day 20/21 STP

Spanning tree’s purpose

a layer 2 protocol…

Prevents Network Loops:

In switched networks, multiple paths can create loops, causing broadcast storms that flood the network and bring it down. STP stops this by blocking redundant links. 

TTL is used to

prevent infinite loops at layer 3 (layer 2 uses STP)

switches from all vendors run

STP by default

STP prevents layer 2 loops by

placing redundant ports in a blocking state

Forwarding interfaces

• send and receive all normal traffic

STP hello BPDU timer

2 seconds

All ports on the root bridge

• are put in forwarding state

Default Bridge priority is

32768

The switch with the lowest becomes the root bridge

• Mac address

PVST

Per-Vlan Spanning-tree

In Spanning Tree Protocol (STP), 32769 isn't the base priority but often the Bridge ID (BID) for VLAN 1 on a Cisco switch because the default priority (32768) is combined with the VLAN ID (1) using the System ID Extension (4 bits), making the default BID for VLAN 1 32768 + 1 = 32769. While the true default priority value is 32768, the addition of the VLAN ID for each instance (like in PVST) results in the 32769 seen in many default scenarios, where a lower number wins the root bridge election. 

In Spanning Tree Protocol (STP), 32769 isn't the base priority but often the Bridge ID (BID) for VLAN 1 on a Cisco switch because the default priority (32768) is combined with the VLAN ID (1) using the System ID Extension (4 bits), making the default BID for VLAN 1 32768 + 1 = 32769. While the true default priority value is 32768, the addition of the VLAN ID for each instance (like in PVST) results in the 32769 seen in many default scenarios, where a lower number wins the root bridge election. 

All interfaces on Root port in STP are

Designated

When a switch is powered on

it assumes it is the root bridge… until It gets a superior BPDU

Every switch that isn’t the root

elects a Root port with the lowest root cost

Root ports are also

in a forwarding state

10 mbps cost in STP

100

100 mbps cost in STP

19

1 gbps cost in STP

4

10 gbps cost in STP

2

STP selection order

• Lowest Root Cost

• Lowest Neighbor Bridge ID

• Lowest NEIGHBOR Port ID

View spanning tree

show spanning-tree

How to find Port ID

• show spanning-tree

• look for Prio.nbr

Each link in STP is a

collision domain

word for blocking in STP

non-designated

STP port states

• blocking (non designated)

• learning

• listening

• forwarding (designated)

Interfaces in a blocking state

receive STP bpdu’s (the other side is designated) they need to receive to be ready to transition..

how long is the listening state in STP and what determines the time?

• 15 seconds

  • Forward Delay Timer

Listening state does what?

• only forwards/receives STP bpdu’s

• doesn’t learn MAC

Learning state does what and how long is it?

• 15 seconds

• only sends/receive BPDU’s but not regular traffic

• Learns MAC addresses

Forward delay timer is used for

listening and learning states

what’s the main difference between listening and learning STP states

Learning → learns MAC addresses

max age timer

20 seconds

Hello STP timer

sends BPDU’s every 2 seconds

purpose of max age timer

• if it doesn’t Receive BPDU’s then the topology will change

why can Forwarding state move directly to blocking

• there’s no forward delay or max age timer…. No risk of broadcast storm

ONLY Enabled on interfaces connected to end hosts

Portfast

what is the purpose of portfast

bypass the listen and learning stages to move immediately to forwarding state

configure portfast

• int g0/2

  • spanning-tree portfast

command to enable portfast on all access ports (NOT TRUNK ports)

• spanning-tree portfast default

used to prevent loops (enable it on end devices with port fast)

BPDUguard

BPDUguard does what?

shuts down the interface to prevent loop/broadcast storm

Configure Bpduguard

spanning-tree bpduguard enable

enable BPDUguard on all interfaces that have PORTFAST

spanning-tree bpduguard default

enable port that was disabled by bpduguard

• shutdown

  • no shutdown

don’t use BPUguard or portfast

on interfaces connected to switch

Even if it receives a superior BPDU with this enabled, the switch won’t accept it as the Root Bridge

root guard

with this enabled, even if the interface stops receiving BPDUs, it will not start forwarding

loop guard

configure STP mode

spanning-tree mode ?

If current root bridge fails

• this is why we configure a secondary root bridge

configure root bridge in STP

• spanning-tree vlan # root primary

• do show spanning-tree

set secondary root in STP

• spanning-tree vlan # root secondary

STP load-balancing

configure different root bridges for different VLANs (that way in Vlan 1 the non designated port isn’t useless in vlan 2)

Cost and Port-priority are configured on a

per vlan basis (they change the result of the root or designated port status)

what is Cost

root cost (gigabit is 4)

Even if you configure portfast on a trunk port

it won’t be active

command to see STP

show spanning-tree interface g0/2 detail

Do Lab now

k

in STP it is better to have a higher or lower priority

Lower