Module 5: STP Concepts

Instructor Materials

Switching, Routing and Wireless

Essentials v7.0 (SRWE)
5.1 Purpose of STP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Purpose of STP
Redundancy in Layer 2 Switched Networks
• This topic covers the causes of loops in a Layer 2 network and briefly explains how spanning tree
protocol works. Redundancy is an important part of the hierarchical design for eliminating single
points of failure and preventing disruption of network services to users. Redundant networks
require the addition of physical paths, but logical redundancy must also be part of the design.
Having alternate physical paths for data to traverse the network makes it possible for users to
access network resources, despite path disruption. However, redundant paths in a switched
Ethernet network may cause both physical and logical Layer 2 loops.
• Ethernet LANs require a loop-free topology with a single path between any two devices. A loop in
an Ethernet LAN can cause continued propagation of Ethernet frames until a link is disrupted and
breaks the loop.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Purpose of STP
Spanning Tree Protocol
• Spanning Tree Protocol (STP) is
a loop-prevention network
protocol that allows for
redundancy while creating a
loop-free Layer 2 topology.
• STP logically blocks physical
loops in a Layer 2 network,
preventing frames from circling
the network forever.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Purpose of STP
STP Recalculation

STP compensates for a failure in

the network by recalculating and
opening up previously blocked
ports.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Purpose of STP
Issues with Redundant Switch Links
• Path redundancy provides multiple network services by eliminating the possibility of a single point
of failure. When multiple paths exist between two devices on an Ethernet network, and there is no
spanning tree implementation on the switches, a Layer 2 loop occurs. A Layer 2 loop can result in
MAC address table instability, link saturation, and high CPU utilization on switches and end-
devices, resulting in the network becoming unusable.
• Layer 2 Ethernet does not include a mechanism to recognize and eliminate endlessly looping
frames. Both IPv4 and IPv6 include a mechanism that limits the number of times a Layer 3
networking device can retransmit a packet. A router will decrement the TTL (Time to Live) in every
IPv4 packet, and the Hop Limit field in every IPv6 packet. When these fields are decremented to 0,
a router will drop the packet. Ethernet and Ethernet switches have no comparable mechanism for
limiting the number of times a switch retransmits a Layer 2 frame. STP was developed specifically
as a loop prevention mechanism for Layer 2 Ethernet.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Purpose of STP
Layer 2 Loops
• Without STP enabled, Layer 2 loops can form, causing broadcast, multicast and unknown
unicast frames to loop endlessly. This can bring down a network quickly.
• When a loop occurs, the MAC address table on a switch will constantly change with the updates
from the broadcast frames, which results in MAC database instability. This can cause high CPU
utilization, which makes the switch unable to forward frames.
• An unknown unicast frame is when the switch does not have the destination MAC address in its
MAC address table and must forward the frame out all ports, except the ingress port.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Purpose of STP
Broadcast Storm
• A broadcast storm is an abnormally high number of broadcasts overwhelming the network
during a specific amount of time. Broadcast storms can disable a network within seconds by
overwhelming switches and end devices. Broadcast storms can be caused by a hardware
problem such as a faulty NIC or from a Layer 2 loop in the network.
• Layer 2 broadcasts in a network, such as ARP Requests are very common. Layer 2
multicasts are typically forwarded the same way as a broadcast by the switch. IPv6 packets
are never forwarded as a Layer 2 broadcast, ICMPv6 Neighbor Discovery uses Layer 2
multicasts.
• A host caught in a Layer 2 loop is not accessible to other hosts on the network. Additionally,
due to the constant changes in its MAC address table, the switch does not know out of which
port to forward unicast frames.
• To prevent these issues from occurring in a redundant network, some type of spanning tree
must be enabled on the switches. Spanning tree is enabled, by default, on Cisco switches to
prevent Layer 2 loops from occurring.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Purpose of STP
The Spanning Tree Algorithm
• STP is based on an algorithm invented by Radia Perlman while working for Digital Equipment
Corporation, and published in the 1985 paper "An Algorithm for Distributed Computation of a
Spanning Tree in an Extended LAN.” Her spanning tree algorithm (STA) creates a loop-free
topology by selecting a single root bridge where all other switches determine a single least-cost
path.
• STP prevents loops from occurring by configuring a loop-free path through the network using
strategically placed "blocking-state" ports. The switches running STP are able to compensate for
failures by dynamically unblocking the previously blocked ports and permitting traffic to traverse
the alternate paths.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Purpose of STP
The Spanning Tree Algorithm (Cont.)
How does the STA create a loop-free topology?
• Selecting a Root Bridge: This bridge (switch) is the reference point for the entire network to build a
spanning tree around.
• Block Redundant Paths: STP ensures that there is only one logical path between all destinations on
the network by intentionally blocking redundant paths that could cause a loop. When a port is
blocked, user data is prevented from entering or leaving that port.
• Create a Loop-Free Topology: A blocked port has the effect of making that link a non-forwarding link
between the two switches. This creates a topology where each switch has only a single path to the
root bridge, similar to branches on a tree that connect to the root of the tree.
• Recalculate in case of Link Failure: The physical paths still exist to provide redundancy, but these
paths are disabled to prevent the loops from occurring. If the path is ever needed to compensate for
a network cable or switch failure, STP recalculates the paths and unblocks the necessary ports to
allow the redundant path to become active. STP recalculations can also occur any time a new
switch or new inter-switch link is added to the network.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
5.2 STP Operations

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
STP Operations
Steps to a Loop-Free Topology
Using the STA, STP builds a loop-free topology in a four-step process:
1. Elect the root bridge.
2. Elect the root ports.
3. Elect designated ports.
4. Elect alternate (blocked) ports.
• During STA and STP functions, switches use Bridge Protocol Data Units (BPDUs) to share
information about themselves and their connections. BPDUs are used to elect the root bridge, root
ports, designated ports, and alternate ports.
• Each BPDU contains a bridge ID (BID) that identifies which switch sent the BPDU. The BID is
involved in making many of the STA decisions including root bridge and port roles.
• The BID contains a priority value, the MAC address of the switch, and an extended system ID. The
lowest BID value is determined by the combination of these three fields.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
STP Operations
Steps to a Loop-Free Topology (Cont.)
• Bridge Priority: The default priority value for all Cisco switches is the decimal value 32768. The
range is 0 to 61440 in increments of 4096. A lower bridge priority is preferable. A bridge priority of 0
takes precedence over all other bridge priorities.
• Extended System ID: The extended system ID value is a decimal value added to the bridge
priority value in the BID to identify the VLAN for this BPDU.
• MAC address: When two switches are configured with the same priority and have the same
extended system ID, the switch having the MAC address with the lowest value, expressed in
hexadecimal, will have the lower BID.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
STP Operations
1. Elect the Root Bridge
• The STA designates a single switch as the root
bridge and uses it as the reference point for all
path calculations. Switches exchange BPDUs
to build the loop-free topology beginning with
selecting the root bridge.
• All switches in the broadcast domain
participate in the election process. After a
switch boots, it begins to send out BPDU
frames every two seconds. These BPDU
frames contain the BID of the sending switch
and the BID of the root bridge, known as the
Root ID.
• The switch with the lowest BID will become the
root bridge. At first, all switches declare
themselves as the root bridge with their own
BID set as the Root ID. Eventually, the
switches learn through the exchange of BPDUs
which switch has the lowest BID and will agree
on one root bridge.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
STP Operations
Impact of Default BIDs
• Because the default BID is 32768, it is possible for
two or more switches to have the same priority. In
this scenario, where the priorities are the same,
the switch with the lowest MAC address will
become the root bridge. The administrator should
configure the desired root bridge switch with a
lower priority.
• In the figure, all switches are configured with the
same priority of 32769. Here the MAC address
becomes the deciding factor as to which switch
becomes the root bridge. The switch with the
lowest hexadecimal MAC address value is the
preferred root bridge. In this example, S2 has the
lowest value for its MAC address and is elected
as the root bridge for that spanning tree instance.
• Note: The priority of all the switches is 32769. The
value is based on the 32768 default bridge priority
and the extended system ID (VLAN 1 assignment)
associated with each switch (32768+1).

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
STP Operations
Determine the Root Path Cost
• When the root bridge has been elected for a given spanning tree instance, the STA starts determining the best paths to
the root bridge from all destinations in the broadcast domain. The path information, known as the internal root path cost,
is determined by the sum of all the individual port costs along the path from the switch to the root bridge.
• When a switch receives the BPDU, it adds the ingress port cost of the segment to determine its internal root path cost.
• The default port costs are defined by the speed at which the port operates. The table shows the default port costs
suggested by IEEE. Cisco switches by default use the values as defined by the IEEE 802.1D standard, also known as
the short path cost, for both STP and RSTP.
• Although switch ports have a default port cost associated with them, the port cost is configurable. The ability to
configure individual port costs gives the administrator the flexibility to manually control the spanning tree paths to the
root bridge.

STP Cost: IEEE RSTP Cost: IEEE

Link Speed
802.1D-1998 802.1w-2004
10 Gbps 2 2,000
1 Gbps 4 20,000
100 Mbps 19 200,000
10 Mbps 100 2,000,000

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
STP Operations
2. Elect the Root Ports
• After the root bridge has been determined, the
STA algorithm is used to select the root port.
Every non-root switch will select one root port.
The root port is the port closest to the root bridge
in terms of overall cost to the root bridge. This
overall cost is known as the internal root path
cost.
• The internal root path cost is equal to the sum of
all the port costs along the path to the root
bridge, as shown in the figure. Paths with the
lowest cost become preferred, and all other
redundant paths are blocked. In the example, the
internal root path cost from S2 to the root bridge
S1 over path 1 is 19 while the internal root path
cost over path 2 is 38. Because path 1 has a
lower overall path cost to the root bridge, it is the
preferred path and F0/1 becomes the root port
on S2.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
STP Operations
3. Elect Designated Ports
• Every segment between two switches will have one
designated port. The designated port is a port on the
segment that has the internal root path cost to the
root bridge. In other words, the designated port has
the best path to receive traffic leading to the root
bridge.
• What is not a root port or a designated port becomes
an alternate or blocked port.
• All ports on the root bridge are designated ports.
• If one end of a segment is a root port, the other end
is a designated port.
• All ports attached to end devices are designated
ports.
• On segments between two switches where neither of
the switches is the root bridge, the port on the switch
with the least-cost path to the root bridge is a
designated port.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
STP Operations
4. Elect Alternate (Blocked) Ports
If a port is not a root port or a
designated port, then it becomes an
alternate (or backup) port. Alternate
ports are in discarding or blocking
state to prevent loops. In the figure,
the STA has configured port F0/2 on
S3 in the alternate role. Port F0/2 on
S3 is in the blocking state and will
not forward Ethernet frames. All
other inter-switch ports are in
forwarding state. This is the loop-
prevention part of STP.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
STP Operations
Elect a Root Port from Multiple Equal-Cost Paths
When a switch has multiple equal-cost paths to the root bridge, the switch will determine a port using
the following criteria:
• Lowest sender BID
• Lowest sender port priority
• Lowest sender port ID

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
STP Operations
Elect a Root Port from Multiple Equal-Cost Paths (Cont.)
Lowest Sender BID: This topology has four switches with switch S1 as the root bridge. Port F0/1 on switch S3 and
port F0/3 on switch S4 have been selected as root ports because they have the root path cost to the root bridge for
their respective switches. S2 has two ports, F0/1 and F0/2 with equal cost paths to the root bridge. The bridge IDs of
S3 and S4, will be used to break the tie. This is known as the sender’s BID. S3 has a BID of 32769.5555.5555.5555
and S4 has a BID of 32769.1111.1111.1111. Because S4 has a lower BID, the F0/1 port of S2, which is the port
connected to S4, will be the root port.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
STP Operations
Operational Details of Each Port State

The table summarizes the operational details of each port state

Forwarding Data
Port State BPDU MAC Address Table
Frames
Blocking Receive only No update No

Listening Receive and send No update No

Learning Receive and send Updating table No

Forwarding Receive and send Updating table Yes

Disabled None sent or received No update No

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22