT NETWORKING ACADEMY
CCCCNNPA Semester3
Semes t eBrC 3M S N
Module 3
Spanning-Tree
Protocol
www.hanoictt.com

CCNA
P SSeem
meesstteerr13 - B C M S N
Overview
www.hanoictt.com
CCNA
P SSeem
STP concepts
STP is a loop-prevention protocol
STP allows L2 devices to communicate with each other to discover physical
loops in the network.
STP specifies an algorithm that L2 devices can use to create a loop-free logical
topology.
STP creates a tree structure of loop-free leaves and branches that spans the
entire Layer 2 network.
www.hanoictt.com

CCNA
P SSeem
Broadcast loops
Broadcasts and Layer 2 loops can be a dangerous combination.
Ethernet frames have no TTL field
After an Ethernet frame starts to loop, it will probably continue until someone
shuts off one of the switches or breaks a link.
www.hanoictt.com
CCNA
P SSeem
Flooded unicast frames, Bridge-table corruption

Feedback loop, which will bring down the network.
Each switch ends up receiving the frame (originally from Host A) on two different
ports.
The switches will flip flop the bridging table entry for Host A (creating extremely
high CPU utilization).
Assume no SPT on
switches and host B has
been removed
www.hanoictt.com

CCNA
P SSeem
Spanning-Tree Protocol Operation (IEEE 802.1D)

The purpose of STP is to avoid and eliminate loops in the network by negotiating
a loop-free path through a root bridge.
STP determines where the are loops and blocks links that are redundant.
Ensures that there will be only one active path to every destination.
STP executes an algorithm called STA.

STA chooses a reference point, called a root bridge, and then determines the
available paths to that reference point.
If more than two paths exists, STA picks the best path and blocks the rest
www.hanoictt.com
CCNA
P SSeem
STP Concepts: Bridge ID
Bridge ID (BID) is used to identify each bridge/switch.
The BID is used in determining the center of the network known as the root
bridge.
Bridge Priority is usually expressed in decimal format and the MAC address in
the BID is usually expressed in hexadecimal format.
www.hanoictt.com
Lowest Bridge ID is the root.

If all devices have the same priority, the bridge with the lowest MAC address
becomes the root bridge

CCNA
P SSeem
STP Concepts: Path Cost
<= 10Gb
> 10Gb
Bridges use the concept of cost to evaluate how close they are to other bridges.
This will be used in the STP development of a loop-free topology .
Originally, 802.1d defined cost as 1000/bandwidth of the link in Mbps, cost of

10Mbps link = 100 or 1000/10 and so on but it has been changed later due to
faster switches
www.hanoictt.com
Dont change path cost if youre not sure

CCNA
P SSeem
STP Concepts: Port ID

CatOS
switch
On a CatOS switch, the first number is 6 bits and the second number is 10 bits.
On an IOS-based switched, both numbers are 8 bits
Lower Port IDs are preferred over higher Port IDs in the STP decision
The Port Priority is a configurable STP parameter (unlike the Port Number). The
values range from 0 to 255 on an IOS-based switch, with a default value of 128.
Port Number is from 0 to 28 = 256
16 bit
IOS
www.hanoictt.com
switch
8 bit 8 bit

CCNA
P SSeem
Four-Step STP Decision Sequence

When creating a loop-free topology, STP always uses the same four-
step decision sequence:
Four-
Four-Step decision Sequence
Step 1 - Lowest BID
Step 2 - Lowest Path Cost to Root Bridge
Step 3 - Lowest Sender BID
Step 4 - Lowest Port ID
Bridges use Configuration BPDUs during this four-step process.
We will assume all BPDUs are configuration BPDUs until otherwise
noted.
www.hanoictt.com
CCNA
P SSeem
STP decisions and BPDU exchanges
Information inside a
BPDU
When a bridge first becomes active, all its ports send BPDUs every 2 seconds (the default
Hello Time). if a port hears about a BPDU from another bridge that is more attractive (use four-
step sequence above) than the BPDU it has been sending, the local port stops sending
BPDUs. If the more-attractive BPDU stops arriving from a neighbor for 20 seconds (the default
Max Age), the local port resumes sending BPDUs. Max Age is the time it takes for the best
BPDU to time out.
Bridges save a copy of only the best BPDU seen on every port.
www.hanoictt.com
Only the lowest value BPDU is saved.

When making this evaluation, it considers all of the BPDUs received on the port, as well as the
BPDU that would be sent on that port.
If the new BPDU (or the locally generated BPDU) is more attractive, the old value is replaced.
Bridges send configuration BPDUs until a more attractive BPDU is received.

CCNA
P SSeem
STP decisions and BPDU exchanges
As the Root Path

Cost travels along,
other switches can
modify its value to
make it cumulative.
After a Root Bridge is decided, configuration BPDUs are only sent by the Root
Bridge. All other bridges must forward or relay the BPDUs, adding their own
Sender Bridge IDs to the message.)
www.hanoictt.com
CCNA
P SSeem
Three steps of STP convergence
The STP algorithm uses three simple steps to

converge on a loop-free topology:
Step 1 Elect one Root Bridge

Step 2 Elect Root Ports
Step 3 Elect Designated Ports
www.hanoictt.com

CCNA
P SSeem
Root
Bridge
Cost=19 1/1 1/2 Cost=19
Cat-A
Our Sample Topology

1/1 1/1
Cat-B Cat-C
1/2 1/2
www.hanoictt.com
Cost=19
CCNA
P SSeem
STP Convergence
When the network first starts, all bridges are announcing a chaotic mix of
BPDUs.
All bridges immediately begin applying the four-step sequence decision process.
Switches need to elect a single Root Bridge.
Switch with the lowest BID wins!
Note: Many texts refer to the term highest priority which is the lowest BID
value.
This is known as the Root War.
www.hanoictt.com

CCNA
P SSeem
STP Convergence
Cat-A has the lowest Bridge MAC Address, so it wins the Root War!
All 3 switches have the same default Bridge Priority value of 32,768
www.hanoictt.com
CCNA
P SSeem
STP Convergence
Its all done with BPDUs!
www.hanoictt.com

CCNA
P SSeem
STP Convergence
BPDU
802.3 Header
Destination: 01:80:C2:00:00:00 Mcast 802.1d Bridge group
Source: 00:D0:C0:F5:18:D1
LLC Length: 38
802.2 Logical Link Control (LLC) Header
Dest. SAP: 0x42 802.1 Bridge Spanning Tree
Source SAP: 0x42 802.1 Bridge Spanning Tree
Command: 0x03 Unnumbered Information
802.1 - Bridge Spanning Tree
Protocol Identifier: 0
Protocol Version ID: 0
Message Type: 0 Configuration Message
Flags: %00000000
Root Priority/ID: 0x8000/ 00:D0:C0:F5:18:C0
Cost Of Path To Root: 0x00000000 (0)
www.hanoictt.com
Bridge Priority/ID: 0x8000/ 00:D0:C0:F5:18:C0

Port Priority/ID: 0x80/ 0x1D
Message Age: 0/256 seconds (exactly 0 seconds)
Maximum Age: 5120/256 seconds (exactly 20 seconds)
Hello Time: 512/256 seconds (exactly 2 seconds)
Forward Delay: 3840/256 seconds (exactly 15 seconds)
CCNA
P SSeem
STP Convergence
At the beginning, all bridges assume they are the center of the universe and
declare themselves as the Root Bridge, by placing its own BID in the Root BID
field of the BPDU.
www.hanoictt.com

CCNA
P SSeem
STP Convergence
www.hanoictt.com
Once all of the switches see that Cat-A has the lowest BID, they are
all in agreement that Cat-A is the Root Bridge.
CCNA
P SSeem
STP Convergence
Now that the Root War has been won, switches move on to selecting Root
Ports.
A bridges Root Port is the port closest to the Root Bridge.
Bridges use the cost to determine closeness.
Every non-Root Bridge will select one Root Port!
Specifically, bridges track the Root Path Cost, the cumulative cost of all links to
the Root Bridge.
www.hanoictt.com

CCNA
P SSeem
Root
Bridge
Cost=19 1/1 1/2 Cost=19
Cat-A
BPDU BPDU
Cost=0 Cost=0
BPDU BPDU
1/1
Cost=0+19=19 Cost=0+19=19 1/1
Cat-B Cat-C
1/2 1/2
Step 1 Cost=19
www.hanoictt.com
Cat-A sends out BPDUs, containing a Root Path Cost of 0.

Cat-B receives these BPDUs and adds the Path Cost of Port 1/1 to the Root Path Cost
contained in the BPDU.
Step 2
Cat-B add Root Path Cost 0 PLUS its Port 1/1 cost of 19 = 19
CCNA
P SSeem
Root
Bridge
Cost=19 1/1 1/2 Cost=19
Cat-A
BPDU BPDU
Cost=0 Cost=0
BPDU BPDU
1/1
Cost=19 Cost=19 1/1
Cat-B Cat-C
1/2 BPDU BPDU 1/2
BPDU Cost=19 Cost=19 BPDU
Cost=38 (19=19) Cost=38 (19=19)
Step 3 Cost=19
www.hanoictt.com
Cat-B uses this value of 19 internally and sends BPDUs with a Root Path Cost of 19
out Port 1/2.
Step 4
Cat-C receives the BPDU from Cat-B, and increased the Root Path Cost to 38 (19+19).
(Same with Cat-C sending to Cat-B.)

CCNA
P SSeem
Root
Bridge
Cost=19 1/1 1/2 Cost=19
The costs increment Cat-A

as BPDUs are received BPDU BPDU
on a port, not as they Cost=0 Cost=0
are sent out of the port
BPDU BPDU Root Port

Root Port 1/1
Cost=19 Cost=19 1/1
Cat-B Cat-C
1/2 1/2
BPDU BPDU
Cost=38 (19=19) Cost=38 (19=19)
Cost=19
www.hanoictt.com
Step 5
Cat-B calculates that it can reach the Root Bridge at a cost of 19 via Port 1/1 as
opposed to a cost of 38 via Port 1/2.
Port 1/1 becomes the Root Port for Cat-B, the port closest to the Root Bridge.
Cat-C goes through a similar calculation. Note: Both Cat-B:1/2 and Cat-C:1/2 save the
best BPDU of 19 (its own).
CCNA
P SSeem
STP Convergence
The loop prevention part of STP becomes evident during this step, electing
designated ports.
A Designated Port functions as the single bridge port that both sends and receives
traffic to and from that segment and the Root Bridge.
Each segment in a bridged network has one Designated Port, chosen

based on cumulative Root Path Cost to the Root Bridge.
The switch containing the Designated Port is referred to as the Designated Bridge
for that segment.
To locate Designated Ports, lets take a look at each segment.
www.hanoictt.com
Root Path Cost, the cumulative cost of all links to the Root Bridge.

CCNA
P SSeem
Root
Root Path Cost = 0 Bridge Root Path Cost = 0
Cost=19 1/1 1/2 Cost=19
Segment 1 Segment 2
Cat-A
Root Path Cost = 19 Root Path Cost = 19

1/1 1/1
Root Port Root Port
Cat-B Cat-C
1/2 1/2
Segment 3
Cost=19
www.hanoictt.com
Segment 1: Cat-A:1/1 has a Root Path Cost = 0 (after all it is the Root Bridge) and Cat-
B:1/1 has a Root Path Cost = 19.
Segment 2: Cat-A:1/2 has a Root Path Cost = 0 (after all it is the Root Bridge) and Cat-
C:1/1 has a Root Path Cost = 19.
Segment 3: Cat-B:1/2 has a Root Path Cost = 19 and Cat-C:1/2 has a Root Path Cost =
19. Its a tie!
CCNA
P SSeem
Root
Cost=19 1/1 1/2 Cost=19
Segment 1 Segment 2
Cat-A
Designated Port Designated Port

1/1 1/1
Root Port Root Port
Cat-B Cat-C
1/2 1/2
Segment 3
Segment 1 Cost=19
www.hanoictt.com
Because Cat-A:1/1 has the lower Root Path Cost it becomes the Designate Port for
Segment 1.
Segment 2
Because Cat-A:1/2 has the lower Root Path Cost it becomes the Designate Port for
Segment 2.

CCNA
P SSeem
Root
Cost=19 1/1 1/2 Cost=19
Segment 1 Segment 2
Cat-A
Designated Port Designated Port

1/1 1/1
Root Port Root Port
Cat-B Cat-C
1/2 1/2
Segment 3
Segment 3 Cost=19
www.hanoictt.com
Both Cat-B and Cat-C have a Root Path Cost of 19, a tie!
When faced with a tie (or any other determination) STP always uses the four-step
decision process:
1. Lowest Root BID; 2. Lowest Path Cost to Root Bridge;
3. Lowest Sender BID; 4. Lowest Port ID
CCNA
P SSeem
Root
Cost=19 1/1 1/2 Cost=19
Segment 1 Segment 2
Cat-A
All port on Designated Port Designated Port
Root bridge will
Be designated port
Root Path Cost = 19

Root Path Cost = 19
1/1 1/1
Root Port Root Port
Cat-B 32,768.CC-CC-CC-CC-CC-CC Cat-C

1/2 32,768.BB-BB-BB-BB-BB-BB 1/2
Designated Port Segment 3 Non-Designated Port
Segment 3 (continued) Cost=19
www.hanoictt.com
1) All three switches agree that Cat-A is the Root Bridge, so this is a tie.
2) Root Path Cost for both is 19, also a tie.
3) The senders BID is lower on Cat-B, than Cat-C, so Cat-B:1/2 becomes the Designated Port for
Segment 3.
Cat-C:1/2 therefore becomes the non-Designated Port for Segment 3.

CCNA
P SSeem
Port Cost/Port ID
0/2
0/1
Assume path cost and port

priorities are default (32). Port ID
used in this case. Port 0/1 would
forward because its the lowest.
If the path cost and bridge IDs are equal (as in the case of parallel links), the
www.hanoictt.com
switch goes to the port priority as a tiebreaker.

Lowest port priority wins (all ports set to 32).
You can set the priority from 0 63.
If all ports have the same priority, the port with the lowest port number forwards
frames.
CCNA
P SSeem
STP Convergence
Recap
Recall that switches go through three steps for their initial convergence:
STP Convergence
Also, all STP decisions are based on a the following predetermined
sequence:
Four-
Four-Step decision Sequence
Step 1 - Lowest BID
Step 2 - Lowest Path Cost to Root Bridge
www.hanoictt.com
Step 3 - Lowest Sender BID

Step 4 - Lowest Port ID

CCNA
P SSeem
STP Convergence
Recap
Example:
A network that contains 15 switches and 146 segments (every switchport is a
unique segment) would result in:
1 Root Bridge
14 Root Ports
146 Designated Ports
www.hanoictt.com
CCNA
P SSeem
Spanning-Tree Port States

www.hanoictt.com

CCNA
P SSeem
Blocked:
All ports start in blocked mode in order to prevent the bridge from creating a bridging
loop.
Port are listening (receiving) BPDUs. Does not transmit BPDUs
No user frame data is being sent/received.
The port stays in a blocked state if Spanning Tree determines that there is a better path
to the root bridge.
May take a port up to 20 seconds to transition out of this state (max age). - coming soon.
www.hanoictt.com
Receives and responds to network management messages but does not transmit them
CCNA
P SSeem
Listen:
The port transitions from the blocked state to the listen state
Attempts to learn whether there are any other paths to the root bridge
Listens to frames (sending and receiving BPDUs)
Port is not sending or receive user data
Listens for a period of time called the forward delay (default 15 seconds).
Ports that lose the Designated Port election become non-Designated Ports and drop
back to Blocking state.
Receives and responds to network management messages
www.hanoictt.com

CCNA
P SSeem
Designated Ports & Root Ports
Non-Designated Ports
www.hanoictt.com
CCNA
P SSeem
Learn:
The learn state is very similar to the listen state, except that the port can add
information it has learned to its address table.
Gathering information, such as the source VLANs of data frames. The Learning
state reduces the amount of flooding required when data forwarding begins.
Adds addresses to MAC Address Table
Still not allowed to send or receive user data
Learns for a period of time called the forward delay (default 15 seconds)
www.hanoictt.com

CCNA
P SSeem
Forward:
The port can send and receive user data.

Adds addresses to MAC Address Table
A port is placed in the forwarding state if:
There are no redundant links
or
It is determined that it has the best path to the root
www.hanoictt.com
CCNA
P SSeem

Disabled: The port is shutdown.
www.hanoictt.com

CCNA
P SSeem
Results of BPDU exchange
A root port for each switch and a designated port for each segment is selected.
These ports provide the best path from the switch to the root switch (usually
the lowest-cost path).
These ports are put in the forwarding mode.
Ports that will not be forwarding are placed in the blocked state.
These ports will continue to receive BPDU information but will not be
allowed to send or receive data.
If a bridge thinks it is the Root Bridge immediately after

booting or in the absence of BPDUs for a certain period of
time, the port transitions into the Listening state to determine
the active topology
www.hanoictt.com
CCNA
P SSeem

www.hanoictt.com

CCNA
P SSeem
2
Listening
5
3
4
1
Disabled or 4
Blocking Learning
Down
2
4
5
6
2
Forwarding
www.hanoictt.com
Standard States Cisco Specific States

(1) Port enabled or initialized (6) PortFast
(2) Port disabled or failed (7) Uplink Fast
(3) Port selected as Root or Designated Port
(4) Port ceases to be a Root or Designated Port
(5) Forwarding timer expires
CCNA
P SSeem
STP Timers
www.hanoictt.com

CCNA
P SSeem
STP Timers
Forward Delay Timer

The default value of the forward delay (15 seconds) was originally
derived assuming a maximum network size of 7 bridge hops, a
maximum of three lost BPDUs, and a hello-time interval of 2 seconds.
The Forward Delay timer also controls the bridge table age-out period
after a change in the active topology.
Forward delay is used to determine the length of:

Listening state
Learning state
www.hanoictt.com
CCNA
P SSeem
STP Timers
Max Age Timer

Max Age is the time that a bridge stores a BPDU before discarding it.
Each port saves a copy of the best BPDU it has seen.
If the device sending this best BPDU fails, it may take 20 seconds a
switch transits the connected port to Listening.
www.hanoictt.com

CCNA
P SSeem
STP Timers
Modifying Timers
Do not change the default timer values without careful consideration.
Modify the STP timers only from the root bridge
The BPDUs contain three fields where the timer values can be passed
from the root bridge to all other bridges in the network.
www.hanoictt.com
CCNA
P SSeem
STP Timer Example
It can take 30-50 seconds for a switch to adjust to a

change in topology depends on the failure is on direct
or indirect link.
www.hanoictt.com

CCNA
P SSeem
Example
www.hanoictt.com
Hub
CCNA
P SSeem
X Fails Not seeing BPDU from Cat-B
Hub
Ages out BPDU and goes into Listening mode

www.hanoictt.com
Cat-B:1/2 fails. Cat-C has no immediate notification because its still receiving a link
from the hub. Cat-C notices it is not receiving BPDUs from Cat-B. 20 seconds (max
Hub
age) after the failure, Cat-C ages out the BPDU that lists Cat-B as having the DP for
segment 3. This causes Cat-C:1/2 to transition into the Listening state in an effort to
become the DP.

CCNA
P SSeem
50s to take
Indirect
link failure
X Fails
Forwarding
Listening Mode
Mode
Hub
www.hanoictt.com
Because Cat-C:1/2 now offers the most attractive access from the Root
Bridge to this link, it eventually transitions all the way into Forwarding
Hub
mode. In practice this will take 50 seconds (20 max age + 15 Listening +
15 Learning) for Cat-C:1/2 to take over after the failure of Cat-B:1/2.
CCNA
P SSeem
Direct link
X Fails
failure
30s to take
Forwarding
Listening Mode
Mode
Hub
Because Cat-C:1/1 fails, Cat-C immediately knows, no need to wait 20 seconds

www.hanoictt.com
for the old information to age out

Port-1/2 on Cat-C immediately goesHub
into Listening mode in an attempt to
become the new Root Port (STP convergence time = 15 Listening + 15
Learning)

CCNA
P SSeem
BPDU format
IEEE 802.1D Spanning-Tree Protocol BPDU frame
Cisco Spanning-Tree Protocol BPDU frame
The Frame Control field is always 01.

The Destination field indicates the destination address as specified in the Bridge Group Address
table. For IEEE Spanning-Tree Protocol BPDU frames, the address is 0x800143000000.
The Source Address field indicates the base MAC address used by the switch. For Cisco
Spanning-Tree Protocol BPDU frames, the multicast bit is set to indicate the presence of a
Routing Information Field (RIF) in the header.
www.hanoictt.com
The Routing Information field is only applicable to Cisco Spanning-Tree Protocol BPDU
frames, the Routing Information field must be set to 0x0200.
The Logical Link Control field controls all types of Spanning-Tree Protocol BPDU frames, this
field is set to 0x424203.
CCNA
P SSeem
Spanning Tree BPDU

Protocol Identifier (2 bytes) Protocol Identifier (2 bytes), always 0
Version (1 byte) Version (1 byte), always 0
Message Type (1 byte) Message Type (1 byte): Determines whether
this is a Configuration BPDU or TCN BPDU
Flags (1 byte)
Flags (1 byte): Used with topology changes.
Root ID (8 bytes) Used with TCN BPDUs (see later)
Cost to Root (4 bytes) Root BID (8 bytes): Indicates current Root
Bridge ID (8 bytes) Bridge on the network, includes:
Port ID (2 bytes) Bridge Priority (2 bytes)
Message Age (2 bytes) Bridge MAC Address (6 bytes)
Maximum Age (2 bytes) Known as the Bridge Identifier of the
www.hanoictt.com
Hello Time (2 bytes) Root Bridge
Forward Delay (2 bytes)

CCNA
P SSeem
Spanning Tree BPDU

Protocol Identifier (2 bytes) Root Path Cost (Cost to Root) (4 bytes):
Cumulative cost of the path from the bridge
Version (1 byte) sending the BDPU to the Root Bridge
Message Type (1 byte) indicated in the Root ID field. Cost is based
Flags (1 byte) on bandwidth.
Root ID (8 bytes) (Senders) Bridge ID (8 bytes): Bridge ID
Cost to Root (4 bytes) sending the BDPU
2 bytes: Bridge Priority
Bridge ID (8 bytes)
6 bytes: MAC Address
Port ID (2 bytes)
Port ID (2 bytes): Port on bridge sending
Message Age (2 bytes) BDPU, including Port Priority value.
Maximum Age (2 bytes)
www.hanoictt.com
Hello Time (2 bytes)

CCNA
P SSeem
Spanning Tree BPDU

Protocol Identifier (2 bytes) Message Age (2 bytes): The Message Age
Version (1 byte) field indicates the amount of time that has
Message Type (1 byte) elapsed since the root sent the configuration
message on which the current configuration
Flags (1 byte) message is based. Age of BDPU, encoded in
Root ID (8 bytes) 256ths of a second.
Cost to Root (4 bytes) Maximum Age (2 bytes): When BDPU
Bridge ID (8 bytes) should be discarded (default 20 sec)
Port ID (2 bytes) Hello Time (2 bytes): How often BDPUs are
to be sent (default 2 sec)
Message Age (2 bytes)
Forward Delay (2 bytes): How long bridge
www.hanoictt.com
should remain in listening and learning states

Hello Time (2 bytes) (default 15 sec)

CCNA
P SSeem
Spanning Tree BPDU

Protocol Identifier (2 bytes)
Version (1 byte)
Message Type (1 byte)
Flags (1 byte)
Root ID (8 bytes)
The Flags field includes one of the following:
Cost to Root (4 bytes)
Bridge ID (8 bytes) A Topology change (TC) bit, which signals a
Port ID (2 bytes) topology change, and signifies this BPDU
as a Topology Change Notification (TCN)
Message Age (2 bytes) BPDU. Without this bit set, the BPDUs are
www.hanoictt.com
Configuration BPDUs.
Hello Time (2 bytes) A Topology change acknowledgment (TCA)
bit, which is set to acknowledge receipt of
Forward Delay (2 bytes) a configuration message with the TC bit
set.
CCNA
P SSeem
Topology change problem

It can take 30-50 seconds for a single switch to adjust to a change in topology.
While the network is converging, physical addresses that can no longer be
reached are still listed in the MAC address table.
Because these addresses are in the table, the switch will attempt to forward
frames to devices it cannot reach.
www.hanoictt.com

CCNA
P SSeem
STP Topology Changes
The STP change process requires the switch to clear the table faster in order to get rid
of unreachable physical addresses.
If a switch detects a change, it can send a Topology Change Notification (TCN) BPDU
out its root port.
The topology change BPDU is forwarded to the root switch, and from there, is
propagated throughout the network.
TCN does not start a STP recalculation.
TCN causes: TCA, TC, Root Bridge sets TC in CBPDU for a period of time =
Forward Delay + Max Age
A bridge receiving a TC message from the Root Bridge will use the Forward Delay
timer (15 seconds) to age out entries in the address table (until no more TC
www.hanoictt.com
received). This allows the device to age out entries faster than the normal 5-
minute default so that stations no longer available are aged out faster.
CCNA
P SSeem
Understanding Spanning-Tree Protocol Topology Changes

http://www.cisco.com/warp/public/473/17.html
Remember that a TCN does not start a STP recalculation. This fear comes from the fact
that TCNs are often associated with unstable STP environments; TCNs are a
consequence of this, not a cause. The TCN only has an impact on the aging time; it will
not change the topology nor create a loop.
The number or the rate of topology changes is not an issue in itself. The problem is to
know what the topology change means. A healthy network can experience a high rate of
topology change. Nevertheless, ideally, a topology change would be related to a
significant event in the network like a server going up or down or a link transitioning. This
can be achieved by enabling portfast on ports that are going up and down as part of
their normal operation.
www.hanoictt.com

CCNA
P SSeem
Host D
Hub
DD-DD DD-DD 1/1
EE-EE 1/1
DD-DD 1/1 Host E DD-DD 1/1

EE-EE 1/2 EE-EE EE-EE 1/1
X Fails
Forwarding
Listening Mode
Mode
Hub
Host-D is communicating with Host-E, via Cat-B, while Cat-B:1/2 fails. As discussed earlier, Cat-C:1/2
takes over as the DP in 50 seconds. However, without TCN BPDUs, the data traffic continues to be be
www.hanoictt.com
sent to Cat-B for another 4 minutes and 10 seconds. Why? Prior to the failure notice the MAC Address
Tables. All three switches have the traffic traveling counter-clockwise, because Cat-C:1/2 was in
Hub
blocking mode. Although the change in Cat-C:1/2 is in forwarding mode, the MAC Address Tables are
not correctly reflecting the change in STP topology.
CCNA
P SSeem
Host D
Hub
DD-DD DD-DD 1/1
EE-EE 1/2
1/1
Config BPDU (TC)
DD-DD 1/1 Host E TCN BPDU DD-DD 1/1

EE-EE 1/1
1/2 EE-EE EE-EE 1/2
1/1
X Fails
Forwarding
Listening Mode
Mode
Hub
One option is to wait for the normal timeout of this entry in the MAC Address Table, which is 300
seconds (5 minutes). (This is where we got the 4 minutes and 10 seconds, plus 50 seconds for the STP
www.hanoictt.com
timers.) A better solution is for switches to send out TCN BPDUs when there is a change in the
forwarding state of a port, so switches age out their MAC Address Tables from 300 seconds to 15
Hub
seconds (Forward Delay). Doesnt flush MAC Address Table, just accelerates the aging process.
Devices that continue to speak for that 15 seconds will remain in the table. All other frames are flooded
until the switch learns otherwise.

CCNA
P SSeem
STP Topology Changes
A Bridge originates a TCN BPDU in two conditions:

1. It transitions a port into Forwarding state and it has at lease one Designated
Port or Root Port.
2. It transitions a port from either Forwarding or Learning states to the Blocking
state.
On bridges with Designated Ports accept and process TCN BPDUs.
The Root Bridge will send out Configuration BPDUs
www.hanoictt.com
CCNA
P SSeem
TCN BPDU
Much simpler than a Configuration BPDU.
Only three fields, Protocol ID, Version, and Type (TCN).
Type (TCN)
www.hanoictt.com

CCNA
P SSeem
STP Enhancements
Enhancements of the IEEE 802.1D specification have been developed in an
attempt to speed up STP alternate path selection because in L3 environment
protocols such as OSPF and EIGRP are able to provide an alternate path in less
time.
It would be advantageous to decrease STP convergence time and reduce the
length of the disruption (while convergence)
PortFast
UplinkFast
BackboneFast
www.hanoictt.com
CCNA
P SSeem
STP Enhancements: PortFast

PortFast is a Catalyst feature that causes a switch or trunk port to enter the spanning tree Forwarding
state immediately, bypassing the Listening and Learning states
When PortFast is enabled on a switch or trunk port, the port is immediately transitioned to the Forwarding
state. As soon as the switch detects the link, the port is transitioned to the Forwarding state (less than 2
seconds after the cable is plugged in)
If a loop is detected and PortFast is enabled, the port is transitioned to the Blocking state. PortFast
begins only when the port first initializes. If the port is forced into the Blocking state for some reason
and later needs to return to the Forwarding state, the usual Listening and Learning processes are
performed
The PortFast feature gives immediate end-station access and the safety net of STP (STP is needed for
redundancy)
www.hanoictt.com
Access
layer

CCNA
P SSeem
STP Enhancements: UplinkFast

UplinkFast is a Catalyst feature that accelerates the choice of a new Root Port when a link or switch
fails or when STP reconfigures itself
The Root Port transitions to the Forwarding state immediately without going through the Listening and
Learning states,
UplinkFast also limits the burst of multicast traffic by reducing the max-update-rate. For IOS the
default for this parameter is 150 packets per second.
It easy for the local switch to update its bridging table of MAC addresses to point to the new uplink.
However, UplinkFast also provides a mechanism for the local switch to notify other upstream switches
that stations downstream (or on toward the access layer) can be reached over the newly activated
uplink.
This action is accomplished by sending dummy multicast frames to destination 0100.0ccd.cdcd from
source addresses of the stations in the Content-Addressable Memory (CAM) table. These multicast
frames are sent out at a rate specified by the max-update-rate parameter in packets per second. The
default is 150 packets per second (pps), but the rate can range from 0 to 65,535 pps. If the value is 0,
no dummy multicasts are sent.
www.hanoictt.com
CCNA
P SSeem
STP Enhancements: UplinkFast

Switches receiving these dummy multicast frames immediately update their bridge table entries for each
source MAC address to use the new port, allowing the switches to begin using the new path almost
immediately.
In the event that connectivity on the original Root Port is restored, the switch waits for a period equal to
twice the Forward Delay time plus 5 seconds before transitioning the port to the Forwarding state in
order to allow the neighbor port time to transition through the Listening and Learning states to the
Forwarding state.
This change takes

approximately 1
to 5 seconds.
(block to forward
state)
www.hanoictt.com
Use in
Access
layer not
backbone

CCNA
P SSeem
STP Enhancements: BackboneFast

BackboneFast is a Catalyst feature that is initiated when a Root Port or blocked port on a switch
receives inferior BPDUs from its Designated Bridge. An inferior BPDU identifies one switch as both
the Root Bridge and the Designated Bridge. When a switch receives an inferior BPDU, it means
that a link to which the switch is not directly connected (an indirect link) has failed. That is, the
Designated Bridge has lost its connection to the Root Bridge. Under STP rules, the switch ignores
inferior BPDUs for the configured Max Age (the default is 20s).
The role of BackboneFast is essentially to shorten this 20-second delay by:
Actively identify alternative path to root bridge by use protocol Root Link Query
RLQ is a kind of ping for the root on a non-designated port and allowed to quickly
confirm if the BPDU stored on a port is still valid or needs to be discarded.
Age out (shorten Max Age timer) on port receiving inferior BPDU (adapt to new topology) or
recalculate STP
www.hanoictt.com
CCNA
P SSeem
BackboneFast: How it does work ?

www.hanoictt.com

CCNA
P SSeem
BackboneFast purpose is short-circuiting the Max Age Timer when needed. Although
this function shortens the time a switch waits to detect a Root Path failure, ports still
must go through full-length Forward Delay Timer intervals during the Listening and
Learning states
While PortFast and UplinkFast enable immediate transitions, BackboneFast can only
reduce the maximum convergence delay from 50 to 30 seconds.
When used, BackboneFast (Cisco proprietary) should be enabled on all switches in
the network because BackboneFast requires the use of the RLQ Request and Reply
mechanism to inform switches of Root Path stability.
The RLQ protocol is active only when BackboneFast is enabled on a switch. By
default,BackboneFast is disabled.
www.hanoictt.com
CCNA
P SSeem
802.1w Rapid Spanning-Tree Protocol

Rapid Spanning-Tree Protocol (RSTP; IEEE 802.1w) can be seen as an
evolution of the 802.1D
RSTP performs better than Cisco's proprietary extensions without any
additional configuration
802.1w is also capable of reverting back to 802.1D in order to
interoperate with legacy bridges on a per-port basis
www.hanoictt.com

CCNA
P SSeem
STP evolution
www.hanoictt.com
CCNA
P SSeem
RSTP states
RSTP is able to actively confirm that a port can safely transition to forwarding
without relying on any timer configuration
There is now a real feedback mechanism that takes place between RSTP-
compliant bridges
New concepts:
Edge ports (Cisco PortFast feature)
Link type
www.hanoictt.com

CCNA
P SSeem
on directly
d stati
o en transition to
n ect t forwarding
Con
Edge
port Conn
e ct to
s witch becomes a
normal
spanning
tree port
directly
t transition to
poin
t to
Poin forwarding
Link type identify automatically:
Link Full duplex => P-t-P
www.hanoictt.com
type Conn
e Half duplex => shared link
ct to
H UB Shared link,
work as Today, most links are operating in full-duplex
normal mode makes them candidates for rapid transition
to forwarding.
CCNA
P SSeem
RSTP port roles
Blocking port
Port blocked by Port blocked by

receiving more receiving more
www.hanoictt.com
useful BPDUs useful BPDUs

from another from the same
bridge bridge it is on
REALLY
uplink fast usage
alternate path to
the root bridge (Cisco)

CCNA
P SSeem
RSTP port roles

The spanning-tree algorithm (STA) determines the role of a port based on Bridge
Protocol Data Units (BPDUs)
RSTP calculates the final topology for the spanning tree using exactly the same
criteria as 802.1D.
The name blocking is used for the discarding state in Cisco implementation.
Port role is determined by RTSP but its current state may different.
E.g. a port to be designated role but its current state is blocking.
(This will typically happen for very short periods of time, it simply
means that this port is in a transitory state towards designated
forwarding)
www.hanoictt.com
CCNA
P SSeem
Spanning Tree BPDU

Protocol Identifier (2 bytes) Version (1 byte), always 0,
Version (1 byte) In RSTP BPDU is now of type 2, version 2.
The implication of this is that legacy bridges
must drop this new BPDU. This property
Flags (1 byte) makes it easy for an 802.1w bridge to detect
Root ID (8 bytes) legacy bridges connected to it.
Bridge ID (8 bytes)
Port ID (2 bytes)
www.hanoictt.com


CCNA
P SSeem
RSTP BPDU Format

A few changes have been introduced by RSTP to the BPDU format. Only two flags,
Topology Change (TC) and TC Acknowledgment (TCA), were defined in 802.1d, however
RSTP now uses all six remaining bits of the flag byte
Spanning Tree BPDU

Protocol Identifier (2 bytes) Port + status
Version (1 byte)
Flags (1 byte)
Root ID (8 bytes)
www.hanoictt.com
Bridge ID (8 bytes)
Port ID (2 bytes)
CCNA
P SSeem
RSTP BPDU Format

A few changes have been introduced by RSTP to the BPDU format. Only two flags,
Topology Change (TC) and TC Acknowledgment (TCA), were defined in 802.1d, however
RSTP now uses all six remaining bits of the flag byte
RSTP uses an interactive process so that two

www.hanoictt.com
neighboring switches can negotiate state

changes. Some BPDU bits are used to flag messages
during this negotiation.

CCNA
P SSeem
Synchronization
RSTP handles the complete STP convergence of the
network as a propagation of handshakes over point-
to-point links. When a switch needs to make an STP
decision, a handshake is made with the nearest
neighbor. After that is successful, the handshake
sequence is moved to the next switch and the next, as
an ever-expanding wave moving toward the networks
edges.
During each handshake sequence, a switch must take
measures to be completely sure it will not introduce a
bridging loop before moving the handshake out. This
is done through a synchronization process.
A port is in-sync if it meets either of the following criteria:

www.hanoictt.com
It is in a Blocking state (which means discarding, in a stable

topology).
It is an edge port.
The proposal agreement mechanism is very fast, as it does not rely on
any timers
CCNA
P SSeem
RSTP convergence
To participate in RSTP
convergence, a switch must decide
the state of each of its ports.
Nonedge ports begin in the
Discarding state. After BPDUs are
exchanged between the switch and
its neighbor, the Root Bridge can
be identified. If a port receives a
superior BPDU from a neighbor,
that port becomes the Root Port.
For each nonedge port, the switch
exchanges a proposal-agreement
handshake to decide the state of
each end of the link. Each switch
assumes that its port should
www.hanoictt.com
become the Designated Port for the

If a designated discarding port does not receive an
segment, and a proposal message
agreement after having sent a proposal, it slowly
(a Configuration BPDU) is sent to
transitions to the x1, falling back to the traditional
the neighbor suggesting this.
802.1D Listening-Learning sequence (remote bridge
does not understand RSTP BPDUs, or if the remote
bridge port is blocking)

CCNA
P SSeem
http://www.cisco.com/warp/public/473/146.html
802.1d vs. 802.1w convergence
www.hanoictt.com
CCNA
P SSeem
New BPDU handling: not relay BPDU, faster

aging of information
A bridge now sends a BPDU with its current information every <hello-time> seconds (2 by
default), even if it does not receive any from the root bridge (not simply relayed anymore).
BPDUs are now used as a keep-alive mechanism between bridges. A bridge considers
that it has lost connectivity to its direct neighboring root or designated bridge if it misses
three BPDUs in a row. ==> quick failure detection, detected even much faster in case
of physical link failures
www.hanoictt.com

CCNA
P SSeem
New BPDU handling: accepting inferior BPDUs

The IEEE 802.1w committee decided to incorporate a backbone fast mechanism into RSTP.
When a bridge receives inferior information from its designated or Root Bridge, it immediately
accepts it and replaces the one previously stored.
E.g. Bridge C still knows the root is alive and well and immediately sends a BPDU to Bridge B
containing information about the root bridge. As a result, Bridge B stops sending its own
BPDUs and accepts the port leading to Bridge C as its new root port.
www.hanoictt.com
CCNA
P SSeem
RSTP topology change mechanism has been

changed
Only non-edge ports moving to the Forwarding state cause a topology change. This means
that a loss of connectivity is not considered as a topology change any more, contrarily to
802.1D (that is, a port moving to blocking does no longer generates a TC)
When a RSTP bridge detects a topology change, the following happens:
It starts the TC While timer with a value equal to twice the hello time for all its non-edge
designated ports and its root port if necessary.
It flushes the MAC addresses associated with all these ports.
Note: As long as the TC While timer is running on a port, the BPDUs sent out of that port
have the TC bit set. BPDUs are also sent on the root port while the timer is active.
www.hanoictt.com

CCNA
P SSeem
RSTP topology change

Topology Change Propagation - when a bridge receives a BPDU with the TC bit
set from a neighbor, the following happens:
It clears the MAC addresses learnt on all its ports except the one that
received the topology change.
It starts the TC While timer and sends BPDUs with TC set on all its
designated ports and root port (RSTP no longer uses the specific TCN
BPDU, unless a legacy bridge needs to be notified).
www.hanoictt.com
CCNA
P SSeem
RSTP topology change

The TC propagation is now a one step process.
In fact, the initiator of the topology change is flooding this information throughout the network (as
opposed to 802.1D where only the root could do so).
This mechanism is much In just a few seconds (a small

faster than the 802.1D multiple of hello times), most
equivalent. There is no need of the entries in the CAM
to wait for the root bridge to tables of the entire network
be notified and then maintain (VLAN) are flushed. This
the topology change state for approach results in potentially
the whole network for <max more temporary flooding, but
age plus forward delay> on the other hand, it clears
seconds. potential stale information
that prevents rapid
connectivity restitution.
www.hanoictt.com

CCNA
P SSeem
Fallback of RSTP
Because RSTP distinguishes its BPDUs from 802.1D BPDUs, it can coexist with
switches still using 802.1D. Each port attempts to operate according to the STP BPDU
that is received.
For example, when an 802.1D BPDU (version 0) is received on a port, that port begins
to operate according to the 802.1D rules. However, each port has a measure that locks
the protocol in use for the duration of the migration delay timer. This keeps the protocol
type from flapping or toggling during a protocol migration. After the timer expires, the
port is free to change protocols if needed.
RSTP detects a neighbor failure in

three Hello intervals (default 6
seconds), vs. the Max Age Timer
www.hanoictt.com
interval (default 20 seconds) for

802.1D.
CCNA
P SSeem
Types of STP
STP modes: PVST (Per-VLAN Spanning Tree), PVST+, and Mono Spanning Tree
Common spanning tree (CST) is specified in the IEEE 802.1Q standard. CST
defines a single instance of Spanning Tree for all VLANs. CST BPDUs are
transmitted over the native VLAN (VLAN 1) as untagged frames no capability
for load balancing.
Per-VLAN spanning tree (PVST) is a Cisco-proprietary implementation requiring ISL
trunk encapsulation. PVST runs a separate instance of STP for each VLAN. Load
balancing is possible over redundant links when the links are assigned to different
VLANs.
www.hanoictt.com

CCNA
P SSeem
PVST pros and cons
Reduces the overall size of the Utilization of switches (such as CPU

spanning tree topology load) to support spanning tree
Improves scalability and decreases maintenance for multiple VLANs
convergence time Utilization of bandwidth on trunk links
Provides faster recovery and better to support BPDUs for each VLAN
reliability
In networks where PVST and CST coexist,

interoperability problems occur.
PVST+ is a Cisco-proprietary STP
Each requires a different trunking method,
mode that allows CST and PVST to
so BPDUs will never be exchanged
www.hanoictt.com
between STP types. exist on the same network.

CCNA
P SSeem
PVST+
PVST+ provides support for 802.1Q trunks and the mapping of multiple spanning trees
to the single spanning tree of non-Cisco 802.1Q switches.
PVST+ is automatically enabled on Catalyst 802.1Q trunks. It runs one instance of

STP per VLAN when Catalyst switches are connected by 802.1Q trunks.
PVST+ is the default Spanning-Tree Protocol used on all Ethernet, Fast Ethernet, and
Gigabit Ethernet port-based VLANs on Catalyst 4000 and 6000 family switches.
O
on n e T
e
(C S S P
ST TP (M
TP
) of ST Mono spanning tree (MST) is the

eS
PV )
on
ST to spanning tree implementation used

to
+ by non-Cisco 802.1Q switches.

ne
O
www.hanoictt.com
One instance of STP is responsible

for all VLAN traffic

CCNA
P SSeem
MISTP Mode, the need of Multiple Spanning Tree

Multiple Spanning Tree (MST) is a new IEEE standard inspired from the Cisco proprietary Multiple
Instances Spanning Tree Protocol (MISTP) implementation
PVST+ Case, 1000 STP

instances for only two 802.1q Case, 1 STP instances
different final logical No load balancing is possible
topologies
www.hanoictt.com
MST Case, 2 STP instances

AND load balancing
CCNA
P SSeem
MISTP Mode
A MISTP instance is a virtual logical topology defined by a set of bridge and port parameters. A MISTP
instance becomes a real topology when VLANs are mapped to it. Each MISTP instance has its own
Root Switch and a different set of forwarding links (that is, different bridge and port parameters). This
Root Switch propagates the information associated with that instance of MISTP to all other switches in
the network.
There is only one BPDU for each MISTP instance, so there is less over-head in the network, a VLAN
can be mapped to only a single MISTP instance.
MISTP discards any PVST+ BPDUs it sees.
MISTP-PVST+ is (Catalyst 4000 and 6000) needed to allow interoperability between PVST+ and
MISTP
www.hanoictt.com

CCNA
P SSeem
MST (802.1s), Multiple Spanning Tree not

Mono Spanning Tree
MST is specified in IEEE 802.1s, an amendment to IEEE 802.1Q. MST extends the IEEE
802.1w rapid spanning tree (RST)
Cisco implementation of MST is backward compatible with 802.1D STP, 802.1w (RSTP), and
the Cisco PVST+ architecture.
802.1w provides the structure on which the 802.1s feature operates
VLANs can be grouped and associate to spanning tree instances
enables load balancing
easier to administer and utilize redundant paths
Consistent VLAN instance assignments on switches
set of bridges with the same MST configuration information
Interconnected bridges that have the same MST configuration are called MST regions
MST, like MISTP, provides interoperability with PVST+ regions
www.hanoictt.com
CCNA
P SSeem
Load balancing
Using load sharing, traffic can be divided between the links according
to which VLAN the traffic belongs.
Load sharing can be configured on trunk ports by using STP port
priorities or STP path costs.
For load sharing using STP port priorities, both load-sharing links
must be connected to the same switch. For load sharing using STP
path costs, each load-sharing link can be connected to the same
switch or to two different switches.
www.hanoictt.com

CCNA
P SSeem
Load Sharing Using STP Port Priorities

Switch_1# configure terminal
Switch_1(config-if)# interface fa0/1
Switch_1(config-if)# spanning-tree vlan 8 9 10 port-priority 10
Switch_1(config-if)# end
Switch_1(config)# interface fa0/2
Switch_1(config-if)# spanning-tree vlan 3 4 5 6 port-priority 10
Switch_1# show running-config
interface FastEthernet0/1
switchport mode trunk
spanning-tree vlan 8 priority 10
!
www.hanoictt.com

!
CCNA
P SSeem
Load Sharing Using STP Path Cost

http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/c2900sa4/sa4sc/masctrnk.htm#xtocid180495
Switch_1(config-if)# spanning-tree vlan 2 3 4 cost 30
Switch_1(config-if)# end

Switch_1(config-if)# spanning-tree vlan 8 9 10 cost 30
Switch_1# show running-config

spanning-tree vlan 2 cost 30
www.hanoictt.com
!
!

CCNA
P SSeem
Switch port tuning using BPDU guard

The BPDU guard feature was developed to further protect the integrity of switch ports that have
PortFast enabled. If any BPDU (whether superior to the current Root or not) is received on a port where
BPDU guard is enabled, that port is immediately put into the errdisable state. The port is shutdown in
an error condition and must either be manually re-enabled or automatically recovered through the
errdisable timeout function.
Switch# configure terminal

Switch(config)# spanning-tree portfast bpduguard Expected
1 2
Switch(config)# end root
Switch# show spanning-tree summary totals

Root bridge for: none.
PortFast BPDU Guard is enabled
Etherchannel misconfiguration guard is enabled
New root
UplinkFast is disabled
unexpected
www.hanoictt.com
BackboneFast is disabled
Default pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
-------------------- -------- --------- -------- ---------- ----------
34 VLANs 0 0 0 36 36
CCNA
P SSeem
Switch port tuning using root guard

Root guard is configured on a per-port basis, and does not allow the port to become a STP root port.
This means that the port is always STP-designated, and if there is a better BPDU received on this port,
BPDU guard disables the port, rather than taking the BPDU into account and electing a new STP root.
The port will be put in a special STP state (root-inconsistent), which is effectively the same as the
listening state. No traffic will pass through the port in this state. When the superior BPDUs are no
longer received, the port will be unblocked again and will go, via STP, into states of listening, learning,
and eventually transition to Forwarding state. Recovery is automatic, no human intervention is required.
Note: Even the root bridge priority is zero, there is still no guarantee, as there might be a bridge with
priority zero and a lower bridge ID.
1 2
Expected
root
Switch(config-if)# spanning-tree guard root

www.hanoictt.com
New root
unexpected

CCNA
P SSeem
Enough ?
Practice please !!!

www.hanoictt.com
CCNA
P SSeem
Default STP (PVST/PVST+) configuration settings

www.hanoictt.com

CCNA
P SSeem
Enabling and disabling STP, change root Bridge

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_12/config/spantree.htm#93252
The root switch for each spanning-tree

instance should be a backbone or
distribution switch
diameter adjusts automatically an
optimal hello time, forward-delay
time, and maximum-age time. The
hello keyword can be used to override
this value manually
To return the switch to default setting:
config# no spanning-tree vlan vlan-
id root
Optional:
www.hanoictt.com
spanning-tree vlan vlan-id hello-

time
spanning-tree vlan vlan-id forward-
time
spanning-tree vlan vlan-id max-age
CCNA
P SSeem
Enabling and disabling STP, change root Bridge

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_12/config/spantree.htm#93252
Directly modify the Bridge Priority:
Switch (config)# spanning-tree vlan vlan-id priority bridge-priority
Let the switch become the Root by automatically choosing a Bridge Priority value:
Switch(config)# spanning-tree vlan vlan-id root {primary | secondary} [diameter
diameter]
NOTE The spanning-tree vlan vlan-id root is actually a macro executing other switch commands. The
actual commands and values produced by the macro will be shown, however. For example, the
macro can potentially adjust the four STP values as follows:
Switch(config)#spanning-tree vlan 1 root primary
vlan 1 bridge priority set to 24576 Better
vlan 1 bridge max aging time unchanged at 20
www.hanoictt.com
vlan 1 bridge hello time unchanged at 2

vlan 1 bridge forward delay unchanged at 15
Be aware that this macro doesnt guarantee that the switch will become the Root and maintain
that status.

CCNA
P SSeem
Setting the priority for ports and VLANs

To return the interface to its default
setting, use the no spanning-tree [vlan
vlan-id] port-priority interface
configuration command.
EL
SL
www.hanoictt.com
CCNA
P SSeem
Setting the port cost
To return the interface to its default

setting, use the no spanning-tree [vlan
vlan-id] cost interface configuration
command.
EL
SL
www.hanoictt.com

CCNA
P SSeem
Configuring switch priority of a VLAN

To return the switch to its default setting, use the no spanning-tree vlan vlan-id
priority global configuration command.
For most situations, using the spanning-tree vlan vlan-id root primary and the
spanning-tree vlan vlan-id root secondary global configuration commands
www.hanoictt.com
CCNA
P SSeem
Configuring PortFast
When the voice VLAN feature is enabled, the PortFast feature is automatically enabled.
When voice VLAN is disabled, the PortFast feature is not automatically disabled.
Enable this feature if the switch is running PVST or MSTP. The MSTP is available only if
the EI is installed on the switch.
www.hanoictt.com

CCNA
P SSeem
Configuring UplinkFast
UplinkFast RSTP = Cisco uplink fast
proprietary spanning tree extension.
The 802.1w topology change mechanism
clears the appropriate entries in the
Content Addressable Memory (CAM)
tables of the upstream bridges, no need of
dummy multicast generation
UplinkFast cannot be enabled on VLANs
that have been configured for switch
priority, we must first restore the switch
Restore back
priority on the VLAN to the default value
no spanning-tree uplinkfast max-update-rate
by using the no spanning-tree vlan vlan-
no spanning-tree uplinkfast id priority global configuration command.
When UplinkFast is enabled, it affects all

VLANs on the switch. UplinkFast cannot
www.hanoictt.com
be configured on an individual VLAN.

Detail in curriculum
The UplinkFast feature is supported only
when the switch is running PVST
CCNA
P SSeem
Configuring BackboneFast
The BackboneFast feature is supported
only when the switch is running PVST
Must be enabled it on all switches in the
network (supported with other vendors)
www.hanoictt.com

CCNA
P SSeem
Configuring BPDU guard

BPDU guard is enabled globally on ports
that are Port Fast-enabled, spanning tree
shuts down Port Fast-enabled ports that
receive BPDUs (puts the port in the error-
disabled state - must be manually
restore)
The BPDU guard feature can be enabled

if the switch is running PVST or MSTP.
spanning-tree bpduguard enable interface The MSTP is available only if the EI is
Configuration command to enable BPDU guard on installed on the switch.
any port without also enabling the Port Fast feature
www.hanoictt.com
CCNA
P SSeem
Configuring root guard

Root guard enabled on an interface applies
to all the VLANs to which the interface
belongs
This feature can be enabled if the switch is

running PVST or MSTP. The MSTP feature
is available only if the EI installed on the
Do not enable the root guard on interfaces switch.
to be used by the UplinkFast feature
Root guard and loop guard cannot

both be enabled at the same time
www.hanoictt.com

CCNA
P SSeem
Verifying STP, RSTP, and MTSP configuration

www.hanoictt.com
CCNA
P SSeem
RSTP and MST Configuration

www.hanoictt.com

CCNA
P SSeem
Default RSTP and MSTP configuration

The switch uses the default settings of PVST/PVST+. By default RSTP/MST are not enabled
www.hanoictt.com
CCNA
P SSeem
RSTP and MSTP configuration guidelines

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111yj4/lrescg/swmstp.htm
MST is enabled using the spanning-tree mode mst global configuration command,
RSTP is enabled but Per-VLAN RSTP is not supported (PVRST)
Only one version can be active at any time (PVST, PVST+, MSTP)
VTP doesnt work with MST. Manually configure the MST configuration (region
name, revision number, and VLAN-to-instance mapping) on each switch using CLI or
SNMP
For load balancing across redundant paths, all VLAN-to-instance mapping
assignments must match. Otherwise, all traffic flows on a single link
Should not partition the network into a large number of regions if this situation is
unavoidable, the switched LAN be partitioned into smaller LANs interconnected by
routers or non-Layer 2 devices
www.hanoictt.com
It may be necessary to manually configure the switches (IST master, PVST+ , MST
regions )

CCNA
P SSeem
Enabling RSTP & MSTP

In one MST region,
switches must have the
same VLAN-to-instance
mapping, the same
configuration revision
number, and the same
name.
A region can have one
member or multiple
members
Each member must be
capable of processing
RSTP BPDUs.
There is no limit to the
number of MST regions in a
network, but each region
can support up to 16
www.hanoictt.com
spanning tree instances.

A VLAN can be assigned to
only one spanning tree
instance at a time.
CCNA
P SSeem
Example
Remove config.
no spanning-tree mst configuration
no instance instance-id [vlan vlan-
range]
no name
To re-enable PVST, use the no
spanning-tree mode or the
www.hanoictt.com
spanning-tree mode pvst global


CCNA
P SSeem
Configuring the MST root switch
The switch with the lowest bridge ID

(priority + MAC) becomes the root switch
for the group of VLANs
Config# spanning-tree mst instance-id
root cause priority from the default value
(32768) to 24576. If any root switch for the
specified instance has a switch priority
lower than 24576, the switch sets its own
priority to 4096 less than the lowest switch
priority.
Optional: (config. Mode)
spanning-tree mst hello-time
spanning-tree mst forward-time
www.hanoictt.com
spanning-tree mst max-age

Same concept of normal STP Restore default setting, use the no
spanning-tree mst instance-id root
CCNA
P SSeem
Configuring MST switch priority

Should use (Marco command) spanning-tree mst instance-id root primary ,
spanning-tree mst instance-id root secondary global configuration commands to
modify the switch priority
To return the switch to its default setting, use the no spanning-tree mst instance-id
priority global configuration command.
www.hanoictt.com

CCNA
P SSeem
Configuring MST path cost

Assign lower cost values to interfaces that the network administrator wants selected first and higher cost
values to interfaces that the administrator wants selected last
The show spanning-tree mst interface interface-id privileged EXEC command displays information
only for ports that are in a link-up operative state. Otherwise, use the show running-config privileged
EXEC command to confirm the configuration.
To return the interface to its default setting, use the no spanning-tree mst instance-id cost interface
www.hanoictt.com
CCNA
P SSeem
Configuring MST port priority

The show spanning-tree mst interface interface-id privileged EXEC command displays information
only if the port is in a link-up operative state. Use the show running-config interface privileged
EXEC command to confirm the configuration.
To return the interface to its default setting, use the no spanning-tree mst instance-id port-priority
interface configuration command.
www.hanoictt.com

CCNA
P SSeem
Configuring maximum hop count

To return the switch to its default setting, use the no spanning-tree mst max-hops global
www.hanoictt.com
CCNA
P SSeem
EtherChannel
www.hanoictt.com

CCNA
P SSeem
EtherChannel background
EtherChannel is a Cisco-proprietary, "resiliency" with disaster link, hardware.
Standard EtherChannel (2-8 links)
Fast EtherChannel (FEC) (2-8 links) Depends on platform &
Gigabit EtherChannel (GEC) (2-8 links) IOS
10-Gigabit EtherChannel (2-8 links)
Ethernet trunks frequently go with EtherChannel links
All ports in each EtherChannel must be the same speed
www.hanoictt.com
CCNA
P SSeem
Benefits of EtherChannel
Transparent to networked applications
Operates as either an access link or trunk link
Load balancing transparently across multiple links
Automatic recovery for loss of a link
www.hanoictt.com

CCNA
P SSeem
Frame distribution
EtherChannel frame distribution uses a Cisco-proprietary hashing algorithm. The
algorithm is deterministic; if you use the same addresses and session
information, you always hash to the same port in the channel. This method
prevents out-of-order packet delivery.
Distribution based on source only (MAC, IP, or port), destination only (MAC, IP,
or port), or both source and destination (MAC, IP, or port)
destination
source
destination
source
IP IP
www.hanoictt.com
MAC MAC
port port
hash hash
CCNA
P SSeem
EtherChannel methods
www.hanoictt.com

CCNA
P SSeem
Port Aggregation Protocol (PAgP)

Port Aggregation Protocol (PAgP) is a
Cisco-proprietary
Automatic creation of EtherChannels by
exchanging packets
Dynamically groups similarly configured
interfaces into a single logical link based
on hardware, administrative, and port.
(E.g., PAgP groups the interfaces with
the same speed, duplex mode, native
VLAN, VLAN range, and trunking
status/type into an Ether-Channel, then
PAgP adds the group to the spanning
allow ports to tree as a single switch port).
negotiate with
connected
www.hanoictt.com
ports
By default, ports are in auto-

silent mode
CCNA
P SSeem
Etherchannel modes
www.hanoictt.com

CCNA
P SSeem
Link Aggregation Control Protocol (LACP), IEEE 802.3ad

Open-standard equivalent to PAgP
Both Cisco & other can form
Etherchannel
LACP tries to configure the maximum
number of compatible ports in a channel,
up to the maximum allowed by the
hardware (eight ports for Catalyst
switches).
If LACP cannot aggregate all the ports
that are compatible, these ports that
cannot be actively included in the channel
are put in hot standby state and are used
only if one of the channeled ports fails.
www.hanoictt.com
By default, ports are in

passive negotiating state
CCNA
P SSeem
Modifying port cost for EtherChannel groups

The STP Port Cost is updated based on the current Port Costs of the channeling ports.
If channel Port Cost is specified, the Port Costs of member ports in the channel are modified to
reflect the new cost (This enables load balancing of VLAN traffic across multiple channels
configured with trunking, because some VLANs in the channel have Port VLAN Cost values and the
others have Port Cost values)
This might not sound useful (or meaningful), but this allows, as an example, the configuration of
VLAN traffic to load-balance between one EtherChannel connected to one core switch and another
EtherChannel connected to another core switch.
www.hanoictt.com

CCNA
P SSeem
EtherChannel configuration guidelines

Assign all ports in an EtherChannel to the same VLAN, or configure them as trunk ports (same
trunk mode, same allowed range of VLANs)
Do not configure the ports in an EtherChannel as dynamic VLAN ports
If a broadcast limit is configured on the ports, configure the broadcast limit as a percentage limit
for the channeled ports (unicast packets might get dropped for 1s when the broadcast limit is
exceeded )
An EtherChannel will not form with ports that have the port security feature enabled
If IGMP multicast filtering is using one port in an EtherChannel, set the EtherChannel mode for
both PAgP and LACP to off.
An EtherChannel will not form if one of the ports is a Switched Port Analyzer (SPAN) destination
port
Each EtherChannel can have up to eight compatibly configured Ethernet interfaces (same
speed and duplex modes)
Enable all interfaces in an EtherChannel (no shutdown)
www.hanoictt.com
It is preferable to set STP port costs to be equal for all ports in an EtherChannel (different STP
Port Costs can form an EtherChannel as long as they are compatible )
CCNA
P SSeem
Which ports can be used when configuring an

EtherChannel
Catalyst 4000 and 6000 allow use of an even or odd number of links in the
EtherChannel. The ports do not have to be contiguous or even on the same line
card, these features are not available on all Catalyst hardware.
Older Catalyst switches use an Ethernet Bundle Controller (EBC) to manage
aggregated EtherChannel ports
..
Check the hardware documentation before attempting to
create EtherChannel bundles
See example in the curriculum !!!
www.hanoictt.com

CCNA
P SSeem
Configuring Fast EtherChannel

On each of the participating interfaces (up to
eight), enter the command channel-group
channel-group-number mode{auto [non-
silent] | desirable [non-silent] | on}. (remove
by no channel-group )
To verify: use the command show
etherchannel [channel-group-number] {brief |
detail | load-balance| port | port-channel |
summary}.
To specify the technique for load balancing
(frame distribution) among links comprising an
EtherChannel, use the command port-
channel load-balance {dst-mac | src-mac}
Verify the configuration with the command
show etherchannel load-balance.
www.hanoictt.com
To view PAgP status information, use the

command show pagp [channel-group-
number] {counters | internal | neighbor.
CCNA
P SSeem
Hands-on Lab Exercises
View the lab notes first !!!

Do E-lab
Practice actual lab
www.hanoictt.com

CCNA
P SSeem
www.hanoictt.com
CCNA
P SSeem
Guidelines for Applying STP Protection Features
Root guard: Apply to ports where root is

never expected.
BPDU guard: Apply to all user ports where
PortFast is enabled.
Loop guard: Apply to nondesignated ports;
but okay to apply to all ports.
UDLD: Apply to all fiber optic links between
switches (must be enabled on both ends).
Permissible Combinations on a Switch port:

Loop guard and UDLD
Root guard and UDLD
Not permissible on a switch port:
www.hanoictt.com
Root guard and Loop guard

Root guard and BPDU guard

Module 3 - Spanning-Tree Protocol PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Module 3 - Spanning-Tree Protocol PDF

Загружено:

Авторское право:

Доступные форматы

HANOICTT NETWORKING ACADEMY

HANOICTT NETWORKING ACADEMY

HANOICTT NETWORKING ACADEMY

Flooded unicast frames, Bridge-table corruption

HANOICTT NETWORKING ACADEMY

Spanning-Tree Protocol Operation (IEEE 802.1D)

STP executes an algorithm called STA.

STP Concepts: Bridge ID

Bridge ID (BID) is used to identify each bridge/switch.

Lowest Bridge ID is the root.

HANOICTT NETWORKING ACADEMY

STP Concepts: Path Cost

This will be used in the STP development of a loop-free topology .

Originally, 802.1d defined cost as 1000/bandwidth of the link in Mbps, cost of

Dont change path cost if youre not sure

STP Concepts: Port ID

HANOICTT NETWORKING ACADEMY

Four-Step STP Decision Sequence

STP decisions and BPDU exchanges

Only the lowest value BPDU is saved.

HANOICTT NETWORKING ACADEMY

STP decisions and BPDU exchanges

As the Root Path

Three steps of STP convergence

The STP algorithm uses three simple steps to

Step 1 Elect one Root Bridge

HANOICTT NETWORKING ACADEMY

Our Sample Topology

HANOICTT NETWORKING ACADEMY

HANOICTT NETWORKING ACADEMY

Bridge Priority/ID: 0x8000/ 00:D0:C0:F5:18:C0

HANOICTT NETWORKING ACADEMY

HANOICTT NETWORKING ACADEMY

Cat-A sends out BPDUs, containing a Root Path Cost of 0.

HANOICTT NETWORKING ACADEMY

The costs increment Cat-A

on a port, not as they Cost=0 Cost=0

are sent out of the port

BPDU BPDU Root Port

Each segment in a bridged network has one Designated Port, chosen

HANOICTT NETWORKING ACADEMY

Root Path Cost = 19 Root Path Cost = 19

Root Path Cost = 19 Root Path Cost = 19

HANOICTT NETWORKING ACADEMY

Root Path Cost = 19 Root Path Cost = 19

Root Path Cost = 19

Cat-B 32,768.CC-CC-CC-CC-CC-CC Cat-C

HANOICTT NETWORKING ACADEMY

Assume path cost and port

switch goes to the port priority as a tiebreaker.

Step 3 - Lowest Sender BID

HANOICTT NETWORKING ACADEMY

Spanning-Tree Port States

HANOICTT NETWORKING ACADEMY

Spanning-Tree Port States

Spanning-Tree Port States

HANOICTT NETWORKING ACADEMY

Spanning-Tree Port States

Designated Ports & Root Ports

Spanning-Tree Port States

HANOICTT NETWORKING ACADEMY

Spanning-Tree Port States

The port can send and receive user data.