Spanning Tree Protocol (STP) Fundamentals

Spanning Tree Protocol is a Layer 2 control plane protocol used to prevent

bridging loops in a redundant LAN topology..

STP has had several interations over the years:

• STP (802.1D) - Original STP implementation

• PVST+ - Cisco improvement of STP adding a per VLAN feature
• RSTP (802.1w) - Improved STP with faster convergence
• Rapid PVST+ - Cisco improvement of RSTP adding the per VLAN feature
As we're simply talking about fundamentals today, we'll stick with 802.1D as we
discuss the fundamentals.

What is the use case for Spanning Tree Protocol?

Switches have specific behaviors when receiving broadcast or unknown unicast
messages. If a destination MAC address is unknown, a switch will flood the frame
out of every port in that VLAN, except the port on which the frame was received.

There are three problems that STP can try to solve for the network:

• Broadcast Storms - Layer 2 frames have no TTL type mechanism to prevent

frames from being forwarded endlessly around a network. In the case of
broadcast frames, these are typically sent repeatedly by a device or
application, eventually resulting in a broadcast storm as more and more
packets are generated and looped around the network.
• MAC Address Table Stability - A switch will also add the source MAC
address for a given frame to its MAC Address Table, along with the interface
on which it was received. During a broadcast storm, a switch is likely to see
the same MAC address on multiple ports , due to the nature of a bridging loop.
This also results in Unstable MAC Address Tables, as the same source MAC
address is seen on multiple ports as packets are looped around a redundant
network without STP.
• Duplicate Frames - Frames that are flooded in a non -STP enabled network
may be delivered multiple times to the same destination. Duplicate frames
need to be processed by the network, and by the host receiving the
duplicates.
STP works by logically blocking an interface in a redundant network segment to
avoid broadcast storms, prevent unstable MAC address tables, and minimise
prevent duplicate frames on the network.
How does Spanning Tree Protocol work?
Spanning Tree Protocol needs to assign some roles and states to interfaces and
switches themselves in the topology, so that it can achieve the goals described
previously. It needs to decide which ports roles and states to assign, and it also
needs to elect a Root Bridge.

How does STP decide which ports to block?

There are several steps in the process of blocking a port for STP purposes, as
follows:

1. Elect a Root Bridge

2. Place all Root interfaces into a Forwarding State
3. All non-root switches select a Root Port
4. All non-root switches select a Designated Port
5. All other ports are put into a Blocking State
What are the STP Port Roles and Port States?
STP Port Roles define the Roles of the ports:

• Root Port - The best port to reach the Root Bridge.

• Designated Port - Ports with the best cost to the Root Bridge on any other
link.
• Non-Designated Port - All other ports are non-designated and therefore
put into a blocking state.
Every port in an STP domain needs to have one of these Roles.

STP Port States define the State of the port:

• Disabled - A port that is shutdown

• Blocking - A port that is blocking traffic
• Listening - A port that is not forwarding traffic and not learning MAC
addresses
• Learning - A port that is not forwarding, but is learning MAC addresses
• Forwarding - A port that is sending and receiving traffic
Every port in an STP domain will adopt one of these States as part of STP
convergence. The port may transition through these states depending on a
topology change.

Spanning Tree Election Process

With any spanning tree domain, all of the switches need to agree one who is the
Root Bridge (and who isn't). there are 5 steps to this which are shown below.

STEP 1 - Elect a Root Bridge

Each switch sends Bridge Protocol Data Units (BPDUs) when communicating
with the network.
A BPDU contains the following information:

• Root Cost - The STP cost to the Root Bridge

• Root Bridge ID - The BID of the Root Bridge according to the local
Bridge Local Bridge ID - The BID of the local Bridge itself
A Bridge ID consists of two parts:

• STP Priority - By default 32768 + the VLAN ID

• Bridge MAC Address - The MAC Address of the Bridge itself
The Root Bridge by default will be the Bridge with the Lowest BID in the
Spanning Tree domain (i.e. per VLAN). All switches begin by listing themselves as
the root bridge. When a BPDUs is received by a switch which contains a LOWER
BID, that switch then updates its BPDU to list the better Root Bridge ID of the
BPDU it received, instead of itself.
As all switches learn about each other, they all agree on the same Root Bridge,
which is duly elected.

STEP 2 - All Root Bridge interfaces are placed into a Forwarding State
No ports are blocked or disabled on the Root Bridge. All ports are assigned the
Designated Port role.

You can identify the Root Bridge in an STP doma in by inspecting the state of the
ports - if all ports are forwarding, this is the Root Bridge.

STEP 3 - All non-root switches select a best path to the Root Bridge
The best path to the Root Bridge is defined as the port with the lowest Cost. Costs
have been updated over the years to accommodate faster interfaces:
Port Costs - The STP Cost for a Port, based on the Port Speed:
• 10MBps - 100 or 2000000
• 100MBps - 19 or 200000
• 1Gbps - 4 or 20000
• 10Gbps - 2 or 2000
• 100Gbps - n/a or 200
• 1 Tbps - n/a or 20
The STP Cost is calculated as the cumulative cost of each outgoing port from a
given bridge to the Root Bridge. Let's detail a brief example:
• A Root Bridge has a Cost of 0
• A Non-Root Bridge attached to a Root Bridge with a 1Gbps interface would
be calculated as 0 + interface cost of 4 - meaning Cost to the Root is 4.
 • Another Non-Root Bridge attached to the same Root Bridge with a 1Gbps
interface would be calculated as 0 + interface cost of 4 - meaning Cost to the
Root is also 4.
• Both Non-Root Bridges (attached to each other and the Root Bridge in a
triangle topology) send their Cost to each other. Both calculate 4 + 4 = 8 to
reach the Root Bridge through each other instead of directly.
• Both Non-Root Bridges then select the Port with the LOWEST COST as
their Root Port.
But wait, the costs are the same? Well, in scenarios where th e Root Cost is the
same on multiple ports (i.e. duplicate links between two switches or manually
costs assigned), STP uses tie-breakers to decide which port should be used, in this
order:

• Lowest Neighbour BID - The advertised BID from the neighbour, then;
• Lowest Neighbour Port Priority - The Priority of the neighbour interface
itself, then;
• Lowest Neighbour Port Number - Port Number of the neighbour interface
itself
The winner of these tiebreakers, if needed, are assigned the Root Port role.

STEP 4 - All non-Root Bridges select a Designated Port

Designated Ports are the ports on each link/segment with the lowest Path Cost
to the Root Bridge, which is also not a Root Port. Ports that are not Root Ports will
go through a similar process to decide which port should be assigned the
Designated Port Role, with similar tie -breakers:
• Lowest Root Cost to the Bridge - then;
• Lowest Neighbour BID - The advertised BID from the neighbour, then;
• Lowest Neighbour Port Priority - The Priority of the neighbour interface
itself, then;
• Lowest Neighbour Port Number - Port Number of the neighbour interface
itself
The port that wins this tie-breaker is assigned the Designated Port role.

STEP 5 - All other ports are put into a blocking state

Any Non-Root Port or Non-Designated Ports are put into a Blocking State. This
completes the STP Root Bridge election process. We have determined a Root
BRidge, and we have determined which port roles and states each interface in the
STP domain should use

What are the different STP Convergence Times?

Legacy networks with older STP implementations had longer convergence times,
which were not major issues as the use case for the network was simpler.
Now, with collaboration tools, voice, video and other crit ical apps running on
networks, downtime of only a few seconds is enough to cause problems.

Legacy STP (802.1D) has several timers:

• Hello BPDU - (2 seconds) - Hello messages are sent every 2 seconds by
default, as a keepalive.
• MaxAge - 10 x Hello Timer (20 seconds) - This is the amount of time an STP
process will wait before responding to a potential outage.
• Forward Delay - (15 seconds) - This is the time the port is held in both the
Listening and Learning states.
Rapid STP (802.1w) has several timers:
• Hello BPDU - (2 seconds) - Hello messages are sent every 2 seconds by
default, as a keepalive.
• MaxAge - 3x Hello Timer (6 seconds) - This is the amount of time an STP
process will wait before responding to a potential outage.