Spanning Tree Facts

Spanning Tree Facts

To provide for fault tolerance, many networks implement redundant paths between devices using multiple switches. However, providing redundant paths between segments causes packets to be passed between the redundant paths endlessly. This condition is known as a bridging loop.

To prevent bridging loops, the IEEE 802.1d committee defined a standard called the spanning tree algorithm (STA), or spanning tree protocol (STP). With this protocol, one bridge (or switch) for each route is assigned as the designated bridge. Only the designated bridge can forward packets. Redundant bridges (and switches) are assigned as backups.

The spanning tree algorithm provides the following benefits:

• Eliminates bridging loops
• Provides redundant paths between devices
• Enables dynamic role configuration
• Recovers automatically from a topology change or device failure
• Identifies the optimal path between any two network devices

The spanning tree algorithm calculates the best loop-free path through a network by assigning a role to each bridge or switch and by assigning roles to the ports of each bridge or switch. The bridge role determines how the device functions in relation to other devices, and whether the device forwards traffic to other segments.

Role	Characteristics
Root bridge	The root bridge is the master or controlling bridge. There is only one root bridge in the network. The root bridge is the logical center of the spanning-tree topology in a switched network. The root bridge is determined by the switch with the lowest bridge ID (BID). The bridge ID is composed of two parts: a bridge priority number and the MAC address assigned to the switch. The default priority number for all switches is 32,768. This means that for unconfigured switches, the switch with the lowest MAC address becomes the root bridge. You can manually configure the priority number to force a specific switch to become the root switch. The root bridge periodically broadcasts configuration messages. These messages are used to select routes and reconfigure the roles of other bridges if necessary. All ports on a root bridge forward messages to the network. Note: Newer switches add the VLAN number to the priority value. For example, if you configure a priority value of 4096, the switch will use the priority of 4097 for VLAN 1, 4098 for VLAN 2, and so on.
Designated bridge	A designated bridge is any other device that participates in forwarding packets through the network. They are selected automatically by exchanging bridge configuration packets. To prevent bridging loops, there is only one designated bridge per segment.
Backup bridge	All redundant devices are classified as backup bridges. Backup bridges listen to network traffic and build the bridge database. However, they will not forward packets. A backup bridge can take over if the root bridge or a designated bridge fails.

Devices send special packets called Bridge Protocol Data Units (BPDUs) out each port. BPDUs sent and received from other bridges are used to determine the bridge roles and port states, verify that neighbor devices are still functioning, and recover from network topology changes. During the negotiation process and normal operations, each switch port is in one of the following states:

Port State	Description
Disabled	A port in the disabled state is powered on but does not participate in listening to network messages or forwarding them. A bridge must be manually placed in the disabled state.
Blocking	When a device is first powered on, its ports are in the blocking state. In addition, backup bridge ports are always in the blocking state. Ports in the blocking state receive packets and BPDUs sent to all bridges, but will not process any other packets.
Listening	The listening state is a transitionary state between blocking and learning. The port remains in the listening state for a specific period of time. This time period allows network traffic to settle down after a change has occurred. For example, if a bridge goes down, all other bridges go to the listening state for a period of time. During this time the bridges redefine their roles.
Learning	A port in the learning state is receiving packets and building the bridge database (associating MAC addresses with ports). A timer is also associated with this state. The port goes to the forwarding state after the timer expires.
Forwarding	The root bridge and designated bridges are in the forwarding state when they can receive and forward packets. A port in the forwarding state can both learn and forward. All ports of the root switch are in forwarding mode.

During the configuration process, ports on each switch are configured as one of the following types:

Port type	Description
Root port	The port on the designated switch with the lowest port cost back to the root bridge is identified as the root port. Each designated switch has a single root port (a single path back to the route bridge). Root ports are in the forwarding state. The root bridge does not have a root port.
Designated port	One port on each segment is identified as the designated port. The designated port identifies which port on the segment is allowed to send and receive frames onto that segment. Designated ports are selected based on the lowest path cost to get back to the root switch. All ports on the root bridge are designated ports (unless a switch port loops back to a port on the same switch). Designated ports are selected based on the lowest path cost to get back to the root switch. Designated ports are used to send frames back to the root bridge. Designated ports are in the forwarding state.
Blocking port	A blocking port is any port that is not a root or a designated port. A blocking port is in the blocking state.

When determining both the root port and designated ports on non-root bridge switches, the switches use the following criteria to select the port that is closest to the root bridge.

• The port with the lowest cost to get back to the root bridge becomes the root or designated port. Default IEEE port costs include the following:
  • 10 Mbps = 1000
  • 100 Mbps = 19
  • 1 Gbps = 4
  • 10 Gbps = 2
• If two paths have the same cost, the bridge ID of the next switches in each path is compared. The path with the switch with the lowest bridge ID becomes the path back to the root. Remember that the bridge ID is composed of two parts:
  • The priority number assigned to the switch.
  • The MAC address used by the switch.

  If the priority numbers are the same on both switches, the switch with the lowest MAC address is the path back to the root.

• If the switch has two ports that have the same cost back to the root (for example, if two connections exist to the same switch), the port on the switch with the lowest port ID becomes the designated port.
  • The port ID is derived from two numbers: the port priority and the port number.
  • The port priority ranges from 0-255, with a default of 128.
  • The port number is the number of the port. For example, the port number for Fa0/3 is 3.
  • With the default port priority setting, the lowest port number becomes the designated port.

The biggest disadvantage of STP is that it is slow to respond to topology changes. With a link failure, convergence could take up to 30 seconds. By optimizing switch settings, this delay could be reduced to about 14 seconds, but even this was too long. To improve convergence, Cisco introduced several new proprietary features which can reduce this time to about 1 second. These features include the following:

• Port Fast allows ports that do not have any switches attached to transition immediately to the forwarding state. This transition is possible because if a port does not have a switch attached, bridging loops on that port are eliminated.
• Uplink Fast enables a switch to maintain an alternate path back to the root bridge. If the root port or link goes down, the alternate port can be used to quickly re-establish communication with the root bridge.