You already know STP prevents loops, but on the CCNA 200-301 exam, you need to understand how RSTP and MSTP improve convergence and scalability. RSTP provides fast convergence (1-3 seconds) while MSTP allows multiple VLANs to share a single spanning-tree instance, reducing CPU and bandwidth usage. This chapter covers exam objective 2.5: Spanning Tree Protocol, specifically RSTP and MSTP. Real networks rely on these protocols to balance redundancy and performance, so mastering them is essential for both the exam and real engineering work.
Jump to a section
Imagine a city's road network connecting several neighborhoods (VLANs). In the old days (802.1D STP), every car (frame) had to go through a single traffic light at every intersection, causing delays even when roads were empty. That's like STP's 30-50 second convergence. RSTP is like adding traffic sensors that change lights instantly when a road is blocked — cars reroute within seconds. But here's the problem: if you have 100 neighborhoods, you'd need 100 separate road networks, each with its own traffic lights and sensors. That's PVST+ — one spanning tree per VLAN, which wastes bandwidth and CPU. MSTP solves this by grouping neighborhoods into zones (instances). For example, all neighborhoods with similar traffic patterns share one set of traffic lights (one spanning tree instance). You configure which VLANs belong to which instance. The city (network) still has multiple paths, but only a few traffic control systems manage them. This reduces overhead while still providing fast failover. The key is that MSTP uses RSTP's fast convergence within each instance, so you get both efficiency and speed. Just like a city with express lanes (RSTP) and toll roads (MSTP instances) that separate traffic efficiently.
What is RSTP and Why It Exists
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) is an evolution of the original 802.1D STP. The primary goal is the same — prevent Layer 2 loops while providing redundancy — but RSTP achieves convergence in 1-3 seconds instead of 30-50 seconds. Why does this matter? In modern networks with virtualized servers and real-time applications, a 30-second outage is unacceptable. RSTP achieves this speed by changing port roles and states, introducing new BPDU handling, and using a more proactive convergence mechanism.
RSTP defines three port roles: Root Port (RP), Designated Port (DP), and Alternate/Backup Port (AP/BP). The Alternate Port is a backup to the Root Port, providing a rapid failover path. The Backup Port is a backup to a Designated Port on the same segment. The classic STP blocking state is replaced by discarding, which is a combination of blocking and listening states.
How RSTP Works Step by Step
RSTP uses a faster BPDU exchange. Every switch sends its own BPDU every hello time (2 seconds by default), even if it receives BPDUs from the root. This is different from 802.1D, where a switch only relays BPDUs from the root. This allows RSTP to detect link failures in three hello intervals (6 seconds) and converge almost immediately.
When a switch detects a link failure, it immediately transitions its Alternate Port to the Forwarding state if it has a better path to the root. There's no waiting for timers. This is called "rapid transition." RSTP also uses a sync mechanism: when a new switch joins or a link comes up, it temporarily blocks all ports except the one it thinks is best, then quickly negotiates with neighbors using proposal-agreement handshakes. This ensures a loop-free topology is built quickly.
RSTP Port States and Timers
RSTP has only three port states: Discarding, Learning, and Forwarding. Discarding replaces the classic Blocking, Listening, and Disabled states. The Learning state is still used to populate the MAC table without forwarding data. Forwarding sends and receives user traffic.
Timers in RSTP are similar to 802.1D but used differently:
Hello Time: 2 seconds (default) — the interval at which BPDUs are sent.
Forward Delay: 15 seconds (default) — used only during the learning state when a port transitions to forwarding via the old STP mechanism (if rapid transition fails).
Max Age: 20 seconds (default) — how long a switch waits without receiving a BPDU before declaring the root lost. In RSTP, this is rarely used because failure detection is faster.
What is MSTP and Why It Exists
Multiple Spanning Tree Protocol (MSTP, IEEE 802.1s) extends RSTP to support multiple VLANs with fewer spanning-tree instances. In PVST+, each VLAN has its own spanning tree, which consumes CPU and bandwidth (each VLAN sends its own BPDUs). MSTP allows you to group VLANs into instances, and each instance runs a single spanning tree. This reduces overhead while still providing load balancing across redundant links.
MSTP is backward-compatible with RSTP and 802.1D. It uses a concept of regions: a set of switches with the same MST configuration (region name, revision number, and VLAN-to-instance mapping). Within a region, switches exchange MST BPDUs that carry instance information. Between regions, MSTP interacts using a single Common Spanning Tree (CST), which is essentially an RSTP instance.
How MSTP Works Step by Step
Switches must be configured with the same MST region name, revision number, and VLAN-to-instance mapping to be in the same region. If any of these differ, they are considered separate regions.
Within a region, MSTP runs an Internal Spanning Tree (IST) for instance 0, which carries BPDUs for all instances. Other instances (MSTIs) are calculated based on the IST topology.
Each MSTI has its own root bridge, port roles, and states. Switches exchange MST BPDUs that include information for all instances.
Between regions, MSTP uses the CST (Common Spanning Tree) to prevent loops. The CST is an RSTP instance that treats each region as a single virtual bridge.
Load balancing is achieved by assigning different VLANs to different MSTIs, and then configuring different port costs or priorities for each MSTI so that traffic takes different paths.
Key MSTP Concepts and Terminology
MST Region: A group of switches with identical MST configuration.
IST (Internal Spanning Tree): Instance 0, which is always present and carries BPDUs for all instances within the region.
MSTI (Multiple Spanning Tree Instance): A spanning tree instance (numbered 1-4094) that you create for a group of VLANs.
CIST (Common and Internal Spanning Tree): The combination of the IST and the CST. It is the single spanning tree that connects all MST regions and legacy STP switches.
CST (Common Spanning Tree): The spanning tree that runs between regions and legacy switches.
IOS CLI Verification Commands
To verify RSTP status:
Switch# show spanning-treeThis output shows the spanning tree mode (RSTP or MST), root bridge, port roles, and states. Look for "P2P" or "Edge" port types.
To verify MSTP configuration and status:
Switch# show spanning-tree mst configuration
Switch# show spanning-tree mst 1The first command shows the MST region configuration. The second shows the spanning tree details for a specific instance.
Example output:
Switch# show spanning-tree mst configuration
Name [Region1]
Revision 1
Instance Vlans mapped
-------- -----------------------------------------------------------------
0 1-10,20-4094
1 11-19Switch# show spanning-tree mst 1
##### MST1 vlans mapped to 11-19
Bridge Address 0011.2233.4455 Priority 32768 (32768 sysid0)
Root Address 0011.2233.4466 Priority 32768 (32768 sysid0)
Root ID Priority 32768, Address 0011.2233.4466
This bridge is the root
Bridge ID Priority 32768 (priority 32768 sys-id-ext 1) Address 0011.2233.4455
We are the root of MST1
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/1 Desg FWD 20000 128.1 P2p
Gi0/2 Desg FWD 20000 128.2 P2pInteraction with Related Protocols
RSTP and MSTP interact with PortFast (edge ports) and UplinkFast (now integrated into RSTP). PortFast allows a port to transition directly to forwarding, bypassing the learning state. This is used for access ports connected to end devices. RSTP automatically detects edge ports if they don't receive BPDUs, but you can also configure them manually with spanning-tree portfast.
MSTP must interact with legacy STP switches. If an MSTP switch connects to a 802.1D switch, it falls back to 802.1D on that port. This is done automatically via the protocol version negotiation. The MSTP switch sends MST BPDUs, but if it receives a legacy BPDU, it switches to 802.1D mode on that port. This ensures backward compatibility but may cause slower convergence on those links.
Configuration Example: RSTP
By default, Cisco switches run PVST+ (Per-VLAN Spanning Tree Plus), which is Cisco's implementation of 802.1D with per-VLAN instances. To enable RSTP globally, use:
Switch(config)# spanning-tree mode rapid-pvstThis enables Rapid PVST+, which is RSTP per VLAN. This is the most common configuration for networks that want fast convergence but don't need MSTP's scalability.
Configuration Example: MSTP
To configure MSTP, you must first enter MST configuration mode:
Switch(config)# spanning-tree mst configuration
Switch(config-mst)# name Region1
Switch(config-mst)# revision 1
Switch(config-mst)# instance 1 vlan 11-19
Switch(config-mst)# exit
Switch(config)# spanning-tree mode mstThis sets the region name, revision, and maps VLANs 11-19 to instance 1. Then MSTP is enabled globally. All switches in the region must have identical configuration.
To set the root bridge for an instance:
Switch(config)# spanning-tree mst 1 root primaryThis sets the priority to 24576 (or lower if another switch has a lower priority).
Verification and Troubleshooting
Use show spanning-tree to see the current mode and details. If you see "This bridge is the root" for an instance, that switch is the root for that instance. If you see "port is blocking" when you expect forwarding, check for BPDU inconsistencies or configuration mismatches.
Common issues:
MST region mismatch: If switches have different region names or revisions, they will not form a single region and will use CST, which may cause suboptimal paths.
VLAN-to-instance mapping mismatch: If a VLAN is mapped to different instances on different switches, the instance will not span correctly.
Port type issues: If a port connected to an end device is not configured as an edge port, it may cause unnecessary TCNs (Topology Change Notifications) and slow convergence.
Enable RSTP globally
On a Cisco switch, the default spanning-tree mode is PVST+ (802.1D per VLAN). To enable RSTP, use the command `spanning-tree mode rapid-pvst` in global configuration mode. This enables Rapid PVST+, which runs RSTP on each VLAN. All ports will use RSTP's faster convergence mechanisms. Verify with `show spanning-tree` — look for "Spanning tree enabled protocol rstp" in the output.
Configure MSTP region
To use MSTP, first define the MST region. Enter MST configuration mode with `spanning-tree mst configuration`. Set a region name (e.g., `name MyRegion`), a revision number (e.g., `revision 1`), and map VLANs to instances (e.g., `instance 1 vlan 10-20`). All switches in the same region must have identical settings. Exit configuration mode with `exit`. Then enable MSTP globally with `spanning-tree mode mst`.
Set MST instance root
To control which switch becomes the root for a particular MST instance, use `spanning-tree mst instance-number root primary` on the desired switch. This sets the bridge priority to 24576 (or lower if another switch already has a lower priority). Alternatively, you can manually set the priority with `spanning-tree mst instance-number priority value`. The default priority is 32768 plus the instance number (sys-id-ext).
Configure port costs per instance
To load balance traffic across redundant links, configure different port costs for each MST instance. For example, on a switch connected to two uplinks, set one link to have a lower cost for instance 1 and the other for instance 2. Use `spanning-tree mst instance-number cost cost-value` on the interface. Lower cost means more preferred. This forces different VLANs to take different paths.
Verify MSTP operation
Use `show spanning-tree mst configuration` to confirm the region settings. Use `show spanning-tree mst instance-number` to see the root bridge, port roles, and states for that instance. Look for "This bridge is the root" if the switch is the root. Check that all ports in the instance are in the expected state (FWD for forwarding, BLK for blocking). If a port is unexpectedly blocking, check for BPDU guard or configuration errors.
Troubleshoot MST region mismatch
If switches in the same region do not agree on the region name, revision, or VLAN mapping, they will treat each other as separate regions and use CST. This can cause suboptimal paths or loops. Use `show spanning-tree mst configuration` on each switch to compare. Also use `debug spanning-tree mst all` to see BPDU exchanges. Look for messages indicating region mismatch. Correct the configuration on all switches to match exactly.
In enterprise networks, RSTP and MSTP are used to balance redundancy with performance. Consider a data center with two distribution switches and multiple access switches. Each access switch connects to both distribution switches for redundancy. Without STP, this creates a loop. With RSTP, one uplink will be forwarding and the other blocking, but failover occurs in seconds. This is fine for most applications. However, if the network has 200 VLANs, PVST+ would create 200 spanning-tree instances, each sending BPDUs every 2 seconds. That's a lot of overhead. MSTP solves this by grouping VLANs into, say, 10 instances. This reduces BPDU traffic and CPU usage while still allowing load balancing: VLANs 1-100 use instance 1, VLANs 101-200 use instance 2, and so on. The network engineer configures different port costs for each instance so that traffic for VLANs 1-100 goes through one distribution switch and VLANs 101-200 through the other.
Another scenario: a campus network with multiple buildings. Each building has a core switch, and buildings are connected via fiber. MSTP is configured with a single region for the entire campus. The region name and revision are standardized. VLANs are mapped to instances based on traffic patterns: voice VLANs go to instance 1, data VLANs to instance 2, and management VLANs to instance 3. The root bridge for each instance is placed in a different building to distribute traffic. This provides fast convergence (using RSTP within each instance) and efficient use of redundant links.
Common pitfalls: Misconfiguration of the MST region is the most frequent issue. If one switch has a different region name or revision, it will not participate in the same instances, leading to unexpected blocking or loops. Also, forgetting to set the root bridge for each instance can result in a suboptimal topology. In production, always use spanning-tree mst root primary on the intended root switch. Another issue is mixing MSTP with legacy STP switches. This forces MSTP to fall back to 802.1D on those links, causing slower convergence. Plan to upgrade all switches to support MSTP or RSTP.
Performance: MSTP reduces CPU usage significantly compared to PVST+. For a switch with 1000 VLANs, PVST+ would run 1000 instances, each requiring BPDU processing. MSTP with 10 instances reduces that by a factor of 100. However, MSTP configuration is more complex and requires careful planning. In large networks, it's common to use MSTP with a few instances (e.g., 2-8) to balance complexity and performance.
On the CCNA 200-301 exam, objective 2.5 covers Spanning Tree Protocol, including RSTP and MSTP. You need to know the differences between STP, RSTP, PVST+, and MSTP. Expect questions on convergence time, port states, and configuration commands. The exam will test your ability to identify the correct protocol for a given scenario and to interpret show command output.
Common wrong answers: 1. "RSTP uses the same port states as STP." Wrong — RSTP has only Discarding, Learning, and Forwarding, while STP has Blocking, Listening, Learning, and Forwarding. Candidates often confuse the states. 2. "MSTP requires all switches to have the same VLAN-to-instance mapping." Partially true — but only within a region. Switches in different regions can have different mappings. The exam may test this nuance. 3. "PVST+ is the same as Rapid PVST+." No — PVST+ uses 802.1D per VLAN, while Rapid PVST+ uses RSTP per VLAN. Candidates often assume "PVST" implies fast convergence. 4. "MSTP is incompatible with RSTP." False — MSTP uses RSTP internally for each instance and is backward compatible with RSTP and 802.1D.
Specific values to memorize:
RSTP convergence: 1-3 seconds (vs. 30-50 for 802.1D).
RSTP port states: Discarding, Learning, Forwarding.
MSTP instance range: 0-4094 (instance 0 is always IST).
Default bridge priority: 32768 (plus sys-id-ext for VLAN or instance).
MST region configuration: name (32 chars max), revision (0-65535), VLAN-to-instance mapping.
Calculation traps: None directly, but you may need to calculate the bridge priority with the system ID extension. For MSTP, the priority is the base priority plus the instance number (0-4094). For example, if the base priority is 32768, instance 1 has priority 32769. This affects root bridge election.
Decision rule: When a question asks which protocol to use for fast convergence with many VLANs, choose MSTP if scalability is mentioned, or Rapid PVST+ if simplicity is needed. If the question mentions "multiple spanning trees" or "load balancing across VLANs," MSTP is the answer. If it just says "fast convergence," RSTP (or Rapid PVST+) is sufficient.
Elimination strategy: On scenario questions, first identify the requirement: fast convergence? then eliminate 802.1D. Need per-VLAN load balancing? PVST+ or MSTP. Many VLANs (e.g., 500)? MSTP is more efficient. Legacy switches present? Must be backward compatible — MSTP and RSTP are, but PVST+ is Cisco proprietary. This helps narrow down choices.
RSTP (802.1w) converges in 1-3 seconds using proposal-agreement handshakes and alternate ports.
RSTP has three port states: Discarding, Learning, and Forwarding.
MSTP (802.1s) groups VLANs into instances, reducing BPDU overhead compared to PVST+.
All switches in an MST region must have identical region name, revision, and VLAN-to-instance mapping.
Use 'spanning-tree mode rapid-pvst' to enable RSTP per VLAN on Cisco switches.
Use 'spanning-tree mode mst' to enable MSTP, after configuring the region with 'spanning-tree mst configuration'.
The default hello time for RSTP and MSTP is 2 seconds; forward delay is 15 seconds; max age is 20 seconds.
MSTP instance 0 (IST) always exists and carries BPDUs for all instances within the region.
These come up on the exam all the time. Here's how to tell them apart.
RSTP (802.1w)
Single spanning tree for all VLANs (or per VLAN with Rapid PVST+)
Convergence time: 1-3 seconds
Port states: Discarding, Learning, Forwarding
BPDUs sent every 2 seconds from each switch
No concept of regions or instances
MSTP (802.1s)
Multiple spanning tree instances, grouping VLANs
Convergence time: 1-3 seconds per instance (RSTP-based)
Same port states as RSTP
BPDUs carry information for all instances within a region
Uses regions and instances; requires configuration of VLAN-to-instance mapping
PVST+ (802.1D per VLAN)
Slow convergence: 30-50 seconds
Port states: Blocking, Listening, Learning, Forwarding
One BPDU per VLAN per hello
Uses timers (forward delay, max age) for convergence
Cisco proprietary (but based on 802.1D)
Rapid PVST+ (802.1w per VLAN)
Fast convergence: 1-3 seconds
Port states: Discarding, Learning, Forwarding
Same BPDU overhead as PVST+
Uses proposal-agreement handshake for rapid transition
Cisco proprietary implementation of RSTP per VLAN
Mistake
RSTP and Rapid PVST+ are the same thing.
Correct
RSTP is the IEEE standard (802.1w) that runs a single spanning tree for all VLANs. Rapid PVST+ is Cisco's implementation that runs RSTP per VLAN, similar to PVST+ but with fast convergence.
Candidates see 'Rapid' and assume it's the same as RSTP, but Cisco uses Rapid PVST+ for per-VLAN RSTP.
Mistake
MSTP requires all switches in the network to have the same configuration.
Correct
Only switches within the same MST region need identical configuration. Different regions can have different configurations, and they communicate via the CST.
Candidates think MSTP is a global protocol, but it's region-based.
Mistake
MSTP is slower than RSTP because it has more instances.
Correct
MSTP uses RSTP internally for each instance, so convergence within an instance is as fast as RSTP. The overhead of multiple instances does not slow convergence.
Candidates assume more instances mean more processing time, but the RSTP mechanism is the same per instance.
Mistake
In RSTP, a port in the 'discarding' state never forwards traffic.
Correct
The discarding state is a combination of blocking and listening from 802.1D. A port in discarding does not forward user traffic but may transition to learning and then forwarding rapidly.
Candidates think discarding is just blocking, but it's a temporary state that can lead to forwarding quickly.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
RSTP (802.1w) is the IEEE standard that runs a single spanning tree for all VLANs. Rapid PVST+ is Cisco's implementation that runs RSTP per VLAN, similar to how PVST+ runs 802.1D per VLAN. Rapid PVST+ provides fast convergence for each VLAN independently, but it consumes more CPU and bandwidth because each VLAN sends its own BPDUs. On the CCNA exam, know that Cisco switches use 'spanning-tree mode rapid-pvst' to enable RSTP per VLAN.
You can create up to 4094 MST instances (1-4094), plus instance 0 which is always present as the IST. However, the number of instances is limited by hardware resources. In practice, most networks use fewer than 16 instances. The exam expects you to know the range (0-4094) and that instance 0 is the IST.
Yes, MSTP is backward compatible with 802.1D. When an MSTP switch connects to a legacy 802.1D switch, it automatically falls back to 802.1D on that port. This is done by detecting the protocol version in received BPDUs. However, this means the link will have slower convergence (30-50 seconds). On the exam, expect questions about interoperability between MSTP and legacy STP.
The revision number is part of the MST region identifier. Switches must have the same region name, revision number, and VLAN-to-instance mapping to be in the same region. If you change the VLAN mapping, you should increment the revision number to ensure all switches recognize the new configuration. The revision number is a 16-bit value (0-65535).
Use the command 'show spanning-tree mst configuration'. This displays the region name, revision, and the VLAN-to-instance mapping. For example, it will show 'Instance 1: 10-20' meaning VLANs 10-20 are mapped to instance 1. You can also use 'show vlan' to see VLANs, but the MST mapping is shown in the MST configuration output.
An Alternate Port provides an alternative path to the root bridge, acting as a backup to the Root Port. A Backup Port provides a backup to a Designated Port on the same segment (i.e., when a switch has two ports connected to the same collision domain). Both are in discarding state. On the exam, know that Alternate Ports are more common and provide rapid failover for root path redundancy.
MSTP uses a modified BPDU format that includes additional fields for MSTI information. The BPDU starts with the standard RSTP BPDU but is extended with MST configuration digest and MSTI records. Within an MST region, switches exchange MST BPDUs. When communicating with RSTP or 802.1D switches, MSTP sends standard RSTP BPDUs. The exam may test that MSTP is an extension of RSTP.
You've just covered RSTP vs MSTP: Multi-Instance STP — now see how well it sticks with free CCNA 200-301 practice questions. Full explanations included, no account needed.
Done with this chapter?