Spanning TreeEXEC

show spanning-tree

Displays the Spanning Tree Protocol (STP) status and configuration for all VLANs or a specific VLAN on Cisco NX-OS switches.

Overview

The 'show spanning-tree' command is a fundamental troubleshooting and verification tool for Spanning Tree Protocol (STP) on Cisco NX-OS switches. STP prevents loops in Ethernet networks by creating a loop-free logical topology. On NX-OS, the default STP mode is Rapid PVST+ (Per-VLAN Spanning Tree Plus), which runs a separate instance of STP for each VLAN, providing faster convergence than classic STP. This command displays the STP state for all VLANs or a specific VLAN, including root bridge information, bridge ID, port roles, port states, and timers. It is essential for verifying STP convergence, identifying root bridges, and troubleshooting loops or connectivity issues. Network engineers use it during initial deployment to ensure proper root bridge placement, after changes to verify topology, and during outages to detect blocking ports or flapping interfaces. On NX-OS, the output is similar to Cisco IOS but with some differences: NX-OS uses 'rstp' as the protocol (Rapid PVST+), and the 'brief' option provides a concise per-VLAN root bridge summary. The command also supports MST (Multiple Spanning Tree) with the 'mst' keyword. Understanding this output is critical for CCNP and CCIE candidates, as STP remains a core topic in enterprise networks.

Syntax·EXEC
show spanning-tree [vlan vlan-id] [brief] [detail] [interface interface-id] [root] [bridge] [mst] [backbonefast] [uplinkfast] [pathcost method]

When to Use This Command

  • Verify the root bridge election and port roles (root, designated, alternate) for a specific VLAN.
  • Troubleshoot a network loop by checking for blocked ports or unexpected port states.
  • Confirm STP timers (hello, forward delay, max age) and bridge priority values.
  • Monitor STP topology changes and identify flapping interfaces.

Parameters

ParameterSyntaxDescription
vlan vlan-idvlan vlan-idSpecifies a single VLAN (1-4094) to display STP information for. If omitted, all VLANs are shown.
briefbriefDisplays a condensed summary showing root bridge ID and root port per VLAN. Useful for a quick overview.
detaildetailShows detailed STP information, including per-port BPDU counters and timers. Often used with 'interface' for granular troubleshooting.
interface interface-idinterface interface-idLimits output to a specific interface (e.g., ethernet 1/1). Shows port-specific STP role, state, and counters.
rootrootDisplays only the root bridge information for each VLAN.
bridgebridgeDisplays only the local bridge ID information for each VLAN.
mstmstDisplays MST (Multiple Spanning Tree) instance information instead of PVST+.
backbonefastbackbonefastDisplays BackboneFast status and statistics. BackboneFast is a Cisco proprietary STP enhancement.
uplinkfastuplinkfastDisplays UplinkFast status and statistics. UplinkFast accelerates convergence after a root port failure.
pathcost methodpathcost methodDisplays the path cost calculation method (long or short) used by STP.

Command Examples

Basic STP status for VLAN 10

show spanning-tree vlan 10
VLAN0010
  Spanning tree enabled protocol rstp
  Root ID    Priority    32778
             Address     00de.fb0b.1234
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32778  (priority 32768 sys-id-ext 10)
             Address     00de.fb0b.1234
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Eth1/1           Desg FWD 4         128.1    P2p
Eth1/2           Desg FWD 4         128.2    P2p

VLAN0010: VLAN ID. Root ID: shows root bridge priority and MAC; 'This bridge is the root' indicates this switch is root. Bridge ID: local bridge priority (32768 + VLAN 10 = 32778). Interface table: Role (Desg=Designated, Root, Altn=Alternate), Sts (FWD=Forwarding, BLK=Blocking), Cost (path cost), Prio.Nbr (port priority.number), Type (P2p=point-to-point).

Brief STP summary for all VLANs

show spanning-tree brief
VLAN                     Root Bridge ID          Root Port    Hello Max Fwd
---- ---------------------------------------- ---------- ----- --- ---
1       32769.00de.fb0b.1234                    Root         2    20  15
10      32778.00de.fb0b.1234                    This bridge  2    20  15
20      32788.00de.fb0b.5678                    Eth1/3       2    20  15

Each row shows VLAN, root bridge ID (priority.MAC), root port (or 'This bridge' if root), and timers. Useful for a quick overview of root bridges per VLAN.

Detailed STP for an interface

show spanning-tree interface ethernet 1/1 detail
Port 1 (Ethernet1/1) of VLAN0010 is forwarding
  Port path cost 4, Port priority 128, Port Identifier 128.1
  Designated root has priority 32778, address 00de.fb0b.1234
  Designated bridge has priority 32778, address 00de.fb0b.1234
  Designated port id is 128.1, designated path cost 0
  Timers: message age 0, forward delay 0, hold 0
  Number of transitions to forwarding state: 1
  Link type is point-to-point by default
  BPDU: sent 100, received 0

Shows detailed per-port STP info: port state, path cost, designated root/bridge, BPDU counters. Useful for verifying BPDU exchange and port role.

Understanding the Output

The 'show spanning-tree' output is organized per VLAN. The first section shows the root bridge ID (priority and MAC) and whether the local switch is the root. The bridge ID section shows the local switch's priority and MAC. The interface table lists each port with its STP role (Desg, Root, Altn, Back), state (FWD, BLK, LRN, LIS), path cost, port priority, and link type. Healthy values: root bridge should be consistent across the network; all ports should be in FWD or BLK as expected; no excessive topology changes. Problem indicators: unexpected root bridge, ports stuck in BLK or LRN, high TCN counts, or inconsistent timers. The 'brief' variant gives a quick root bridge summary per VLAN. The 'detail' variant provides per-port BPDU statistics and timers, useful for troubleshooting BPDU loss or misconfigurations.

Configuration Scenarios

Setting Root Bridge Priority for VLAN 10

You want to ensure a specific Nexus switch becomes the root bridge for VLAN 10 by lowering its priority.

Topology

+----------+ | Root | | Switch A | +----+-----+ | | Eth1/1 | +----+-----+ | Switch B | +----------+

Steps

  1. 1.Enter configuration mode: configure terminal
  2. 2.Set the STP priority for VLAN 10 on Switch A: spanning-tree vlan 10 priority 4096
  3. 3.Exit configuration mode: end
  4. 4.Verify the root bridge: show spanning-tree vlan 10
Configuration
! On Switch A
configure terminal
spanning-tree vlan 10 priority 4096
end

Verify: Run 'show spanning-tree vlan 10' on both switches. Switch A should show 'This bridge is the root' and have priority 4096. Switch B should show Switch A's MAC as root.

Watch out: If the priority is set to a value that is not a multiple of 4096, NX-OS will reject it. Also, ensure no other switch has a lower priority.

Enabling PortFast on an Access Port

To speed up convergence for an end-host port, enable PortFast to bypass STP listening/learning states.

Topology

+----------+ | Switch | +----+-----+ | Eth1/1 | +----+-----+ | PC | +----------+

Steps

  1. 1.Enter interface configuration: interface ethernet 1/1
  2. 2.Enable PortFast: spanning-tree port type edge
  3. 3.Exit and verify: show spanning-tree interface ethernet 1/1 detail
Configuration
! On the switch
configure terminal
interface ethernet 1/1
spanning-tree port type edge
end

Verify: The interface should show 'Edge port' in the output. The port will transition directly to forwarding without STP delays.

Watch out: Never enable PortFast on ports connecting to other switches, as it can cause loops. Use 'spanning-tree port type network' for switch-to-switch links.

Troubleshooting with This Command

When troubleshooting STP issues on Cisco NX-OS, 'show spanning-tree' is the first command to run. Start with 'show spanning-tree brief' to get an overview of root bridges per VLAN. If a VLAN shows an unexpected root bridge, check the bridge priority and MAC address. If a port is in a blocking state (BLK) when it should be forwarding, examine the port role: an alternate port is expected to block, but a designated port should forward. Use 'show spanning-tree interface <interface> detail' to see BPDU counters: if BPDUs are not being sent or received, check interface configuration (e.g., port type, speed/duplex mismatches). High 'Number of transitions to forwarding state' indicates flapping, often due to physical issues or configuration changes. If topology change notifications (TCNs) are excessive, look for ports with PortFast enabled on switch links or unstable interfaces. For MST, use 'show spanning-tree mst' to verify instance mapping and regional consistency. On NX-OS, remember that Rapid PVST+ is default; if you see 'rstp' in the output, convergence should be fast. If loops occur, check for missing STP configuration on new VLANs or misconfigured port types. Always verify that all switches in the network agree on the root bridge; a single misconfigured priority can cause suboptimal paths. Use 'show spanning-tree vlan <vlan> root' to quickly see the root bridge ID. If a switch is not participating in STP for a VLAN, ensure the VLAN exists and is active. Finally, check for any 'spanning-tree guard' features (root guard, BPDU guard) that might be blocking ports unexpectedly.

CCNA Exam Tips

1.

Remember that NX-OS uses Rapid PVST+ by default; know the differences from classic STP (802.1D) and MST.

2.

Be able to identify root bridge, root port, designated ports, and alternate ports from the output.

3.

Understand how bridge priority and VLAN ID combine (e.g., priority 32768 + VLAN 10 = 32778).

Common Mistakes

Assuming the switch with the lowest MAC is root; priority is checked first, then MAC.

Confusing port roles: root port is the best path to root, designated port forwards on a segment, alternate port blocks.

Forgetting that 'show spanning-tree' without a VLAN shows all VLANs; use 'vlan' to filter.

Platform Notes

On Cisco NX-OS, the 'show spanning-tree' command behaves similarly to Cisco IOS but with key differences. NX-OS uses Rapid PVST+ as the default STP mode, whereas IOS often defaults to PVST+ or MST depending on the platform. The output on NX-OS explicitly states 'Spanning tree enabled protocol rstp' for Rapid PVST+. The 'brief' option is available on both, but NX-OS includes the root port column. NX-OS also supports MST with the 'mst' keyword, while IOS uses 'spanning-tree mst' configuration. For interface-level details, NX-OS requires the 'detail' keyword, whereas IOS often shows more detail by default. NX-OS does not support UplinkFast or BackboneFast as separate commands; instead, Rapid PVST+ inherently provides fast convergence. The 'pathcost method' parameter is available on NX-OS to show the cost calculation (long or short). In terms of version differences, NX-OS 7.x and later have consistent output, but earlier versions might have slight formatting variations. On other platforms like Juniper Junos, the equivalent command is 'show spanning-tree' or 'show spanning-tree interface', but the output format differs significantly. For Arista EOS, 'show spanning-tree' provides similar information but uses different terminology (e.g., 'RootGuard' instead of 'root guard'). Understanding these nuances is important for multi-vendor environments.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions