Spanning Tree – the Roots Go Deeper!
Spanning Tree – the Roots Go Deeper!
While I have posted a couple of blogs regarding spanning-tree, the Layer 2 loop prevention mechanism that runs on Cisco switches, I wanted to post one with a few more switches and a bit more detail on the step-by-step process. Follow the steps as we proceed from a blank scenario to one in which all the switches, MAC addresses, ports, speeds, and costs are included. Seeing the process as it flows from beginning to end really helps solidify the concept. I hope it helps you!
All switches have the default priority: 32768
Let’s put in some fake MAC addresses.
Based on the rule that Bridge ID = Priority and MAC address concatenated and lowest Bridge ID wins, Switch A becomes the root.
Let’s put some speeds and port identifiers on these links…
On root bridge, all ports are designated, which means they are forwarding.
Lowest-cost path from non-root bridge to the root bridge. Ex: C-to-A has multiple paths, but lowest cost is direct link with cost of 4. So for Switch C, g0/1 is the root port.
Lowest-cost path from non-root bridge to the root bridge. Switch B has multiple paths to root also. The direct link has cost 19, but the path from B-to-C-to-A has total cost 8 (4+4). So for Switch B, root port is g0/2.
Lowest-cost path from non-root bridge to the root bridge. For Switch E, lowest-cost is path E-to-C-to-A with total cost 8. So for Switch E, the root port is g0/3.
Lowest-cost path from non-root bridge to the root bridge. For Switch D, lowest-cost path goes like this: D-to-B-to-C-to-A with total cost of 12. So for Switch D, the root port is g0/1.
Now that root ports are identified, we must select the designated ports for each segment. Each link between switches is a segment. The designated port is selected on the bridge with the lowest-cost path to the root bridge. A root port cannot also be the designated port.
Between B and A, and between C and A the designated ports are already selected by virtue of the fact that all ports on the root bridge are designated ports.
Between B and C, switch C has a lower cost to the root (4 vs. 19), so switch C gets the designated port on that segment. Also, that segment already has a root port on B, which means g0/2 on switch B cannot also be the designated port, so switch C, g0/2 becomes the designated port.
Between B and D, switch B has the lower cost path to the root, so g0/1 on B becomes the designated port. As before, since D has the root port on that segment, it can’t also be the designated port, so g0/1 on Switch B is the designated port.
Between C and E, Switch C has the lower cost path to the root (and Switch E has the root port), so g0/3 on Switch C becomes the designated port on that segment.
The ports that remain once the root ports and designated ports are selected are considered non-designated ports (normally they block). So on Switch B and Switch D, the ports that are neither green nor blue (they are black) are the blocking ports.
Notice two possible loops in this network diagram are the big rectangle and the triangle. Each potential loop has a block in place to prevent the loop from occurring. Thus spanning-tree has allowed for redundancy but prevented Layer 2 loops!
To add a little more to this, if Switch D and Switch E each had equal cost paths to the Root, there are tie-breakers. For D and E with equal cost paths to the root, the tie-breaker is to select the switch with the lowest Bridge ID. In that case Switch D would have the designated port and E would block.
All other factors being the same: If Switch D and E had two links between them (not ether-channeled) and also had equal cost paths to the root, the tie would be broken based on lowest Bridge ID and then on port priority.
Default port priority starts at 128, so port 1 would have priority 128.1 and port 2 would have priority 128.2. Lowest priority wins so Switch E would choose to block its port which did not have the lower priority, which would mean E would block port f0/2.
Even though it seems that Layer 2 access layer solutions are slowly being replaced by blazing fast Layer 3 solutions, it pays as a network admin to understand how spanning tree makes its decisions.
I hope you found value in this blog.
Until next time…
You May Also Like
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015