Spanning Tree is a network protocol designed to prevent network loops. A loop exists at Layer 2 of the OSI model where there are multiple paths between any two devices. If you draw out a network diagram consisting of multiple switches, and can connect any two devices in more than one way there is potentially a loop in your network.
Loops cause problems when it comes to broadcast traffic. When a device sends a broadcast frame a switch will see it and forward the frame out of all ports except the one it received it on. With loops in the network this means that the frame will be broadcast indefinitely, as a switch will see the frame more than once.
Spanning Tree was introduced to prevent switching loops, but also allows for some redundancy in the design of a network. Spanning Tree will have a view of a network and calculates the most efficient paths between switches. Should a connection between switches fail a spare path that would have previously created a loop will become available in around a minute.
Traditionally when you plug a switch into a network it will immediately begin forwarding data, with spanning tree a device first waits to receive special frames known as BPDU’s. Each switch port will go through a series of states whilst waiting for these frames.
Bridge Protocol Data Units (BDPU’s) are broadcast frames that each switch operating spanning tree sends out of all ports every 2 seconds. The broadcast frame is sent with a source MAC address of the port it gets sent from, if the switch receives the broadcast message back through a different port it immediately knows there’s a loop in the network. Based on whether BPDU’s are received or not will effect what happens next, but either way a port will progress through four states:
The port is only listening out for BPDU frames and does not pass data. After 20 seconds the port changes to the Listening state
The port still wont pass data, but will process BPDU’s it receives and may return to the Blocking state if a loop is detected. After 15 seconds the port changes to the Learning state
The port still wont pass data, but populates its address table with MAC addresses. After 15 seconds the port changes to the Forwarding state
The port now passes data, but still listens for BPDUs to indicate it should shut down.
For Spanning Tree to be able to understand the topology a core device must be determined, this is called the root bridge. The root bridge is set by specifying a lower priority than other switches in the network.
Once the root is known, ports are considered to be one of three types:
- Root Ports
A port that leads directly to the root bridge
- Designated Ports
A port on a switch that leads from the root to bridge to the edge of the network. The root bridge will have all its ports as designated ports, since they all lead to the edge of the network
- Alternative Ports
A path that leads to the root bridge, but does not directly connect to it.
Root ports are determined based on their cost, which is based on the port speed. The higher the speed, the lower the cost. The cost is added up for each link until the root bridge is reached. The lowest cost is the one that is used as the path to the root bridge.
Types of Spanning Tree
Since its conception in 1990, spanning tree has undergone a series of improvements and revisions. The default on Cisco devices is PVST+, however there are alternatives to support differing root bridge’s per VLAN and to speed up operation:
- Rapid STP
Provides faster convergence after a link failure by reducing the port states (no more listening state).
- Per-VLAN STP
A Cisco proprietary protocol that runs a seperate spanning tree for each VLAN. Unfortunately it only works with Cisco’s own VLAN encapsulation method, ISL. Sometime later Cisco revised the protocol with support for the IEEE standard for VLAN encapsulation (802.1Q) and named it PVST+. PVST+ is now the default Spanning Tree operation mode for Cisco switches.
- Rapid Per-VLAN STP
Another Cisco proprietary spanning tree operation mode that combines PVST+ with the benefits of Rapid Spanning Tree, providing STP per VLAN with rapid convergence.
Configuring spanning tree
You’ll want to use either PVST+ or rapid PVST as your spanning tree type. In the following examples we’re going to setup Rapid-PVST. The first thing to do is let our devices know the type of spanning tree we’ll be using:
Switch(config)#spanning-tree mode rapid-pvst
Next, we need to specify one switch as the root bridge on a per-vlan basis:
Switch(config)# spanning-tree vlan 10 priority 24576 Switch(config)# spanning-tree vlan 20 priority 24576
With spanning tree now configured we can verify its operation with the “show spanning-tree” command:
Switch#sh spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 0040.0BA3.683D This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 24577 (priority 24576 sys-id-ext 1) Address 0040.0BA3.683D Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/24 Desg FWD 19 128.24 P2p Gi0/1 Desg FWD 4 128.25 P2p Gi0/2 Desg FWD 4 128.26 P2p Fa0/1 Desg FWD 19 128.1 P2p
This tells us that the current device is the root bridge for VLAN 1, and the costs of each port along side the status. Since this is the root bridge, all ports will be Designated
Ports. If we run the same command on an access switch on the egde of our network, we see the following:
SwitchA#sh spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 0040.0BA3.683D Cost 23 Port 1(FastEthernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0001.6492.D639 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Altn FWD 19 128.1 P2p Fa0/2 Altn BLK 19 128.2 P2p Fa0/3 Desg FWD 19 128.3 P2p
Here we can see that this switch is some way from the root bridge, as no ports are root ports. There are two paths to the root so we have two Alternative ports. One is in blocking mode and the other is forwarding, making Fa0/1 the port that takes us to our root bridge.
And that’s about it for the basics of STP.