Spanning Tree Protocol

Let me start by saying that there are still many network administrators out there who consider the words “Spanning
Tree” to be evil. This stems from the fact that many networks were first segmented using bridges, and this is where
Spanning Tree got its start. The main problem is that just like anything else; Spanning Tree doesn’t work by magic.
When a network is designed with redundancy and a link fails, it takes time to figure everything out and get back up to
date – a process referred to as convergence. When a network using Spanning Tree does experience a failure, it can
take anywhere between 30 seconds to over a minute for the network to converge. On a less-than-reliable large
network, this can cause just as many headaches as it solves. To that end, many network administrators stopped
using Spanning Tree and instead designed their networks loop-free, deciding that the lack of redundancy was better
than dealing with convergence issues. In fact, once routing became a popular way to segment a network, many folks
thought they had seen the end of Spanning Tree.

That was of course until Layer 2 switching became popular, reintroducing the need for the Spanning Tree Protocol on
networks. The good news is that in the meantime, networks and equipment have gotten much more reliable. In that
way, Spanning Tree isn’t nearly as painful as it once might have been, although the protocol itself still works in the
same way it used to.

Spanning Tree isn’t nearly as difficult as most people make it out to be. At the most basic level, Spanning Tree’s job
is to eliminate loops in a bridged or switched network that are caused by redundant paths. It does this by learning the
topology of the network, and then selectively blocking ports to eliminate any loops. This is where the ‘tree’ part comes
in. Instead of a network with loops, with Spanning Tree what you end up with is a tree-like structure of branches.
When a failure occurs, Spanning Tree recalculates the topology, and makes use of the redundant path. If you keep
this in mind as you’re trying to understand the protocol, you’ll really find that Spanning Tree isn’t that complex.

Tip: Spanning Tree’s main purpose is eliminate loops caused by redundant links on switched or bridged networks.

On most switches, Spanning Tree is turned on by default, mainly to help save you from yourself. You might
accidentally introduce a loop to your network without really thinking about it when adding new equipment. To that
end, Spanning Tree can also be turned off; although you’ll want to be sure that you really understand your network
connections before doing that. By default, an instance of Spanning Tree runs on each VLAN that you’ve configured,
although it can be turned off on a per-VLAN or global basis. When turned on, a switch using 802.1d will communicate
with other switches using Spanning Tree to calculate its configuration. A Spanning Tree port can be in one of four
states. These include:

• Listening. In this state, a port is listening to Spanning Tree messages (BPDUs) and attempting to figure out
how the network is configured.
• Learning. In this state, a port is adding addresses to its MAC table, but not yet forwarding frames.
• Forwarding. When in this state, a port is sending and receiving data as normal. During normal operation, a
port will be in either a forwarding or a blocking state.
• Blocking. When in this state, a port will neither send nor receive data, but will listen to network messages
relating to Spanning Tree. By default, all ports are in blocking mode when a switch is first powered on.

So how is the state of a port decided? Well, messages are passed between bridges or switches that are referred to
as Bridge Protocol Data Units (BPDUs). BPDUs are very small frames sent using multicasts to let other switches now
about the network topology with respect to Spanning Tree. We’ll reference BPDUs often as we look at how the
Spanning Tree topology is built.

SPANNING TREE PROTOCOL BRIDGE

The first critical concept in understanding Spanning Tree is that of the Root Bridge. In any Spanning Tree instance,
there is only one Root Bridge, and it must be elected. The Root Bridge is elected in the initial exchange of BPDUs
between bridging devices. But how does the Root Bridge get elected? That’s simple. In networks running STP, every
bridge has a priority value associated with it. By default, the priority of all bridges is 32,768, unless changed by an
administrator. The bridge with the highest priority gets to be the Root Bridge. But wait – you’ll need to remember that
the highest priority is the bridge with the lowest priority value. That is, a bridge priority of 1000 would beat the default
priority of 32,768.
You have probably never touched bridge priorities. So if all the priorities are equal, who wins? That answer is the
bridge with the lowest MAC address. All BPDUs contain a field called the Bridge ID (BID), which is actually made up
of both the bridge’s priority and its MAC address. In cases where all priorities are equal, the bridge with the lowest
MAC address gets to be the Root Bridge. Consider Figure the figure below, where Bridge A will become the Root
Bridge, based on its MAC address.

So why should you care about a Root Bridge? The answer is that all other bridging devices need to calculate a path
to the Root Bridge in order to make decisions on which links will be used, and which will not. By calculating the
distance to the Root Bridge, not only does STP work to build a loop-free topology, but also one that will have the
shortest distance between devices. In the case of STP, “shortest” refers to the path that has the lowest aggregate
cost to the root. We’ll discuss aggregate costs in just a moment.

Tip: When bridge priorities are equal, the switch with the lowest MAC address will become the root bridge.

Spanning Tree Protocol Root Ports

After the Root Bridge has been elected, it’s time for bridges to designate what are known as Root Ports. Before we
can look at how Root Ports work, you need to know something about port costs. Obviously some ports are faster than
others, and usually a faster port will be used to interconnect switches. As such, ports have what is known as a cost
value, based on their speed. The lower a cost value, the faster a port. Table 3-1 outlines cost values used in STP
calculations. It’s worth noting that when originally defined by the IEEE, 1 Gbps seemed like the fastest possible port
speed. As such, there are two cost ranges that you’ll find on switches. The first column shows the original IEEE
Spanning Tree port costs, and the second shows the new cost numbers. The Cisco 1900 switch uses the original
IEEE values by default. Note that port cost values can also be changed.

Table: Original and new IEEE port costs.

Port Speed Original IEEE Port Cost New IEEE Port Cost
1 Gbps 1 4
100 Mbps 10 19
10 Mbps 100 100

Remember that a cost is associated with a port. These cost values are used in calculating which port will be the Root
Port for any given bridge. All Non-Root Bridges will have one Root Port.

The figure below outlines why designating a Root Port is important. In it, bridges are exchanging BPDUs to try and
find the lowest cost to the Root Bridge. Note that Bridge A is the Root Bridge in this case. Because it is the Root
Bridge, both of its ports have a cost of 0. In this example, all of the bridges are connected using 100Mbps links. The
port cost outlined in the table for a 100Mbps link is 19 (using the new IEEE costs).

Let’s walk through the process step by step. The Root Bridge will send out BPDUs with a cost of 0. These BPDUs will
go to the 100Mbps port 1 on both bridges B and C. Since these ports have a cost of 19, the cost associated with port
1 on switches B and C reaching the Root Bridge is 19.

Now since B and C are also connected on segment BC with 100Mbps ports, these ports will also forward out BPDUs.
Let’s assume that B is sending a BPDU to C. In it, it will announce a cost of 19 to reach the root. When it reaches C,
this bridge will add its port cost of 19 to the value in the BPDU. As such, bridge C knows that it can reach the Root
Bridge using port 2 with an aggregate cost of 38, or it can reach the Root Bridge with a cost of 19 using port 1. For
bridge C, the Root Port becomes port 1, as it does for Bridge B as well. For both bridges B and C, port 1 represents
the lowest cost to the root.

To summarize, a Root Port is the port on a switch that has the lowest cost path to the Root Bridge.

Spanning Tree Protocol Designated Ports

You may have noticed that we haven’t talked about loops yet. If you look back at Figure 3-5, a loop definitively exists.
On each network segment, one port needs to be chosen at the Designated Port. The responsibility of the Designated
Port is to act as the single interface to forward traffic destined for the Root Bridge. Recall that in our network example,
3 segments exist. Refer back to Figure 5 to review the costs associated with each port on our network.
To choose the Designated Port, another election needs to take place. Bridges compare their port costs to decide who
gets to be the Designated Port for that segment. Consider each segment in this figure:

On segment AC, the Designated Port will be port 2 on bridge A. That’s because port 2 on bridge A has a cost of 0,
while port 1 on bridge C has a cost of 19.

On segment AB, the Designated Port will be port 1 on bridge A. Again, port 1 on bridge A has a cost of 0, while port 1
on bridge B has a cost of 19. Since their port cost is always 0, it should be clear that ports on the Root Bridge will
always be Designated Ports for their connected segments.

On segment BC, there is a tie. Port 2 on each bridge has a cost of 19. As such, the Designated Port will be the switch
with the lowest MAC address. In this case that’s bridge B, so port 2 on bridge B will become the Designated Port.

Note that after all this is done, all traffic from segment BC will be forwarded out port 2 on switch B. Port 2 on switch C
will be put into blocking mode, as shown in the figure below. Notice also that there are no longer any loops on our
network.

On any given segment, the bridge that has the current Designated Port is also known as the designated bridge.

Spanning Tree Protocol Convergence

While our network is now loop free, STP keeps working away. BPDUs are still sent out at 2-second intervals to be
sure that things are how they should be. If at any point a bridge doesn’t hear from another bridge, the topology will
need to be recalculated. For example, let’s say that bridge B fails. Bridge C will stop receiving BPDUs on its blocked
port. Once 20 seconds have passed without receiving a BPDU from Bridge B, Bridge C will:

• First go into a listening state for 15 seconds. During the listening state, a bridge is examining BPDUs sent by
other bridges.
• Then go into a learning state for 15 seconds. During this time, the bridge is building the MAC address table
for the connected segment. Remember that it was in a blocked state previous to this.
After these stages, Bridge C will become the new designated bridge for segment BC, and will begin forwarding
frames. Note that convergence took about 50 seconds to complete – 20 seconds waiting for a BPDU, plus 15
seconds listening and 15 seconds learning. The time during which a switch is listening and learning is referred to as
the Forward Delay.

While a number of BPDUs are passed back and forth while a Spanning Tree topology is being calculated, in truth
calculating a Spanning Tree topology is really no more than a three-step process:

1. Elect the Root Bridge

2. Elect a Root Port on each non-Root Bridge
3. Elect one Designated Port on each network segment.

Once these steps are completed, a network should be loop free. However, you should also recall that while listening
or learning, ports are not forwarding frames. A network is converged once all bridges have switched to a forwarding
or blocking state.