Cisco Basics: Spanning Tree

Spanning Tree is a network protocol designed to prevent network loops. A loop exists at Layer 2 of the OSI model where there are multiple paths between any two devices. If you draw out a network diagram consisting of multiple switches, and can connect any two devices in more than one way there is potentially a loop in your network.

Loops cause problems when it comes to broadcast traffic. When a device sends a broadcast frame a switch will see it and forward the frame out of all ports except the one it received it on. With loops in the network this means that the frame will be broadcast indefinitely, as a switch will see the frame more than once.

Spanning Tree was introduced to prevent switching loops, but also allows for some redundancy in the design of a network. Spanning Tree will have a view of a network and calculates the most efficient paths between switches. Should a connection between switches fail a spare path that would have previously created a loop will become available in around a minute.

Traditionally when you plug a switch into a network it will immediately begin forwarding data, with spanning tree a device first waits to receive special frames known as BPDU’s. Each switch port will go through a series of states whilst waiting for these frames.

BPDU’s

Bridge Protocol Data Units (BDPU’s) are broadcast frames that each switch operating spanning tree sends out of all ports every 2 seconds. The broadcast frame is sent with a source MAC address of the port it gets sent from, if the switch receives the broadcast message back through a different port it immediately knows there’s a loop in the network. Based on whether BPDU’s are received or not will effect what happens next, but either way a port will progress through four states:

  • Blocking
    The port is only listening out for BPDU frames and does not pass data. After 20 seconds the port changes to the Listening state
  • Listening
    The port still wont pass data, but will process BPDU’s it receives and may return to the Blocking state if a loop is detected. After 15 seconds the port changes to the Learning state
  • Learning
    The port still wont pass data, but populates its address table with MAC addresses. After 15 seconds the port changes to the Forwarding state
  • Forwarding
    The port now passes data, but still listens for BPDUs to indicate it should shut down.

Root Bridge

For Spanning Tree to be able to understand the topology a core device must be determined, this is called the root bridge. The root bridge is set by specifying a lower priority than other switches in the network.

Once the root is known, ports are considered to be one of three types:

  • Root Ports
    A port that leads directly to the root bridge
  • Designated Ports
    A port on a switch that leads from the root to bridge to the edge of the network. The root bridge will have all its ports as designated ports, since they all lead to the edge of the network
  • Alternative Ports
    A path that leads to the root bridge, but does not directly connect to it.

Root ports are determined based on their cost, which is based on the port speed. The higher the speed, the lower the cost. The cost is added up for each link until the root bridge is reached. The lowest cost is the one that is used as the path to the root bridge.

Types of Spanning Tree

Since its conception in 1990, spanning tree has undergone a series of improvements and revisions. The default on Cisco devices is PVST+, however there are alternatives to support differing root bridge’s per VLAN and to speed up operation:

  • Rapid STP
    Provides faster convergence after a link failure by reducing the port states (no more listening state).
  • Per-VLAN STP
    A Cisco proprietary protocol that runs a seperate spanning tree for each VLAN. Unfortunately it only works with Cisco’s own VLAN encapsulation method, ISL. Sometime later Cisco revised the protocol with support for the IEEE standard for VLAN encapsulation (802.1Q) and named it PVST+. PVST+ is now the default Spanning Tree operation mode for Cisco switches.
  • Rapid Per-VLAN STP
    Another Cisco proprietary spanning tree operation mode that combines PVST+ with the benefits of Rapid Spanning Tree, providing STP per VLAN with rapid convergence.

Configuring spanning tree

You’ll want to use either PVST+ or rapid PVST as your spanning tree type. In the following examples we’re going to setup Rapid-PVST. The first thing to do is let our devices know the type of spanning tree we’ll be using:

Switch(config)#spanning-tree mode rapid-pvst

Next, we need to specify one switch as the root bridge on a per-vlan basis:

Switch(config)# spanning-tree vlan 10 priority 24576
Switch(config)# spanning-tree vlan 20 priority 24576

With spanning tree now configured we can verify its operation with the “show spanning-tree” command:

Switch#sh spanning-tree 
VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    24577
             Address     0040.0BA3.683D
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24577  (priority 24576 sys-id-ext 1)
             Address     0040.0BA3.683D
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/24           Desg FWD 19        128.24   P2p
Gi0/1            Desg FWD 4         128.25   P2p
Gi0/2            Desg FWD 4         128.26   P2p
Fa0/1            Desg FWD 19        128.1    P2p

This tells us that the current device is the root bridge for VLAN 1, and the costs of each port along side the status. Since this is the root bridge, all ports will be Designated

Ports. If we run the same command on an access switch on the egde of our network, we see the following:

SwitchA#sh spanning-tree
VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    24577
             Address     0040.0BA3.683D
             Cost        23
             Port        1(FastEthernet0/1)
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0001.6492.D639
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1            Altn FWD 19        128.1    P2p
Fa0/2            Altn BLK 19        128.2    P2p
Fa0/3            Desg FWD 19        128.3    P2p

Here we can see that this switch is some way from the root bridge, as no ports are root ports. There are two paths to the root so we have two Alternative ports. One is in blocking mode and the other is forwarding, making Fa0/1 the port that takes us to our root bridge.

And that’s about it for the basics of STP.

Published by

Dave Hope

Dave is a Principal Software Analyst for a UK based retirement developer, in his spare time he enjoys digital photography and rock climbing.

Leave a Reply

Your email address will not be published. Required fields are marked *