What value is used to determine which port on the non-root bridge will become the root port in the STP network?

We will use Figure 1 to explain these three problems.

In the Figure above let’s assume PC-1 sends a frame to PC-2. This frame is received on Port 1 of both Switch A and Switch B. Since both switches do not know the destination address they simply flood the frame out all ports except the one it is received on, in this case Port 2. A copy of the frame is received on Port 2 of both Switches due each Switch sending the frame on Port 2 and other receiving the same frame from the other switch. The process repeats again and the flooding happens on the above segment. This goes on and on and a Broadcast Storm is created that consumes the entire resources of the network.

In the process described above PC-2 may receive multiple copies of same frame from Switch A and Switch B. This can cause problems as many protocols cannot handle duplicate frames.

Another problem that may be caused due to loops is instability of MAC address table. When PC-1 sends a frame to PC-2 and it is received on Port 1 of both Switches which then install PC-1 MAC address in the MAC address table and associate it with Port 1. Both Switches then flood the frame out Port 2. Switch A receives the frame that was flooded by Switch B and updates it MAC address table by associating PC-1’s MAC Address with Port 2. The same process happens on Switch B as well and the MAC table of both switches is corrupted and as a result traffic is switched out the wrong interfaces.

Spanning Tree Protocol was designed to avoid loops by finding redundant links in a network and shutting them down. To prevent bridging loops redundant paths must be identified and blocked. Not only does spanning-tree blocks redundant paths but also re-opens them in case of a link failure.

As the name implies, STP computes a tree that spans all switches in a network. All switches communicate using Bridge Protocol Data Units (BPDU) with each other. A reference point is agreed by all switches in a network and based on this reference point all redundant links are identified and blocked and only one path is allowed to forward traffic. If a link that was previously forwarding fails STP automatically enables one of redundant blocked links as the new active path.

Spanning Tree Workings

To obtain a loop-free topology STP uses three steps mentioned below

Elect one Root Bridge
Select one Root Port on the non-root bridges
Select one Designated Port on each segment

We will use figure 2 in our explanations for these three steps

Electing a Root Bridge

A Root Bridge is a reference point for all switches in a spanning-tree topology. Across all connected switches a process of election occurs and the Bridge with the Lowest Bridge ID is elected as the Root Bridge. Bridge ID is an 8-byte Value that consists of 2-Byte Bridge Priority and 6-Byte System ID which is the burned in MAC address of the Switch.Initially all switches began advertising them selves as the Root Bride in BPDUs but once they receive a superior BPDU, one which has a lower Bridge ID, they cease the messages and starts forwarding the superior BPDUs .

In the above Figure all switches began with advertising themselves as the Root Bridge. When Switch B receives the BPDU from Switch A it compares the Bridge ID of itself with that of Switch A. Since the Priorities are same, the MAC address is used as the tie breaker and thus Switch A wins due to lower MAC Address. Switch B stops sending its BPDU and forwards the BPDU from A. This Process repeats on Switch C as well and it ceases the generation of BPDU and instead forwards BPDUs from A. Now a single reference point for the network is elected which is Switch A, all other switches now forward STP BPDUs received from Root Bridge.

Before we move on to next step we must know that every port in the Spanning-tree topology will end up in one of three Port Roles

Root Port
Designated Port
Non-Designated/Blocking Port

Select one Root Port on the non-root bridges

Once a Root Bridge is elected all non-root Bridges elect a Root Port. This is a port that has the lowest cumulative path cost towards the Root Bridge. A Root Port is an upstream facing port that always points towards the Current Root Bridge.

Table 1 lists the Default Port Costs according to the IEEE 802.1D

Link Bandwidth	STP Cost
4 Mbps	250
10 Mbps	100
100 Mbps	19
1 Gbps	4
10 Gbps	2

In Figure 2, as mentioned above Switch A will be the Root Bridge and it will send BPDUs out its interfaces every 2 Seconds with Root Path Cost of 0 as all its ports are attached to itself. Upon the receiving the BPDU Switch B and C will add the Path Cost of Port Gi0/0 which is 4. Both Switches then forward the BPDU with Root Path Cost of 4 out of Gi0/1 Interface. They will then receive BPDU from the other Switch on the Gi0/1 and add the Path Cost of 4.Thus both Switches will have Root Path Cost of 4 on Gi0/0 and Root Path cost of 8 on Gi0/1 and as a result Gi0/0 will be the Root Port on both Switch A and Switch B

Select one Designated Port on each segment

The final step is to select one Designated Port on each segment. The Port that advertises the lowest Root Path Cost onto the segment is elected as Designated Port. Let’s Consider the Segment between Switch B and Switch C. Both Switches advertise 4 as the Root Path Cost, now there is a tie. Whenever selecting Root Ports or Designated Ports if two or more ports report the same Root Path Cost then the following tie breaker mechanism occurs

Lowest Sender Bridge ID
Lowest Sender Port Priority
Lowest Sender Port Number

Thus port Gi0/1 of Switch B will be selected as the Designated Port for the segment between Switch B and Switch C as Switch B advertised lowest Bridge ID on to the Segment.

All ports of the Root Bridge are Designated Ports and any port that is not a Root Port or a Designated Port becomes the Blocking Port and is blocked to prevent loops.

Figure 3(a) shows the final converged loop-free topology. Port Gi0/1 of Switch C is put in the Blocking State and the loop is effectively removed and we obtain a topology similar to one in Figure 3(b).

Note that if there are topological changes STP will re-converge. In case of a failure of the link between Switch A and Switch B the blocked port of Switch C will be put in to forwarding state.

When ever a Port is enabled and the STP process starts or whenever STP re-converges to a stable topology the Port has to transition different STP Port States. There are five STP Port states which are mentioned below

Disabled
Blocking
Listening
Learning
Forwarding

All Ports when administratively shut down fall in the category of Disabled State. When a Port is enabled it will start in Blocking State to prevent any loops and thus no forwarding of traffic will take place neither the port will learn any MAC addresses. A Blocked Port will only process received BPDUs from neighboring switches.

A port that can be selected as Root Port or Designated Port will transition to Listening state. In this state the port will be allowed to send BPDUs as well so that it can actively participate in Spanning-tree.

After a period of time called Forward Delay (15 Seconds by Default) the Port can transition to Learning State in which it can learn MAC Addresses and send/receive BPDUs but still cannot forward or receive traffic.

After another Forward Delay the port is transitioned to Forwarding state and now it can send and receive traffic and is a fully functional port.

Cisco CCNA 200-301
Standard Kit

Cisco CCNA 200-301
G2 Titanium Kit

07 Sunday Jul 2013

Posted by nayarasi in Spanning Tree Protocol

≈ 34 Comments

In this post we will see how to manipulate STP root port selection in a given topology. We will use the VLAN 10 (management vlan) STP instance to see which ports will be Root Port in each switch. Any given switch Bridge ID consist of Bridge Priority (default 32768 + system extend ID) & MAC address. Since we are taking vlan10 as example default bridge priority will be 32778.

Here are the basic rules of STP

1. Lowest bridge ID (Priority:MAC Address) switch becomes the Root-Bridge
2. Each non-root bridge should have ONE root port (RP) which is the port having lowest path-cost to Root Bridge.
3. All ports in Root Bridge become Designated Ports (DP)
4. Each segment should have one Designated Port (DP)
5. All RP/DPs will be in FORWARDING state & all other ports will be in BLOCKING state.

According to the topology CAT1 is having lowest MAC address (hence lowest bridge ID) & will become the Root Bridge. Butif you do not want to rely on MAC addreses you can lower priority of a given switch to make them as the Root Bridge for all VLANs. In my case will make priority for all Vlans to lowest value( which is 0) in CAT1.

CAT1(config)#spanning-tree vlan 1-4094 priority ? <0-61440> bridge priority in increments of 4096 CAT1(config)#spanning-tree vlan 1-4094 priority 0 CAT1#sh spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 10 Address 0017.94ba.bc80 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 10 (priority 0 sys-id-ext 10) Address 0017.94ba.bc80 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec

Now we will look at which port become Root Port in each non-root bridges (CAT2,CAT3,CAT4). Root Port selection is based on the port having lowest cost to the Root Bridge (CAT1). For PVST (Per VLAN Spanning Tree) path cost will depend on bandwidth of links and cost value is as shown below for most commonly used links.

10Gbps -> 2 1 Gbps -> 4 100 Mbps -> 19

10 Mbps -> 100

Also it is important to understand how path cost calculate. From Root Bridge it will send BPDU with cost to Root Bridge as “0”. When this BPDU receive by any other switch it will add its own port cost (according to the above mentioned value). So if BPDU receive by a Fast Ethernet port (100 Mbps) it will calculate path cost to root as 19 (0+19).

For CAT3, it has 3 different option (label b,t,p). Here Root Port choice is obvious, only via Fa 0/22 (b) is having lowest path cost to Root Bridge. So that will become the Root Port.

For CAT2’s it has 4 different ports (label d,f,u,r). Out of which two ports (d & f) are having same path cost (19) to Root Bridge. Via port “u” it is having path cost of 38 & via port “r” it is having path cost of 57. Since we have two equal cost paths, you need to know tie breaking rules in this scenario. Here they are,

1. Lowest Sending Bridge ID
2. Lowest Port Priority (of sender)
3. Lowest Interface number (of sender)

In our case both port “d” & “f” receiving BPDU from same bridge (CAT1) which suggest “lowest port priority of sender” will be the tie breaker. By default each port is having priority value of 128 (can be 0-256 multiplier of 16). This makes “lowest interface number of sender” it tie breaker. In our case CAT1’s fa1/0/23 is having lower interface number & therefore that BPDU received by CAT2’s fa1/0/24 will become root port.

CAT2#sh spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 10 Address 0017.94ba.bc80 Cost 19 Port 26 (FastEthernet1/0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 001a.e3a7.ff00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa1/0/2 Desg FWD 19 128.4 P2p Fa1/0/21 Desg FWD 19 128.23 P2p Fa1/0/23 Altn BLK 19 128.25 P2p Fa1/0/24 Root FWD 19 128.26 P2p

Now let’s see what will happen if you change CAT1’s fa1/0/24 port priority.

CAT1(config-if)#spanning-tree vlan 10 port-priority ? <0-240> port priority in increments of 16 CAT1(config-if)#spanning-tree vlan 10 port-priority 0 CAT1(config-if)#do sh span vlan 10 Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa1/0/22 Desg FWD 19 128.24 P2p Fa1/0/23 Desg FWD 19 128.25 P2p Fa1/0/24 Desg FWD 19 0.26 P2p

Now if you look in CAT2 you would see Fa1/0/23 (connected to CAT1’s fa1/0/24) will become root port because of the lower port priority of sender.

CAT2#sh spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 10 Address 0017.94ba.bc80 Cost 19 Port 25 (FastEthernet1/0/23) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 001a.e3a7.ff00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa1/0/2 Desg FWD 19 128.4 P2p Fa1/0/21 Desg FWD 19 128.23 P2p Fa1/0/23 Root FWD 19 128.25 P2p Fa1/0/24 Altn BLK 19 128.26 P2p

For CAT4, both port G0/3 “q” & G0/2 “s” are having equal path cost(38) to root bridge(CAT1). But in this case port “s” is getting BPDU from a lower bridge id switch CAT2 (32778: 001a.e3a7.ff00) comparison to port “q” from CAT3 (32778: 0024.137b.5a00). In this case Port “s” – G0/2 become root port & Port Priority or Interface ID won’t come into play.

CAT4#sh span vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 10 Address 0017.94ba.bc80 Cost 38 Port 2 (GigabitEthernet0/2) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 58bf.ea59.f800 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi0/2 Root FWD 19 128.2 P2p Gi0/3 Altn BLK 19 128.3 P2p

But in here if you want to make G0/3 as root port you can change it’s port cost to a lower value which results lower path cost to root. In this example I will change it to cost of 1 which resulting path cost to root is 20 via that port. So that will become root port.

CAT5(config-if)#spanning-tree vlan 10 cost ? <1-200000000> Change an interface's per VLAN spanning tree path cost CAT5(config-if)#spanning-tree vlan 10 cost 1 CAT5#sh spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 10 Address 0017.94ba.bc80 Cost 20 Port 3 (GigabitEthernet0/3) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 58bf.ea59.f800 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi0/2 Altn BLK 19 128.2 P2p Gi0/3 Root FWD 1 128.3 P2p

Now you know which port becomes a root port in each non-root switches. So Port “b”, “f” & “q” will become root port in this topology. If you want to identify which ports become Designated Ports (DP) you can follow below rules.

1. All ports in Root Bridge will become Designated Ports
2. Each segment (link) will have ONE Designated Port.

If a given link does not have a Root Port, either of them could be a designated port. But lower bridge ID switch port wins in this situation (“u” in “t-u” link & “r” in “r-s” link ) become a DP. In this way ports other than “d”, “t” & “s” will become either DP or RP. Hence those will become “FORWARDING” ports & others (d,t,s) become “BLOCKING” Ports as shown in the below diagram.

Here is “show spanning tree vlan 10” output to verify the above.

CAT2#sh spanning-tree vlan 10 Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa1/0/2 Desg FWD 19 128.4 P2p Fa1/0/21 Desg FWD 19 128.23 P2p Fa1/0/23 Root FWD 19 128.25 P2p Fa1/0/24 Altn BLK 19 128.26 P2p <- "port d" CAT3#sh spanning-tree vlan 10 Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa0/3 Desg FWD 19 128.3 P2p Fa0/21 Altn BLK 19 128.21 P2p <- "Port t" Fa0/22 Root FWD 19 128.22 P2p CAT4#sh spanning-tree vlan 10 Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi0/2 Altn BLK 19 128.2 P2p <- "port S" Gi0/3 Root FWD 1 128.3 P2p

In this way you can manipulate the Root Port selection of your network.

References:
1. VLAN Load Balancing between Trunk link
2. Understanding Rapid Spanning Tree Protocol (802.1w)