Spanning Tree Protocol (STP) takes root
Spanning Tree Protocol (STP) takes root
So you want redundancy in your network. You want multiple links to the same destination. You want fall back plan on top of fall back plan. But multiple redundant links lead to a dangerous situation – the possibility of a loop in your sacred layer two fabric. How is this situation resolved? Enter Spanning Tree Protocol (STP).
First invented in 1985 by Radia Perlman working for Digital Equipment Corporation, then standardized by the IEEE in 1990 as 802.1d, STP seeks to prevent loops in an Ethernet LAN. If you are seeking certification at the CCNA level, or if you are a network admin who wants a deeper understanding of the network, then delve into the inner workings of this not-so-brand-new protocol.
First off, it is good to note that there have been modifications to the original 802.1d standard as time has progressed, and the end result is still a loop-free layer two topology, but the convergence time has dropped significantly. We are devoting our attention here to the original standard, workings, and terminology of the early 802.1d standard to introduce ourselves to the topic.
When a multiple-switch network exists and multiple links connect the switches, a loop is possible, as shown below:
PC A has more than one way to get to PC B, which is a good thing. Unfortunately, the fact that there are two possible paths means that there exists the potential for a loop. What STP does is to analyze the paths, determine which link or links will be live, and block the unneeded ones.
Let’s say the switch network shown above goes live – that is, those four switches are plugged in at the same time – what happens in STP? The steps look like this:
1. Election of the root bridge
2. Determine path to root using cost
3. Determine port states
4. Stay loop free!
Let’s examine each of these steps. In step one, a root bridge (the big cheese head-honcho bridge) must be elected. As with any election, ballots must be cast. The ballots are cast in the form of BPDUs, which are bridge protocol data units. These are sent every two seconds by default. The winner of the root bridge election is the one with the lowest Bridge ID (BID). The BID is comprised of two parts – the priority and the MAC address – concatenated to form the result which is used to determine the winner of the election. The default priority of Cisco switches is 32768. The MAC address is the layer two information associated with each particular switch. Since older switches will likely have MAC address with lower values than newer switches, a root bridge election left to its own devices (get it?…its own devices! That’s good stuff.) will generally obtain a result where the older switch wins out over the shiny expensive new switch you just installed. Not the result you want? Then influence the election. No, it’s not illegal, you can influence the results of the election without fear of prosecution. Since you can’t change the MAC address, the other alternative is to influence the priority. As mentioned, the default value is 32768, but who says you have to leave it at the default? So set the value lower (in increments of 4096) to influence the winner of the root bridge election. Your goal is to have the higher capacity switch located centrally within your network become the root bridge.
Step two of the process is to determine the best path to the root based upon the cost to get there. Cost is based upon the speed, or data rate, of links in the network. In the topology in our example, let’s say the top left switch is the root bridge. I have shown the topology again with some extra information, such as port identifiers and sample MAC addresses (just a piece of the MAC addresses for example purposes):
Assuming the priority values have not been changed from the default value of 32768, and that all links are 100Mbps, Switch AAAA wins the election based on the lowest MAC address value. Now the other switches must decide on the best route to the root for each of them. For Switch CCCC and Switch BBBB, the choice is obvious – they are both directly connected to the root. This means that each of them select FastEthernet 0/1 as the best path to the root. Let’s do a quick aside and add the topic of cost into the mix. Since our assumption is that all links are 100 Mbps, how is the STP cost obtained?
The 802.1d published cost values are presented in the following table:
So the cost for BBBB to get to the root is 19. The cost for CCCC to get to the root is 19. The slightly more involved part of this is what happens for Switch DDDD. Switch DDDD has two paths to the root. The cost through CCCC is 19 + 19, or 38. The cost through BBBB is 19+19, or 38 also. So in the case of identical results, what breaks the tie? If there exists more than one least-cost paths to the root, the tie-breaker is to select the neighbor with the lowest bridge ID. For Switch DDDD, which neighbor is that? Since BBBB is lower than CCCC, Switch DDDD selects the path through Switch BBBB (meaning the exit interface is F0/2) as the least-cost path.
The third piece is to determine final port states. Possible states discussed here are Designated Ports, Root Ports, and Blocking Ports. Let us consider root ports. Using the information discussed above, we observe that for Switches BBBB and CCCC, port F0/1 for each becomes a root port. All that means is that if you follow the root port, it will eventually lead to the root. In this case, eventually is pretty fast, since the switches are directly connected. At other times, there may be more than one switch between one switch in your organization and the root. Nevertheless, following the root port will lead to the root bridge. Let’s take a moment to exercise our mental prowess: If root ports lead TO the root, will the root bridge ever have a root port? A flurry of mental activity leads to the inevitable conclusion that no, root bridges do not have root ports – they ARE the root, they don’t need to GET TO the root. The term for this is Designated Port. All active ports on the root bridge are in the Designated state. Don’t allow the terminology to confuse you. A designated port is just a port that is forwarding.
The remaining state we wish to cover is blocking. Now that we have determined the Designated and Root Ports in our topology, which port is blocked to prevent a loop? Let us redraw the diagram with the known states depicted:
What happens to port F0/2 on BBBB? Switch DDDD has selected its own port F0/2 as the root, as explained above. If Switch BBBB were now to block its port F0/2, it would destroy the ability of Switch DDDD to get to the root. Since Switch BBBB already has chosen its root port, port F0/2 cannot become a root port. Keep in mind that each LAN segment requires one Designated Port whose job it is to transmit traffic from that segment to the root. With that requirement in place, we deduce that for Switch BBBB, port F0/2 becomes a Designated port. The last determination that must be made is what happens between Switches DDDD and CCCC. Since DDDD has already determined that its lowest cost neighbor is BBBB, the candidate for the Blocking Port must be between DDDD and CCCC. Since only one of them block, we must determine which one becomes the ‘blocker.’ The one who blocks is the one with the worst (highest) BID. Between CCCC and DDDD, DDDD loses this battle, and therefore blocks its port F0/1. Since DDDD is blocking, CCCC still counts port F0/2 as a Designated Port. Thus redundancy exists, but a loop is prevented. Let’s modify our diagram one more time with all the pieces in place:
This has been just a quick and simple view of spanning tree. Next time I would like to get a little deeper into the whole process, especially the default timers and what that means for your network, Spanning Tree Protocol (STP) has been around the block.
Until then, let this topic take root!!
You May Also Like
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
This is part 1 of our 5-part Office 365 free training course. In this Office 365 training video, instructor Spike Xavier introduces some of the most popular services found in Microsoft Office 365 including the Admin Portal and Admin Center. For instructor-led Office 365 training classes, see our course schedule: Spike Xavier SharePoint Instructor – … Continue reading An Overview of Office 365 – Administration Portal and Admin Center
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015