Spanning Tree Protocol (STP) Introduction
Spanning Tree Protocol (STP) was developed before switches were created in order to deal with an issue that occurred with networks that were implementing network bridges. STP serves two purposes: First, it prevents problems caused by loops on a network. Second, when redundant loops are planned on a network, STP deals with remediation of network changes or failures.
The difference between a bridge and a switch is that a switch functions like a multiport bridge; whereas a bridge might have two to four ports, a switch looks like a hub and, on an enterprise network, will usually have 12 to 48 ports. As you go through this chapter, note that STP technology uses the term bridges, when you are actually placing switches (multiport bridges). At the time STP was created, switches did not exist. Clear as mud?
STP is a Layer 2 protocol that passes data back and forth to find out how the switches are organized on the network and then takes all the information it gathers and uses it to create a logical tree. Part of the information STP receives defines exactly how all the network switches are interconnected.
STP builds this information by sending out network packets called Bridge Protocol Data Units (BPDUs or sometimes BDUs). These BPDUs — or rather the data in them — control the way STP determines the network topology.
The following figure shows a basic network with simplified 4-digit MAC addresses for the switches. All the switches on the network will send BPDU frames to the entire network, even if a network that does not have any loops. These packets, by default, are sent out on the network every two seconds, are very small, and do not negatively affect the network traffic.
If you are performing a packet capture on a network, however, be aware that these packets fill your capture screen quickly and can be distracting when reviewing your captured data. The initial process of sending BPDU frames will determine which switch will be the Root Bridge and act as the controller or manager for STP on the network. By default, the Root Bridge is the switch with the numerically lowest MAC address.
Identifying Root Ports
The BPDU, which every switch sends, contains information about the switch and its Bridge ID that uniquely identifies the switch on the network. The Bridge ID is made of two components: a configurable Bridge Priority value (which is 32,769 by default) and the switch MAC address.
If none of the switches on your network has had its Bridge Priority values adjusted, then the switch with the lowest MAC address will be the Root Bridge; but if the Bridge Priority values on your network have been modified, the Root Bridge will be the switch with the lowest Bridge Priority value. The Root Bridge shown in the preceding figure is switch 11:11.
After the Root Bridge is identified, all other switches determine the quickest path from themselves to the Root Bridge. Some switches have more than one path to the Root Bridge due to a network loop. In the preceding figure, switch 11:22 has two paths, one that is two hops away from the Root Bridge and one that is one hop away.
If the speed of the networking technology is the same for all network segments, the path with the fewest number of hops is designated as the Root Port.
The switch will identify which of its interfaces is the Root Port. Each network technology has a rated speed, so based on the technology of each network segment between the switch and the Root Bridge, the switch is able to calculate the cost of each available path.
The following table lists the STP cost associated with each network technology speed. Notice in the table that the data rate is inversely proportional to the STP cost.
|Data Rate||STP Cost|
In the following figure, all the Root Ports are identified. In the event that a switch has two paths to the Root Bridge and each path has the same cost, then the switch will look at the BPDU frames from its closet neighbor on each of the paths. The switch will designate its Root Port based on the neighbor with the lowest Bridge ID.
Identifying Designated Ports
Each switch knows the least cost path to take to get to the Root Bridge, which may require passing data to another switch's interface. For the sake of this example, the main switch that is being used in the example the reference switch and its neighbor the neighbor switch. The port on the next closest switch (neighbor switch) to the Root Bridge that is facing the reference switch is called the Designated Port.
The reference switch will use the Designated Port as its path to get to the Root Bridge. The following figure identifies all the Designated Ports that the downstream switches will use to send data to the Root Bridge.
You still have one outstanding problem to resolve. There are still loops on this network that threaten to bring the current network down; however, by working through how all the Root Ports and Designated Ports are assigned, you have actually completed the work to resolve the loop issue on the network.
In the figure immediately preceding this section, only two ports are used to connect to neighboring switches that are neither Root Ports nor Designated Ports. Because these ports do not have either role assigned to them, they are part of a loop on the network. If you review the figure, you should be able to identify the loops on the network. To resolve the loop issue, STP puts these ports without a role into Blocking state, which means these are Blocking Ports.
Blocking Ports are ports that do not allow traffic to be sent or received through the port; it is blocking the traffic. Essentially, you could say that the Blocking Ports have been disabled, but they are not disabled. Since the ports are not disabled, the switch on the other end of the link still sees the link as active, but frames that are sent over that link (excluding BPDU frames) are dropped (blocked).
The following figure shows you the completed STP diagram, including the Blocking Ports.