Spanning Tree Protocol

Spanning Tree Protocol (STP) - For a network topology multiple links are may be required between
switches to provide better fault tolerance and redundancy. But, when we create a closed connection
using switches or we use multiple links between switches, we face problems like -

1. Broadcast storm

2. MAC address table instability

3. Data frame duplication at the destination.

All these are happening due to a condition called 'bridging loop'.

Apparently, we can overcome this by removing all redundant links between switches but again that will
remove the advantage of fault tolerance.

So, instead of physically removing all redundant links it is better to logically block these links and if
required when main communication links goes down, we use these redundant links which are blocked
normally. This is achieved by a protocol named STP or spanning tree protocol. The IEEE standard for STP
is IEEE802.1d.

This is enabled on all cisco switches and its interfaces by default.

STP operation:

There are three steps that STP takes to make a network topology connected by switches loop free.

a) Root bridge election

b) Root port election

c) Designated and blocking port selection.

STP uses its own data frame for every communication and election process. This is known as BPDU
(Bridge Protocol Data Unit). This is sent in every 2 sec and whenever there is a topology change.

Root bridge is the switch based on which STP takes its decision. A switch in the topology must be elected
as the root bridge by STP.

There is a 64 bit header in a BPDU which is known as the Bridge ID.

Bridge-ID = Bridge priority(16 bit) + MAC address of the switch(48 bit)

By default, switch with the lowest bridge priority is elected as the root bridge.Bridge priority is a value
between 0 and 65535.Default bridge priority of a switch is 32768.If a switch has a bridge priority of 0, it
will not participate in root bridge election.

If every switch has equal bridge priority, then switch with the lowest MAC address is elected as the 'root
bridge'.

All connected ports of a root bridge are designated and remain in forwarding state. They cannot be
blocked.

All other switches except the root bridge are termed as 'non-root bridge'.

All non-root bridges must have a port that provides the best path or lowest cost path to reach the root
bridge. This port is termed as 'root port'. A root port cannot be blocked.

There can be other ports which are not root ports but can provide the best path for a network segment.
They are termed as 'designated ports' and they are not blocked. All other port or ports that are neither
root port nor designated port are put in blocking state. A port remains in the blocking state unless there
is any change in topology like a root port or designated port goes down. A blocking port cannot send or
receive data frame. It cannot send any BPDU but it can receive BPDU on this port.

STP Port Cost:

STP port state:

Ports must wait for new topology information to propagate through the switched LAN before starting to
forward frames. They must allow the frame lifetime to expire for frames that are forwarded using the
old topology. Each Layer 2 interface on a switch using Spanning Tree Protocol (STP) exists in one of the
following states:

• Disabled—The Layer 2 interface does not participate in spanning tree and is not forwarding frames.

• Blocking—The Layer 2 interface does not participate in frame forwarding.

• Listening—First transitional state after the blocking state when spanning tree determines that the
Layer 2 interface must participate in frame forwarding.

• Learning—The Layer 2 interface prepares to participate in frame forwarding.

• Forwarding—The Layer 2 interface forwards frames.

PortFast: This feature is generally enabled on the access ports so that the port directly goes to the
forwarding state from blocking state.

We can use,

Switch(config)#spanning-tree portfast default

When we use this command , all access ports will get portfast enabled.

or we can enable portfast on per interface basis,

Switch(config-if)#spanning-tree portfast

Along with the portfast feature we must enable the bpduguard feature, so that if by mistake the port is
connected to a switch and it receives any bpdu, it goes into err-disable state.

SW1(config-if)#spanning-tree bpduguard enable

CST, PVST and PVST+

 CST: Defined in IEEE 802.1D, this is the original standard that provided a loop-free topology in a
network with redundant links. Also called Common Spanning Tree (CST), it assumed one
spanning-tree instance for the entire bridged network, regardless of the number of VLANs.
 Per-VLAN Spanning Tree (PVST+)—PVST+ is a Cisco enhancement of STP that provides a
separate 802.1D spanning-tree instance for each VLAN configured in the network.
RSTP(Rapid Spanning Tree Protocol):IEEE802.1w

MaxAge time is reduced to 6sec.

Discarding ------------> Learning--------->Forwarding

MaxAge(6sec) Forward Delay(15sec)

Command to enable RSTP in cisco switches:

SW2(config)#spanning-tree mode rapid-pvst

PVST+(Per VLAN Spanning-Tree Plus): This is the default STP mode of every cisco switch. In this mode,
switch will build an STP table for every single configured VLAN .

We can modify the bridge priority for a Vlan or a group of VLANs to elect the root bridge as per our
choice. There are two methods,

Method 1:

SW2(config)#spanning-tree vlan 10 priority ?

<0-61440> bridge priority in increments of 4096

% Bridge Priority must be in increments of 4096.

% Allowed values are:

0 4096 8192 12288 16384 20480 24576 28672

32768 36864 40960 45056 49152 53248 57344 61440

SW2(config)#spanning-tree vlan 10 priority 24576

Method 2:

SW3(config)#spanning-tree vlan 20 root primary

The priority of the switch for vlan 20 will be decresed by 8192.

EtherChannel: This technology is used to bundle links between switches(from 2 to 8) to send or receive
data without any loop.For this the participating interfaces must have same characteristics like trunk or
access, same vlan membership, speed, duplex, native vlan , bandwwidth etc.

For succesful, ether-channel negotiation, we use two protocols - PAgp(Port Aggregation protocol)- cisco
propreitary

and LACP(Link Aggregation Control Protocol)

PAgp has two modes - auto and desirable

LACP has two modes - passive and active

Desirable or active : when the side is in this mode, it will initiate the ether-channel formation process by
sending proposal to other end.

Auto or passive: The side with passive mode will response to the proposal to participate in ether-channel
formation, but it will not initiate the process or send any proposal.

Etherchannel configuration using LACP:

Switch1(config)#interface range FastEthernet 0/1 - 2

Switch1(config-if-range)#channel-group 1 mode active

Switch2(config)#interface range FastEthernet 0/1 - 2

Switch2(config-if-range)#channel-group 1 mode passive

Etherchannel configuration using PAgP:

SW1(config)#interface range Fa0/1 - 2

SW1(config-if-range)#switchport mode trunk

SW1(config-if-range)#channel-group 1 mode desirable

SW2(config)#interface range Fa0/1 - 2

SW2(config-if-range)#switchport mode trunk

SW2(config-if-range)#channel-group 1 mode auto

SW1#show etherchannel summary

Flags: D - down P - in port-channel

I - stand-alone s - suspended

H - Hot-standby (LACP only)

R - Layer3 S - Layer2

U - in use f - failed to allocate aggregator

u - unsuitable for bundling

w - waiting to be aggregated

d - default port

Number of channel-groups in use: 1

Number of aggregators: 1

Group Port-channel Protocol Ports

------+-------------+-----------+----------------------------------------------

1 Po1 (SU) PAgP Fa0/1(P) Fa0/2(P)