Spanning Tree Protocol (STP)
Back before it was purchased and renamed Compaq, a company called Digital Equipment Corporation (DEC) created the original version of Spanning Tree Protocol (STP) . The IEEE later created its own version of STP called 802.1D. All Cisco switches run the IEEE 802.1D version of STP, which isn’t compatible with the DEC version.
STP’s main task is to stop network loops from occurring on your layer 2 network (bridges or switches). It vigilantly monitors the network to find all links, making sure that no loops occur by shutting down any redundant links. STP uses the spanning-tree algorithm (STA) to first create a topology database, then search out and destroy redundant links. With STP running, frames will only be forwarded on the premium, STP-picked links. In the following sections, I am going to hit the nitty-gritty of the Spanning Tree Protocol.
Spanning Tree Terms
Before I get into describing the details of how STP works in the network, you need to understand some basic ideas and terms and how they relate within the layer 2 switched network:
STP
Spanning Tree Protocol (STP) is a bridge protocol that uses the STA to find redundant links dynamically and create a spanning-tree topology database. Bridges exchange BPDU messages with other bridges to detect loops, and then remove them by shutting down selected bridge interfaces.
Root bridge
The root bridge is the bridge with the best bridge ID. With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. All other decisions in the network—such as which port is to be blocked and which port is to be put in forwarding mode—are made from the perspective of this root bridge.
BPDU
All the switches exchange information to use in the selection of the root switch, as well as in subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU) that they send to one neighbor with the one that they receive from another neighbor.
Bridge ID The bridge ID is how STP keeps track of all the switches in the network. It is determined by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network.
Nonroot bridge These are all bridges that are not the root bridge. Nonroot bridges exchange BPDUs with all bridges and update the STP topology database on all switches, preventing loops and providing a measure of defense against link failures.
Root port The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest cost port becomes the root port. If multiple links have the same cost, the bridge with the lower advertising bridge ID is use. Since multiple links can be from the same device, the lowest port number will be used.
Designated port A port that has been determined as having the best (lower) cost—a designated port will be marked as a forwarding port.
Port cost Port cost determines when multiple links are used between two switches and none are root ports. The cost of a link is determined by the bandwidth of a link.
Nondesignated port Port with a higher cost than the designated port that will be put in blocking mode—a nondesignated port is not a forwarding port.
Forwarding port A forwarding port forwards frames.
Blocked port A blocked port is the port that will not forward frames, in order to prevent loops. However, a blocked port will always listen to frames.
Spanning Tree Operations
As I’ve said before, STP’s job is to find all links in the network and shut down any redundant ones, thereby preventing network loops from occurring. STP does this by first electing a root bridge that will preside over network topology decisions. Once all switches agree on who the root bridge is, every bridge must find the root port. If there are multiple links between switches, there must be one and only one designated port.
Things tend to go a lot more smoothly when you don’t have more than one person making a navigational decision, and so, there can only be one root bridge in any given network. I’ll discuss the root bridge election process more completely in the next section.
Selecting the Root Bridge
The bridge ID is used to elect the root bridge in the STP domain as well as to determine the root port. This ID is 8 bytes long, and includes both the priority and the MAC address of the device. The default priority on all devices running the IEEE STP version is 32,768.
To determine the root bridge, the priority of each bridge is combined with its MAC address. If two switches or bridges happen to have the same priority value, then the MAC address becomes the tie breaker for figuring out which one has the lowest (best) ID. It’s like this: If two switches— I’ll name them A and B—both use the default priority of 32,768, then the MAC address will be used instead. If Switch A’s MAC address is 0000.0c00.1111 and Switch B’s MAC address is 0000.0c00.2222, then Switch A would become the root bridge. Just remember that the lower value is the better one when it comes to electing a root bridge.
BPDUs are sent every 2 seconds, by default, out all active ports on a bridge/switch, and the bridge with the lowest (best) bridge ID is elected the root bridge. You can change the bridge’s ID by lowering its priority so that it will become a root bridge automatically. Being able to do that is important in a large switched network—it ensures that the best paths are chosen.
Note : Changing STP parameters is beyond the scope of this book, but it’s covered in CCNP: Building Cisco Multilayer Switched Networks |
Selecting the Designated Port
If more than one link is connected to the root bridge, then port cost becomes the factor used to determine which port will be the root port. So, to determine the port that will be used to communicate with the root bridge, you must first figure out the path’s cost. The STP cost is an accumulated total path cost based on the available bandwidth of each of the links. Table 3.1 shows the typical costs associated with various Ethernet networks.
TABLE 3.1 Typical Costs of Different Ethernet Networks
The IEEE 802.1D specification has recently been revised to handle the new higher-speed links. The IEEE 802.1D specification assigns a default port cost value to each port based on bandwidth.
Spanning-Tree Port States
The ports on a bridge or switch running STP can transition through five different states:
Blocking A blocked port won’t forward frames; it just listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths. All ports are in blocking state by default when the switch is powered up.
Listening The port listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in listening state prepares to forward data frames without populating the MAC address table.
Learning The switch port listens to BPDUs and learns all the paths in the switched network. A port in learning state populates the MAC address table but doesn’t forward data frames.
Forwarding The port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the Learning state, it enters this state.
Disabled A port in the disabled state (administratively) does not participate in the frame forwarding or STP. A port in the disabled state is virtually nonoperational.
Switch ports are most often in either the blocking or forwarding state. A forwarding port is one that has been determined to have the lowest (best) cost to the root bridge. But when and if the network experiences a topology change (because of a failed link or because someone adds in a new switch), you’ll find the ports on a switch in listening and learning state.
As I mentioned, blocking ports is a strategy for preventing network loops. Once a switch determines the best path to the root bridge, then all other ports will be in blocking mode. Blocked ports can still receive BPDUs—they just don’t send out any frames.
If a switch determines that a blocked port should now be the designated or root port because of a topology change, it will go into listening mode and check all BPDUs it receives to make sure that it won’t create a loop once the port goes to forwarding mode.
Convergence
Convergence occurs when all ports on bridges and switches have transitioned to either the forwarding or blocking modes. No data is forwarded until convergence is complete. Before data can be forwarded again, all devices must be updated. Convergence is important to make sure all devices have the same database, but it does cost you some time. It usually takes 50 seconds to go from blocking to forwarding mode, and I don’t recommend changing the default STP timers. (But you can adjust those timers if necessary.) Forward delay means the time it takes to transition a port from listening to learning mode or vice versa.
Spanning Tree Example
It’s time to begin using and not just reading about this stuff. It’s important to see how a spanning tree works in an internetwork, because it will really help you understand it better. So in this section, I’ll give you a chance to observe what you’ve learned as it takes place in a live network.
In Figure 3.1, you can assume that all five switches have the same priority of 32,768. But now study the MAC address of each switch. By looking at the priority and MAC addresses of each device, you should be able to determine the root bridge:
Once you’ve established which switch has got to be the root bridge, look at the figure again and try to figure out which is the root port on each of the switches. (Hint: Root ports are always forwarding ports, which means they will always be in forwarding mode.) Okay, next try to establish which of the ports will be in blocking mode.
FIGURE 3.1 Spanning tree example
Figure .3.2 has the answers for each of the port states for each switch. Since Switch A has the lowest MAC address, and all five switches use the default priority, Switch A gets to be the root bridge. And remember this: A root bridge always has every port in forwarding mode (designated ports).
To determine the root ports on Switch B and Switch C, just follow the connection to the root bridge. Each direct connection to the root bridge will be a root port, so it will become forwarding. On Switches D and E, the ports connected to Switches B and C are Switches D and E’s closest ports to the root bridge (lowest cost), so those ports are root ports and in forwarding mode.
Take another look at the Figure 3.2. Can you tell which of the ports between Switch D and E must be shut down so a network loop doesn’t occur? Let’s work it out: Since the connection from Switches D and E to Switches B and C are root ports, those can’t be shut down. Next, the bridge ID is used to determine designated and nondesignated ports; so, because Switch D has the lowest (best) bridge ID, Switch E’s port to Switch D will become nondesignated (blocking), and Switch D’s connection to Switch E will be designated (forwarding).
FIGURE 3.2 Spanning tree example answers
When should I worry about spanning tree?
Bob, a Senior Network Administrator at Acme Corporation in San Francisco, is concerned about all the new switches his bosses just asked him to install, which will bring the total number of switches in his network to 20. He is concerned about STP and isn’t sure if he should even think about it since it seems to work OK with the few switches he has installed. Bob calls you for advice. What should you tell Bob when he calls?
If you have fewer than six switches in your internetwork and no more than about 100 users in your network, you would usually just let STP do its job and not worry about it. Understand that each network may vary, but with Bob ending up with about 20 switches, he has to think about STP!
But if you have dozens of switches and hundreds of users in your network, then it’s time to pay attention to how STP is running. That’s because if you don’t set the root switch in this larger switched network, your STP may never converge between switches—a nasty situation that could bring your network down.
Setting the timers and root switch are covered in the CCNP: Building Cisco Multilayer Switched Networks