Introduction to STP

STP and RSTP Protocols. Basic understanding of the loop prevention mechanism. 

Learning Spanning Tree Protocol (STP) I found how important this concept is for layer 2 switching of the redundancy prevention. Beginning network engineers should not overlook or misunderstand this fundamental topic, even though PVST+, RPVST+, or MSTP protocols are the only ones found on Cisco modern switches. I think there is still a possibility to work with an old switch working on the STP protocol in a small LAN network. An old STP switch will work perfectly with new Cisco RSTP switches. Small variations exist in processing, though. 

It is obvious that redundancy is critical for maintaining network reliability, availability, and fault tolerance.

Redundancy, where redundant links can be utilised in layer 2 topology, is the primary advantage of any STP or RSTP protocol.

Figure 1: Redundant connectivity between three switches at layer 2.

Figure 1: Redundant connectivity between three switches at layer 2. 

What could happen when STP is not enabled when free switches are connected together?

We need to understand that aggregation topology in a LAN network might cause three main effects:
1. Broadcast storm
2. Instability of MAC table
3. Copied of MAC entries (multiple copies of the same records)

Figure 2: Broadcast storm with an unapplied STP protocol.

Figure 2: Shown a broadcast storm with an unapplied STP protocol. 

The Ethernet frame could loop around the LAN practically endlessly in the absence of STP. The fact that the loop will rotate both clockwise and anticlockwise adds to its complexity.
For example, PC 1 sends a broadcast message to switch 3. Next, switch 3 sends a broadcast message to switch 1 and switch 2. Subsequently, switch 1 forwards the broadcast message to PC2 and switch 2. To start the circle, switch 2 sends packets to PC 3 and switch 1 after previously receiving a broadcast signal from switch 3. As we see, the circle is created. and the loop is generated in both directions using all resources.

To make it more straightforward, let's rephrase this process above it in the bullet points following the diagram (fig. 2):

This broadcast storm will affect the instability of MAC addresses. The MAC entries arrive on different ports. For instance, switch 3's ports Fa0/1 (which comes straight from switch 1) and Fa0/2 (which comes from switch 2) can both receive MAC records entries from PCs 2 or 3.
T2). The last significant issue can be the effect of multiplied frames (copies of the same frames) that arrived at the switch destination.

STP prevents loops by placing each switch port in one of two forwarding or blocking modes. There are some temporary states, like listening and learning, which will be described later in this paper.

STP is in action

Spanning Tree Protocol (STP) prevents loops by placing ports in two modes: forwarding or blocking. We will talk about two additional states of listening and learning later in this paper.

Reiterating the reasoning behind this claim, we assert that STP does an excellent job of blocking the port that will cause the loop. The example is shown in the picture below (fig.3).

Figure 3: Blocked link in spanning-tree protocol.

Figure 3: Blocked link in spanning-tree protocol. 

Spanning-Tree Algorithm (STA)

The STP and RSTP protocols place each port in a forwarding or blocking state.

There is a strict process (STA) for selecting a port and converging the port from blocking to forwarding state and vice versa. However, the easiest way to understand it is that for any port not stated in the forwarding state, STP and RSTP will be placed in the blocking state.

Recall that if the port is not in the forwarding state, it automatically goes to the blocking state.

Figure 4: Root and designated port.

Figure 4: Root and designated port. 

Interfaces in blocking state do not process any frames, excluding BPDU messages. So, interfaces that are blocked do not learn MAC addresses and do not process received frames. They just ignore any coming frames on the blocked ports.

Electing the Root Switch

Switches select the root switch based on the bridge ID (BID) included in the BPDU messages (Bridge Protocol Data Units). The root switch is the switch with the lower bridge ID (BID). Switches compare the bridge ID’s (BID’s) and select the winner with the lowest number of ID.
The bridge ID is an eight-byte, unique number. It includes the priority number and MAC address number.
Bridge ID = Priority field (2 byte) + MAC Address (6 byte)
If the priority numbers are the same (the same for both switches comparing their values), the MAC address decides which one is the winner.
As we know, the MAC addresses are physical, unique numbers. Thus, when two ID numbers are identical, the MAC address will finally determine the root switch.
In our case on Figure 5, switch 1 won the election and came as the root switch. All switches have the same default ID number value of 32769 (Cisco assigns a default value of 32769), but switch 1 has the lower MAC address.

Figure 5: Switch 1 won the election and became the root switch.

Figure 5: Switch 1 won the election and became the root switch. 

All ports on the root switch are called designated ports and work in continuous forwarding mode. The ports on non-root switches with connections to the root switch are called root ports. It sounds quite complicated for the first time you hear it, but it has solid logic.
Root ports (located on non-root switches) are ports with the lowest cost path between the root switch and the connected switch.

So, to check the spanning-tree protocol on the switch, we select the following command:

Switch-1 # show spanning-tree

Now that we know how the root switch is chosen, I am ready to explain the process of port selection. Thus, the second part of the STA algorithm is to calculate the root cost. The root cost is the sum of all port costs (administrative costs) at ports where the frames could exit, flowing through the switches. In the example below, the root cost for port Fa0/2 on switch 3 is 8. The STP calculates the root through the two paths from switch 3 through switch 2 to the root switch (switch 1). There is a sum: 4 + 4 = 8 of the total cost. 

Figure 6: Root cost of STP and RSTP protocols.

Figure 6: Root cost of STP and RSTP protocols.

Another path to the root switch from Switch 3 is directly from port Fa0/1, and the cost is equal to 5. This is a lower cost than forwarding packets from the Fa0/2 port. This Fa0/1 won and stays in forwarding mode, and now it is called the root port. The port Fa0/2 on switch 3 is blocked as it has a higher root cost (see figure 5).

Administrative cost

Saying again, the root cost represents the total cost of the path flow. The STP algorithm uses the BPDU message to gather information and calculate the total cost (root cost). The lower cost is the one to make the root port. It is important to note that part of the cost is based on the port capacity, as shown in Table 1.

When two or more paths are identical, there is a standard rule for a tiebreaker based on root cost that applies:

Hello message as a part of the selection process

Each active port produces a BPDU Hello message every 2 seconds. This information is forwarded to linked devices. For example, three switches are connected together, as shown in Figure 5. Active ports transmit BPDU messages with information about the cost, bridge ID, and more.
With all of this data, each switch is able to determine which switch on the LAN is the root switch, continuously comparing its own bridge ID to the rest of the switches.
After the election process, the root switch’s BPDU is forwarded as a “super BPDU message” to the rest switches. However, the comparison of the own BDPU to “Super BPDU” messages is still processing. The switch can act immediately upon any change in the topology.

Table 1: Administrative cost.

Convergence in STP process

When a port is transitioning from one stage to another, say, from blocking to forwarding state or reverse, this is known as the convergence process.
The main negative factor of the STP protocol is time during convergence. The transition from a forwarding to a blocking state should happen immediately. However, when the port is changing from a blocked to a forwarded state, there is a problem.
The port does not forward any frames during its 15-second listening state in the convergence process (from blocking to forwarding). This is the time when switches remove outdated MAC tables. In the next stage of convergence process, which is called learning, the switches do not forward any frames to new MAC

Table 2 : Convergence functions of STP protocol 

The waiting time from blocking to forwarding is about 50 seconds. This is a long time for the user to complete network recovery. As a result, IEEE introduced Rapid STP (RSTP) as part of the 802.1w standard in 2001. The RSTP significantly reduced convergence time from 50 seconds to a few seconds. Therefore, RSTP is designed with a short delay time from blocking to forwarding state. Listening and learning states were removed, and the maximum age time was reduced from ten to three times that of the hello packet (3 x 2 seconds). The blocking port is referred to as the “alternative” port in the RSTP protocol. The functions, however, remain the same. 

RSTP adoption is required for the VLAN topology

When STP was introduced in 1994, VLAN technology was not yet in place. After a short introduction, VLAN remains the fundamental part of LAN, with the major benefits of broadcast, scalability, simplified network management, and security control.

RSTP includes Common Spanning Tree (CST) for the entire LAN topology. Nonetheless, there is a needed solution for balancing traffic across the available links.
In 2011, Cisco introduced the PVSTP+ and RPVST+ protocols.

Table 3 : Protocols and standards 

Cisco configuration of RPVST+ allows you to balance traffic between VLANs. It means that each vlan has its own setup of a root server, designated ports, and root ports. It smartly balances the traffic between VLANs on different LAN paths. For example, vlan 10 blocks port Fa0/2 on switch 2, but vlan 20 blocks port Fa0/1 on switch 2 (see figure 7). 

Figure 7 : Load balancing with Vlan 10 and Vlan 20

Figure 7 : Load balancing with Vlan 10 and Vlan 20 

The bridge ID Update

The next important key point is the updated BPDU message, which includes the following main elements: 4 bits of priority, 12 bits of system ID extension, and 6 bytes of MAC address. In the RPVSTP+ protocol, the priority number was reduced from 2 bytes to 4 bits. The only part configurable by the network engineer is the 4-bit priority field.

Primary and Secondary Root

We have two choices to manually select root switch for each vlan balancing the traffic. We can change a 4-bit ID value (in decimal) or setup primary/secondary root, both methods from Cisco CLI commands. Below, we see a changed priority number from default on Cisco devices from 32768 to a value of 4096.

Figure 8: Updated bride ID.


Remember that you are allowed to change the priority number by multiplying 4096.

As I mentioned above in this article, Cisco allows to create primary and secondary root switch concepts without configuring the priority number.

Figure 9: Shown bridge priority increasement from the command line.

Figure 10: Configuration of primary and secondary switch root from the command line of switch.

Figure 11: Command to see spanning tree setting for the VLAN 10.

We can check spanning tree protocols for selected VLANs. Our root switch for Vlan 10 is switch 1 with priority of 4106. This is the sum of priority (4096) and Vlan number (10)

4096 + 10 = 4106

On Cisco switches, there are three available spanning-tree protocols: PVST+, RPVST+, and MSTP. 

Table 4: Protocols available on Cisco devices.

Figure 12: show spannning tree command.

We are allowed to select the protocol we want to use for loop blocking, though. RVST+ is the default protocol.

Figure 13: STP protocols that can be selected on a Cisco switch.

Figure 14: summary of STP protocol from the command line of a Cisco switch.

Summary

This article provides an overview of the Spanning Tree Protocol (STP) and its significance in preventing network loops in Layer 2 switching environments. It emphasises the importance of redundancy for network reliability and fault tolerance, highlighting that while modern Cisco switches use protocols like PVST+, RPVST+, or MSTP, understanding STP remains fundamental for network engineers.

The article outlines potential issues in networks lacking STP, such as broadcast storms, MAC table instability, and duplicate MAC entries, which can lead to network inefficiencies and failures. It explains how STP mitigates these problems by placing switch ports into forwarding or blocking states to prevent loops. Additionally, the article touches upon the Spanning-Tree Algorithm (STA), which governs the process of port state transitions to maintain a loop-free network topology.