Spanning TreeEXEC

show spanning-tree brief

Displays a brief summary of the Spanning Tree Protocol (STP) state for all VLANs or a specified VLAN on Cisco NX-OS switches.

Overview

The 'show spanning-tree brief' command is a vital tool for network engineers to quickly assess the Spanning Tree Protocol (STP) state on Cisco Nexus switches running NX-OS. STP is a Layer 2 protocol that prevents loops in Ethernet networks by creating a loop-free logical topology. In NX-OS, the default STP mode is Rapid PVST+ (Per-VLAN Spanning Tree Plus), which runs a separate STP instance for each VLAN, allowing for faster convergence and per-VLAN load balancing. This command provides a condensed view of the STP status for all VLANs or a specific VLAN, including the root bridge, local bridge ID, and port roles/states.

Use this command during initial network deployment to verify that the desired root bridge is elected and that all ports are in the correct state. It is also essential during troubleshooting when users report connectivity issues or loops. By comparing the output across switches, you can identify inconsistencies such as multiple root bridges or unexpected blocking ports. The brief output is ideal for a quick health check, while more detailed commands like 'show spanning-tree detail' provide additional information such as timers and BPDU statistics.

On Cisco NX-OS, the command syntax is similar to IOS but with some differences in output formatting. For example, interfaces are listed as Eth1/1, and the protocol is explicitly shown (rstp). The command supports filtering by VLAN, which is crucial in large networks with many VLANs. Understanding this command is fundamental for CCNP Data Center or Enterprise certification exams, as STP is a core topic.

Syntax·EXEC
show spanning-tree brief [vlan vlan-id]

When to Use This Command

  • Quickly verify the root bridge and port roles across all VLANs after a topology change.
  • Troubleshoot unexpected STP blocking or forwarding states in a multi-VLAN environment.
  • Confirm that a specific switch is the root bridge for a particular VLAN.
  • Monitor STP convergence after adding or removing links in a redundant topology.

Parameters

ParameterSyntaxDescription
vlan vlan-idvlan vlan-idOptional parameter to display STP information for a specific VLAN only. The vlan-id is a number from 1 to 4094. If omitted, the command shows STP brief for all active VLANs.

Command Examples

Show spanning-tree brief for all VLANs

show spanning-tree brief
VLAN 1
  Spanning tree enabled protocol rstp
  Root ID    Priority    32769
             Address     0011.2233.4455
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0011.2233.4455
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Interface        Role Sts Cost      Prio.Nbr Type
  ---------------- ---- --- --------- -------- --------------------------------
  Eth1/1           Desg FWD 4         128.1    P2p
  Eth1/2           Desg FWD 4         128.2    P2p

VLAN 10
  Spanning tree enabled protocol rstp
  Root ID    Priority    32778
             Address     0011.2233.4455
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32778  (priority 32768 sys-id-ext 10)
             Address     0011.2233.4455
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Interface        Role Sts Cost      Prio.Nbr Type
  ---------------- ---- --- --------- -------- --------------------------------
  Eth1/1           Desg FWD 4         128.1    P2p
  Eth1/2           Desg FWD 4         128.2    P2p

The output shows STP status for VLAN 1 and VLAN 10. Each VLAN section includes root bridge details (priority, address) and bridge ID of the local switch. 'This bridge is the root' indicates the switch is the root bridge. Interface table shows port role (Desg=Designated), state (FWD=Forwarding), path cost, priority, and type (P2p=Point-to-Point).

Show spanning-tree brief for a specific VLAN

show spanning-tree brief vlan 100
VLAN 100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868
             Address     0022.3344.5566
             Cost        4
             Port        128 (Ethernet1/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32868  (priority 32768 sys-id-ext 100)
             Address     0011.2233.4455
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Interface        Role Sts Cost      Prio.Nbr Type
  ---------------- ---- --- --------- -------- --------------------------------
  Eth1/1           Root FWD 4         128.1    P2p
  Eth1/2           Altn BLK 4         128.2    P2p

For VLAN 100, the root bridge is at address 0022.3344.5566 with cost 4 via port Eth1/1. The local bridge ID shows priority 32868 (32768+100). Interface Eth1/1 is the root port (Root) in forwarding (FWD), while Eth1/2 is an alternate port (Altn) blocking (BLK) to prevent loops.

Understanding the Output

The 'show spanning-tree brief' output provides a concise view of the STP state per VLAN. The first line indicates the VLAN and the STP protocol (e.g., rstp for Rapid PVST+). The 'Root ID' section shows the root bridge's priority, MAC address, and if the local switch is the root. If not root, it also displays the cost to reach the root and the root port. The 'Bridge ID' section shows the local switch's priority and MAC address. The interface table lists each port with its role (Root, Designated, Alternate, Backup), state (FWD, BLK, LRN, LIS), path cost, port priority, and link type. Healthy STP operation shows one root bridge per VLAN, all ports in forwarding (FWD) or designated (Desg) except for blocking (BLK) alternate ports. Problem indicators include multiple root bridges (loop), ports stuck in learning (LRN) or listening (LIS) indicating convergence issues, or unexpected blocking on all ports (isolated switch). High path costs or inconsistent port roles may indicate misconfiguration or hardware issues. In NX-OS, the output is similar to IOS but uses interface names like Eth1/1. The 'Type' column shows P2p for point-to-point links, Shr for shared, or Auto. The 'Cost' is based on link speed (e.g., 4 for 10G). The 'Prio.Nbr' combines port priority (default 128) and port number.

Configuration Scenarios

Verifying Root Bridge Election

A network administrator has configured a core switch to be the root bridge for VLAN 10 by setting its STP priority to 4096. After configuration, they want to confirm the election.

Topology

[Core] (priority 4096) | [Access1] (priority 32768) | [Access2] (priority 32768)

Steps

  1. 1.On Core switch, configure: spanning-tree vlan 10 priority 4096
  2. 2.On Access1, run: show spanning-tree brief vlan 10
  3. 3.Verify that the Root ID shows priority 4106 (4096+10) and MAC of Core, and 'This bridge is the root' appears on Core.
Configuration
! On Core
spanning-tree vlan 10 priority 4096

Verify: On Access1, the output should show Root ID priority 4106 and address of Core, with cost and root port. On Core, it should show 'This bridge is the root'.

Watch out: Remember that the effective priority is the configured priority plus the VLAN ID (sys-id-ext). So priority 4096 for VLAN 10 becomes 4106.

Troubleshooting with This Command

When troubleshooting STP issues on Cisco NX-OS, 'show spanning-tree brief' is the first command to run. Start by checking if the expected root bridge is elected for each VLAN. If multiple switches claim to be root, there may be a BPDU filter or a misconfiguration. Next, examine the port roles: all ports should be either Root, Designated, or Alternate (blocking). If a port is in 'Listening' or 'Learning' state for an extended period, STP convergence may be slow due to high timers or link flapping. Also, look for unexpected 'Blocking' ports that should be forwarding, which could indicate a unidirectional link or a configuration issue like PortFast misapplication.

If a switch shows no root bridge (e.g., 'Root ID' shows all zeros), STP may be disabled or the switch is isolated. Check if the VLAN exists and STP is enabled globally. In NX-OS, STP is enabled by default, but it can be disabled per VLAN with 'no spanning-tree vlan X'. Another common issue is a high path cost causing suboptimal root port selection. Compare the cost values with expected link speeds (e.g., 1G=4, 10G=2). If a port has an unexpectedly high cost, verify the interface speed and duplex settings.

For loops, the output may show multiple root bridges or rapidly changing port states. Use 'show spanning-tree detail' to see BPDU counters and 'show logging' for STP events. Remember that in NX-OS, the 'brief' output does not show timers per port; use 'show spanning-tree interface' for that. Always correlate the output with the network topology diagram to identify anomalies.

CCNA Exam Tips

1.

Memorize that the root bridge is identified by the lowest bridge ID (priority + MAC).

2.

Know that in Rapid PVST+, each VLAN runs its own STP instance; 'show spanning-tree brief vlan X' isolates a VLAN.

3.

Understand port roles: Root (best path to root), Designated (forwarding on segment), Alternate (backup to root), Backup (backup to designated).

Common Mistakes

Confusing 'Root ID' with 'Bridge ID' – the Root ID is the root bridge, Bridge ID is the local switch.

Assuming all ports should be forwarding – blocking ports are normal for loop prevention.

Ignoring the 'Cost' field – high cost may indicate a suboptimal path or misconfigured link speed.

Platform Notes

On Cisco NX-OS, the 'show spanning-tree brief' command behaves similarly to Cisco IOS but with some differences. NX-OS uses interface naming like Eth1/1, while IOS uses GigabitEthernet0/1. The output includes the protocol (rstp for Rapid PVST+), whereas IOS may show 'pvst' or 'rstp'. NX-OS also supports the 'vlan' parameter directly, while in IOS you might use 'show spanning-tree vlan X brief'. Additionally, NX-OS does not support the 'mst' (MST) mode in the brief output; for MST, use 'show spanning-tree mst brief'.

Equivalent commands on other platforms: On Juniper JunOS, use 'show spanning-tree interface' or 'show spanning-tree bridge'. On Arista EOS, 'show spanning-tree' provides similar output. On Cisco IOS, the equivalent is 'show spanning-tree brief' or 'show spanning-tree vlan X'. For NX-OS versions prior to 7.x, the output may differ slightly; always check the documentation for your specific version. The command is available in all NX-OS modes (EXEC) and does not require any special privileges.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions