Spanning Tree Protocol (IEEE 802 1D)

The main purpose of STP is to eliminate loops, to do so, spanning tree protocol will take three
basic steps
1) it is selects one switch as a root bridge . root bridge is the central point on the network
2) It chooses the shortest path from a switch to the root bridge
3) It three blocks links that could cause loops while maintaining these links as backups
STP can activate a blocked link if an active link breaks thus it provides fault tolerance for
network
let's look at an example suppose we have four switches a b c and d on a local area network

there are redundant links among this interconnected switches

for example from sweet D to switch a there are two paths DBA and DCA
link redundancy is necessary for the network availability however redundant links we all
create layer 2 loops
how does a network block our wanted links that could cause loops while maintaining link
redundancy?
the answer is STP
1) first STP elects one switch as the root bridge. the lowest bridge ID determines the root
bridge
switch A is elected as the road bridge
2) next each of other switches chooses the path to the road bridge with a list of path cost.
path the cost is a calculated based on link bandwidth. the high bandwidth the lower the
path cost.
now take a look at a switch be for switch B there are two paths to reach Root Bridge BDCA and
BA. the path BDCA costs7 and path BA costs 2. Therefore the link BA is choosing as the path
from switch B to root bridge A
The port on B is selected as a root port. A root port is the port with the least cost path to the
root bridge. The other end is a designated port.
Next look at Switch C. From switch C to root bridge there are two paths CDB and CA
the shortest the path is CA because is costs 1 thus this port is a selected as a root port. the
other end is a selected as a designated port
now let's check with a switch D there are two paths from D to A. DBA and DCA
DBA cost of 4 and DCA costs 5 thus DBA is the preferred path. this port is selected as a root
port the other end on switch B is a designated port
Non root switch can have many designated the ports but it can have one root port only
all ports of the root bridge are designated ports. On the root bridge there is no root port.
every switch has found a best path to reach the root bridge
the link between DC shouldn't be blocked in order to eliminate a loop
now let's look at the blocked link DC . One port should be designated port and the other end
should be in a blocking state
the port with the lower switch ID is selected as a designated port therefore the other end is
blocking port
the blocking port can still receive frames but it will not forward nor send frames. It is simply
drops them
from this example we can say electing the road bridge is the key process because it
determines all other.
How STP Elects Root Bridge with Hello BPDU?
How STP Elects Root Bridge with Hello BPDU ?
root Switch Bridge ID (BID) bridge election is based on a switch bridge ID or BID
BID is combinations of two parts. a 2-byte priority field and a 6-byte switch MAC address. so a
bridge ID is eight byte value
root bridge election process is a simple
all interconnected switches exchange their BIDs and whoever has the lowest priority field
value would become the root bridge
if there's a tie, whoever has the lowest MAC address would become the winner
here we have a three switches and they have the same default priority value 32768
then the MAC address of a switch would become a tie breaker. switch A would be elected as
the root bridge since it has the lowest MAC address
but how does it work.
here is how the election starts
every switch multicast its message. Hello BPDU. In which each switch declares itself the root
bridge
Bridge Protocol Data Unit ( BPDU ) is a frame containing information about spanning tree
protocol and a hello BPDU is used by switches or bridges to share information about
themselves
it is used for electing a Root bridge, determining Port roles and States and the blocking
unwanted links
to put it simply hello BPDU is used to configure a loop free network
in Hello BPDU frame they are many fields but today we only focus on three fields

Root ID, Root path cost and a bridge ID

1) Root ID is a Root bridge BID.
2) Root path cost is the best path cost to the Root bridge
3) bridge ID is BPDU sender’s BID or the source of bridge ID

a switch multicast hello BPDU using a unique MAC address from origin port and a multicast a
destination MAC address
these three switches send out their hello BPDU’s. basically each switch declares itself as the
Root bridge
let's check Switch A
first switch A sends out is hello BPDU to both B and C. let's just simplify the frame and we
focus only on the middle three fields
From its hello frame switch A sets route ID to his own BID
it is simply tell other switches hello everyone I am the Root bridge
the path cost value is a set to zero because the path cost to itself is of course nothing
switch B does the same thing. It sends its hello message and its own bridge ID in the Root
ID field the path cost is also set to zero
Switch C does the same as both A and B switches say does the same thing
basically they all claim they are the boss in their hello BPDU’s
the problem is only one can be the Root bridge. what they do next is compare the hello
BPDU’s and to elect a real boss
here is what they do
when switch A receives hello BPDU’s from both B and C, it checks and discards their BPDUs
because its bridge ID is lower than both B's and C's
switch A keeps its original hello BPDU and it still believes it is the Root bridge
when switch B received the hello BPDU from switch C, it compares and finds is BPDU is
superior and thus discards switch C’s hello BPDU.
However, when B receives switch A’s hello BPDU, it finds A’s Bridge ID is and it would say well
switch A is the winner therefore it modifies is Root ID value by replacing his own bridge ID
with a switch A’s bridge ID.
I also calculates the path cost to switch A , and then sends the modified hello BPDU to others.
when switch C receives the hello BPDU frame from switch A and B, switch C easily find the
switch A’s is a superior BPDU. Switch C changes its own Hello BPDU value too. like setting
the value of the Root ID to switch A’s bridge ID and a calculating the path cost to switch A
then it a sends its modified hello BPDU to others
this way switch A,B and C exchange their BPDUs again and agree that the root bridge should
be Switch
Once the Root bridge is decided, path cost to the Root bridge is a calculated, Root ports,
designated ports and blocked ports are determined
once the network is stable only Root bridge switch A multicast a hallo BPDU two other
switches every two seconds
sometimes we want to a switch to become the Root bridge for some good reasons, like the
switch is the most a centralized switch or the switch is least a disturbed
in this situation we need to configure the Root bridge to ensure that no matter how the
network changes, our initial Root bridge will remain the same.
to achieve this we simply configure the bridge priority value so that it is always the lowest
In summary switches use hello BPDU frames to exchange information to select their Root
bridge and a configure a loop frame network
but what happens if there is a some network a change such as active link breaks or a new
switch is added to the network
BPDU Timers
knowing BPDU structure in general and a bpdu timers will help us to understand
1) how STP has loop freight network
2) how STP reacts to network changes
3) and how STP is a different from other flavors of STP such as rapid STP
the first the field is a protocol ID is a type of protocol used its value is hexadecimal number
like four zeros which is stands for standard STP- IEEE 802.1D.
the second field is the version of the protocol used
bpdu messenger type refers to a configuration bpdu or topology change notification bpdu or
TCN bpdu
hexadecimal 0x00 means configuration or hello and
0x80 indicates topology change TC
flags fields indicates topology change or topology change acknowledgement
message type and flags tells us there are three basic types of a bpdu
configuration
topology change
and a topology change acknowledgment
Root ID is a root bridge ID it is a priority number followed by MAC address
route path cost field contains the least cost to the root bridge
Bridge ID refers to the source switch bridge ID or the sender's bridge ID
the next field is a port ID. A port ID is hexadecimal number such as 0x8 0 19 which is
equivalent to 1208.25 in decimal format. 128 is the default port priority number and a 25 is a
port number which is determined internally by a switch
now let's talk about the timers
1) message age ( Msg age) specifies the amount of time elapsed since the root bridge sent
hello bpdu. the field is a similar to the TTL field in IP packet and it is it to stop a BPDU’s
use from traveling endlessly
the message age is a set to zero at the root bridge and increments by 1 each time of bpdu
passes through a switch down the road
effectively this value tells how far a switch is from the root bridge
for example message age is a set to zero at the road bridge when switch B or C
forwards hello bpdu message age increases by one. when D and E forward to the next switch
their message age would become two. thus message age is not a fixed number it a changed
as the hello bpdu is going through the network
2) max age indicates when current hello BPD you should be deleted or aged out by default it
is 20 seconds. after max age is passed the switch expires the current configuration bpdu
if the current hello bpdu expires but a no new hello bpdu arrives a switch would start a
take action like restoring its backup link when there's a link failure
3) hello time is how often bpdu is sent by the root bridge. by default it is a two seconds but it
is configurable
4) forwarded delay. It dictates that amount of a time a switch should wait before
transitioning to a new state. by default it is 15 seconds. the timer is used when a port is a
transitioning from the blocking state to the listening state. And then from the listening
state to the learning state .
each state takes the 15 seconds
 these four timers are very useful to help us understand STP configuration and a convergence
time
convergence time is a modular time STP takes to deal with network changes and get the
network up and running again

How STP reacts to a link failure?

once the network becomes stable the root bridge would send out hello BPDUs two other
switches every two seconds a default hello timer in the hello BPDU frame
in this example even though the link BC is blocked to prevent a loop, switch B still forward
hello bpdu through this designated a port to switch C
the blocked port simply drops any hello bpdu
let's talk about Port role and the Port State
a switch port can have 3 different roles
1) Root port 2) designate port and 3) blocked port
besides a port has one of the five states 1) forwarding ,2) learning, 3) listening, 4)Bocking and
5) disabled
1) both Root port and a designated port are in the forwarding state, sending and receiving
frames
2) a blocked port is in the blocking state and it will not forward any frames
3) and 4) a port in a listening and a learning States are temporary and a transitional
between the blocking state and in the forwarding state
4) any port in the disabled State will not participate in STP
How STP reacts what if something happens like active link breaks,
the process involves many terms such as bpdu timers in bpdu
suppose the link AC breaks and the switch C stops receiving hello message from a root bridge
A switch C will not immediately respond and a simply waits
but how long. bpdu max-age timer comes into play
the max-age by default is 20 seconds and that's the switch C’s maximum waiting time
after 20 seconds STP will take action to help switch C to find an alternative way to reach the
root bridge
first STP changes the state of the blocked port from the blocking state to the listening state
port
in the listening state will not forward frames but just listening for any change on the network
the listening state lasts for 15 sec, which are the default time in the forwarded delay field of a
hallo bpdu frame.
After the listen state the port transmits to the learning state. The port in the learning state will
not forward frames just like the listening state but it starts learning MAC addresses and
updating his MAC address table
the learning state lasts for 15 seconds before changing to the forwarding state.
 again this 15 second is a forwarded delay default time
this self healing process takes about 50 seconds =
20 sec waiting time + 15 seconds in the listening state + and a 15 seconds in the learning
state
Initial State Final State

after 50 seconds the blocked port then becomes a new root port on switch C at the same time
the original route port becomes a block and the link AC is blocked
switches C reconnects the route break through switch B. the link BC is now in business
a new loop free network is created STP gets the network up and running again
during this process you might see the maximum waiting time seems too long and a listening
state and the learning state seems like a waste of our time
a new version of STP is much needed to reduce the total convergence time

the main differences between the standard spanning tree protocol and a rapid spanning tree
protocol
Rapid spanning tree protocol is an improved version of the classic spanning tree protocol
both standards shares many features and functions
Lets discuss mainly focus on that their differences in five areas
1) difference is in terms of Port Roles
first let us say some differences in terms of port roles

both versions have a root port and a designated port and their functions are still
the same rapid spanning tree protocol gets rid of blocked port but and adds two new ports
alternate port and a backup port
both alternate port and a backup report are in the blocking state but they function differently
the alternate port is a similar to the blocked port in the standard spanning tree protocol. It is
the second best road port to the root bridge
if the current root port fails the alternate port will take over
alternate port is a substitute to a different segment towards the root bridge
on the other hand the backup port is used as a redundant non-designated port.
if there's already a designated port forwarding to a segment things the other port is the
backup port In other words a backup port is a substitute to the same LAN segment away from
the root bridge
To summarize : Alternate port is the second best a root port to the root bridge and
a backup a port is the second best the designated port to another switch or hub but not to the
root bridge
in rapid spanning tree protocol there's another new type of port
Edge port : an edge port is directly connected to an endpoint workstation or device
Edge ports do not create switching loops and it do not cause any topology change
Edgeports are in the forwarding state but in a normal situation they do not participate in rapid
spanning tree protocol
2) difference is in terms of Port states

standard spanning tree protocol has five states forwarding learning listening blocking and a
disabled
rapidly spanning tree protocol has a three states only forwarding learning and discarding
Ports in a discarding state do not forward frames nor process frames but that they do listen for
BPDUs
3) Rapid STP : Link Types
rapidly spanning tree protocol introduces a new concept link type
there are two link types point-to-point link and a shared link
if the link between switches is full duplex is called point-to-point link
if the link is a half duplex is considered as a shared link
normally the link connected a hub would be a shared link .
In switched networks today most links operate in full duplex mode and are treated as point-
to-point links
only point-to-point link benefits from rapid transition to the forwarding state in rapid spanning
tree protocol
4) faster topology change detection
In a standard STP when a switch detects a topology change it first tells the root bridge by
sending out its TCN BPDU.
When the root bridge gets the message it a sends out its TC BPDU to every other switch in the
network
But in the rapid spanning tree protocol the TCN message propagation is only one step process
it a directly sends out that its message to everyone

the initiator of the topology change which is switch D this case floods this information
throughout the network . There is no need to wait for the root bridge to be notified and this
makes a faster topology change detection
5) Faster Convergence
rapid spanning tree protocol provides significantly faster convergence in response to network
changes

STP can take 20 seconds maximum age

to respond to a natural change
rapid spanning tree protocol is able to respond to changes within six seconds and even much
less. For STP former delay timer 15 seconds by default is needed for the state transition for
example the transition from the blocking state to forwarding state it takes a port to forward
delay time 30 seconds
for rapid spanning tree protocol there's no more forward delay timer in the transition as a
matter of fact rapid spanning tree protocol does not use timer anymore
instead it introduces a new way were handling convergence proposal agreement and
synchronization

How Rapid STP reacts to change - Proposal/agreement process

rapid spanning tree protocol handles network topology change with the proposal agreement
process
first let's check out bpdu flag field used in the rapid spanning tree protocol
bpdu flag field in rapid spanning tree protocol is different from the same field in the standard
STP
in the standard version only two of eight bits in the Flags field
One is for topology change and one for topology change acknowledgement
In rapid spanning tree protocol every bit is used in addition to topology change and a topology
change acknowledgment we can see much more information such as
port role, learning, forwarding , proposal and agreement
keep in mind spanning tree protocol regardless with versions and flavors, uses BPDUs as a
communications vehicle to exchange messages between switches
With the BPD use switches could be able to understand each other
now let's talk about how rapid spanning tree protocol reacts to a network topology change
rapid spanning tree protocol does not rely on bpdu timers for network convergence instead it
uses proposal agreement process to deal with network changes
let's use my example to demonstrate how it works
in the example we must assume that two conditions are true
one all links between switches are point-to-point links
Two all switches are running rapid spanning tree protocol
this is a stable loop free network with the three switches 1, 2 and 3

switch 1 is the root bridge. designated ports and the root ports are properly assigned
everything's works fine
now a workstation is connected to switch 3. rapid spanning tree protocol immediately create
an edge port in the forwarding state for that node
keep in mind in the rapid spanning tree protocol Network adding or removing edgeports does
not change any network topology
now suppose we have a new switch switch 4 for and we connected to both switch 1 and
switch 3. Adding any new switch to a stable Network would cause topology change and a
rapid spanning tree protocol would react to this change
here is how proposal Proposal agreement process starts
First these two ports ( switch ports that connect between 1 and 4) are set in the discarding
state before switch 1 and a 4 start their negotiations or handshake
Switch 1 sends a bpdu with the information like path cost bridge ID and etc
what does its propose? basically switch 1 would say to switch 4: hello I am the road bridge I
propose that my port is a designated port and your port should be root port something like
this
when switch 4 gets this bpdu, it believes it is a better or superior bpdu but before it replies
with agreement switch 4 needs to do one important thing
blocking all other non edgeports
this step is called a synchronization
synchronization is a process that a switch blocks all non-edge ports before sending agreement
to another switch
synchronization is needed to make sure no loop is created during the proposal agreement
process. Once the synchronization starts switch 4 sends an agreement message to the root
bridge.
Once the root bridge gets this agreement a new link is established with a proper designated
port and a root port
the synchronization stops for this link
now rapid spanning tree protocol moves on to work on the next link between switch 3 and
switch 4.
Basically the process between switch 3 and a switch 4 is repeating all steps we just saw.

First both ports are set to the discarding state. Then the switch for sends its proposal to switch
3 when switch 3 gets the proposal, it believes that switch 4’s proposal is good and
acceptable, which means switch 3’s best path to the root bridge is through switch 4.
The synchronization starts. switch 3 blocks all non edgeports. in this case only this one port is
blocked ( port on switch 3, between switch 2 and 3)
Other two edgeports do not change
Once the synchronization starts switch 3 replies with agreement to switch 4.
once switch 4 gets agreement a new link is established between switch 3 and switch 4 with
properly assigned designated port and root port . the synchronization stops.
now let's see the next link . But at this time it is a little bit different
 when switch 3 sends his proposal and switch 2 disagrees because it has already the best path
to the root bridge and its root port is already elected
quickly both Switch 2 and Switch 3 realize that the link between them should be blocked to
prevent any loop thus this port ( port on switch 2 between switch 2 and 3) is elected as a
designated port and in this port is elected as alternate port
the proposal or agreement process stops and a new loop Free topology is achieved
Summary
In rapid spanning tree protocol proposal agreement process is very quick because does not
depend on traditional bpdu timers as the standard at STP does
Instead a switch negotiates its neighbors
directly rapid spanning tree protocol provides faster topology change detection and a much
faster convergence time than the standard spanning tree protocol
that's why it is widely used in a large network with many switches