STP & RSTP
π Spanning Tree Protocol (STP) & Rapid Spanning Tree Protocol (RSTP) β Technical Notes
π Introduction: Why STP is Critical
Ethernet LANs use redundant paths for fault tolerance.
Layer 2 Loops can occur due to lack of TTL (Time-to-Live) in Ethernet frames.
- Loops cause:
Broadcast Storms (uncontrolled BUM traffic)
MAC Address Flapping (instability in switch MAC tables)
STP (802.1D) and RSTP (802.1w) solve these by:
Creating a loop-free logical topology
Blocking redundant links
π§ STP (Spanning Tree Protocol) - IEEE 802.1D / Cisco PVST+
πΈ STP Overview
Default protocol on Cisco switches.
PVST+: Ciscoβs version β one STP instance per VLAN (Per-VLAN STP).
Operates via BPDU (Bridge Protocol Data Unit) exchanges every 2 seconds.
πΉ STP Algorithm: 3-Step Process
1. Root Bridge Election
Switch with the lowest Bridge ID (BID) becomes Root Bridge.
BID = Bridge Priority (default: 32768 + VLAN ID) + MAC Address.
Commands:
1
2
spanning-tree vlan 10 priority 0
spanning-tree vlan 10 root primary
- Verify:
show spanning-tree
2. Root Port Selection
On non-root switches, select port with lowest path cost to the root.
Tie-breakers (in order):
Lowest Root Path Cost
Lowest Neighbor BID
Lowest Neighbor Port ID
Lowest Local Port ID
Cost values:
10 Mbps: 100
100 Mbps: 19
1 Gbps: 4
10 Gbps: 2
3. Designated Port Selection
One Designated Port per segment (responsible for forwarding).
All other ports: Non-Designated (Blocking)
πΉ STP Port States
Disabled β Admin down
Blocking β No data traffic, receives BPDUs
Listening β No traffic, sending/receiving BPDUs
Learning β Learns MACs, no data forwarding
Forwarding β Full forwarding
β‘οΈ Transition: Listening (15s) β Learning (15s) β Forwarding
πΉ STP Timers
| Timer | Default | Purpose |
|---|---|---|
| Hello | 2s | BPDU interval |
| Forward Delay | 15s | Time in Listening & Learning |
| Max Age | 20s | Timeout for BPDU absence |
β‘οΈ Convergence Time: Up to 50 seconds
β‘ RSTP (Rapid STP) - IEEE 802.1w / Cisco Rapid PVST+
πΈ Key Improvements Over STP
| Feature | STP | RSTP |
|---|---|---|
| Convergence Speed | Up to 50s | < 1s (best case) |
| Port States | 5 (including disabled) | 3 (Discarding, Learning, Forwarding) |
| Transition Method | Timer-based | Sync mechanism |
| Port Roles | Root, Designated, Non-designated | Root, Designated, Alternate, Backup |
| BPDU Behavior | Only Root sends | All switches send BPDUs |
| Topology Change Detection | Max Age (20s) | 3 missed BPDUs (6s) |
πΉ RSTP Port States
Discarding = Blocking + Listening
Learning
Forwarding
πΉ RSTP Port Roles
| Role | Purpose |
|---|---|
| Root | Best path to root bridge |
| Designated | One per segment, forwards traffic |
| Alternate | Backup path to root (on different switch) |
| Backup | Backup path on same segment (same switch) |
πΉ RSTP Link Types
| Type | Description | Behavior |
|---|---|---|
| Point-to-Point | Full-duplex links (default) | Fast transitions |
| Shared | Half-duplex/hub links | Falls back to STP behavior |
| Edge | End-device ports | Instant forwarding (PortFast) |
- Configure with:
1
2
spanning-tree portfast
spanning-tree link-type point-to-point
πΉ RSTP Path Costs
RSTP uses both short and long path costs:
| Speed | Short Cost | Long Cost |
|---|---|---|
| 10 Mbps | 100 | 2,000,000 |
| 100 Mbps | 19 | 200,000 |
| 1 Gbps | 4 | 20,000 |
| 10 Gbps | 2 | 2,000 |
| 100 Gbps | β | 200 |
| 1 Tbps | β | 20 |
| 10 Tbps | β | 2 |
Configure:
1
spanning-tree pathcost method {short | long}
π οΈ Cisco STP Toolkit Features (STP & RSTP Enhancements)
| Feature | Function |
|---|---|
| PortFast | Enables fast transition on edge ports (end hosts only). |
| BPDU Guard | Shuts down a PortFast port if BPDU is received. |
| Root Guard | Prevents external switches from becoming root. |
| Loop Guard | Prevents non-designated ports from errantly forwarding. |
| BPDU Filter | Stops BPDUs on specific ports (risky if misused). |
π MSTP (Multiple Spanning Tree Protocol) - IEEE 802.1s
Solves scalability issues in PVST+ by grouping VLANs into MST instances.
Runs a single STP instance per group (not per VLAN).
Uses RSTP mechanics for fast convergence.
Example: VLANs 1β50 β MSTI1, VLANs 51β100 β MSTI2
π ICCP STP Application (RFC 7727)
Used in Provider Edge (PE) redundancy scenarios.
Multiple PEs act as a virtual root bridge.
Uses ICCP TLVs for config/state sync:
- STP Connect, Root Time, Region Config, etc.
Enables active-active operation, unlike VPLS (active-standby).
If a PE fails β remaining PEs recalculate and reconverge.
π‘ RSTP Management via MIB β RFC 4318
Adds managed objects to Bridge MIB (RFC 4188).
Important Objects:
dot1dStpVersiondot1dStpPortAdminEdgePortdot1dStpPortOperEdgePortdot1dStpPortAdminPathCost
Security Consideration: SNMPv3 recommended due to sensitivity of STP control.
π STP vs RSTP β Summary Table
| Feature | STP (802.1D / PVST+) | RSTP (802.1w / Rapid PVST+) |
|---|---|---|
| Convergence Time | Up to 50s | < 6s (often < 1s) |
| Port States | 5 | 3 |
| Port Roles | Root, Designated, Non-Designated | Root, Designated, Alternate, Backup |
| BPDU Handling | Only root bridge generates | All switches generate |
| Topology Change Detection | 20s (Max Age) | 6s (3 missed BPDUs) |
| Edge Port Behavior | Triggers TC | Does not trigger TC |
| Link Types | N/A | P2P, Shared, Edge |
| PortFast/Toolkit Support | Yes | Yes |
| VLAN Scaling | One STP per VLAN (PVST+) | Better with MSTP |
β Interview Tips
Be clear on Root Port vs Designated Port logic.
Understand BPDU Guard vs Root Guard vs Loop Guard differences.
Know the transition states and timers.
Practice troubleshooting scenarios with:
1
2
show spanning-tree
debug spanning-tree events
π Connect With Me
