This chapter covers Spanning Tree Protocol (STP) concepts, a critical Layer 2 loop-prevention mechanism for Ethernet networks. For the N10-009 exam, understanding STP is essential as it appears in approximately 5-10% of questions, often in the context of network redundancy and troubleshooting. You will learn the core mechanisms of STP, including bridge election, port roles, and path cost calculation, as well as modern variants like Rapid PVST+ and MSTP.
Jump to a section
Imagine a large office building with multiple floors, each floor connected by several stairwells and elevators. The building manager wants to ensure that if one path between floors is blocked (e.g., due to a fire), there is always an alternative. However, if employees use all stairwells and elevators simultaneously, they might create circular routes, wasting time and causing confusion. To solve this, the manager appoints a building supervisor who periodically sends out a messenger to explore all possible routes. The messenger carries a unique ID and a hop count. As the messenger goes from floor to floor, each floor's receptionist notes the best route back to the supervisor's office. The supervisor then designates one stairwell as the primary path (the root bridge) and blocks all other stairwells except for the single best alternative on each floor. If a primary stairwell becomes blocked, the supervisor quickly unblocks the next best path. This ensures there is always exactly one active path between any two floors, preventing loops and ensuring efficient movement. In networking, the Spanning Tree Protocol (STP) works similarly: switches elect a root bridge, determine the best path to it, and block redundant links to prevent loops, while maintaining backup paths for failover.
What is Spanning Tree Protocol and Why Does It Exist?
Spanning Tree Protocol (STP), defined in IEEE 802.1D, is a network protocol that ensures a loop-free topology in Ethernet networks with redundant links. Ethernet frames do not have a Time-to-Live (TTL) field, so loops cause frames to circulate indefinitely, leading to broadcast storms, multiple frame copies, and MAC address table instability. STP prevents this by logically blocking redundant links, creating a single active path between any two network segments.
How STP Works Internally
STP operates through a series of steps: election of a root bridge, selection of root ports, designated ports, and blocking of redundant ports. The algorithm uses Bridge Protocol Data Units (BPDUs) exchanged every 2 seconds (default Hello time). Each BPDU contains:
Root Bridge ID (bridge priority + MAC address)
Path cost to root bridge
Sender Bridge ID
Port ID
Step-by-step mechanism: 1. Root Bridge Election: All switches initially claim to be root. They compare Bridge IDs (priority + MAC). The switch with the lowest Bridge ID wins. Default priority is 32768. 2. Root Port Selection: Each non-root switch selects one port with the lowest path cost to the root bridge. If costs tie, the lowest neighbor Bridge ID, then lowest neighbor Port ID, breaks the tie. 3. Designated Port Selection: On each network segment (link), the switch with the lowest path cost to the root bridge becomes the designated port. The designated port is the only port that forwards traffic on that segment. 4. Blocking Redundant Ports: All ports that are neither root nor designated are placed in blocking state (alternate or backup ports).
Key Components, Values, Defaults, and Timers
- Bridge ID: 8 bytes: 2-byte priority (default 32768) + 6-byte MAC address. The priority must be a multiple of 4096. - Path Cost: Calculated based on link speed. Original STP uses 1000 Mbps / link speed. For example: - 10 Mbps: cost 100 - 100 Mbps: cost 19 - 1 Gbps: cost 4 - 10 Gbps: cost 2 - Port States: - Blocking: No forwarding, no learning, receives BPDUs only. - Listening: No forwarding, no learning, sends/receives BPDUs. - Learning: No forwarding, learns MAC addresses, sends/receives BPDUs. - Forwarding: Forwards frames, learns MAC addresses, sends/receives BPDUs. - Disabled: Administratively down. - Timers (defaults): - Hello Time: 2 seconds - Forward Delay: 15 seconds (time spent in listening and learning states) - Max Age: 20 seconds (time a switch waits before re-evaluating BPDUs)
Configuration and Verification Commands
On Cisco IOS, basic STP configuration is automatic. To adjust priorities:
Switch(config)# spanning-tree vlan 1 root primary
Switch(config)# spanning-tree vlan 1 priority 4096Verification commands:
Switch# show spanning-tree
Switch# show spanning-tree vlan 1
Switch# show spanning-tree rootInteraction with Related Technologies
STP interacts with VLANs via Per-VLAN Spanning Tree (PVST+), which runs a separate STP instance per VLAN. Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) improves convergence time to a few seconds. Multiple Spanning Tree Protocol (MSTP, IEEE 802.1s) maps multiple VLANs to a single STP instance, reducing overhead. STP also interacts with EtherChannel, which bundles multiple links into one logical link; STP treats the bundle as a single link.
Root Bridge Election
All switches exchange BPDUs claiming themselves as root. The switch with the lowest Bridge ID (priority + MAC) becomes root. If priorities are equal, the lowest MAC address wins. The root bridge is the reference point for all path cost calculations. A network engineer can force a switch to become root by setting its priority lower (e.g., 4096) or using the 'spanning-tree vlan x root primary' command. The root bridge continues to send BPDUs every 2 seconds.
Root Port Selection
Each non-root switch selects one port that has the lowest path cost to the root bridge. The path cost is the cumulative cost of all links from the switch to the root. If multiple ports have equal cost, the switch chooses the port connected to the neighbor with the lowest Bridge ID. If still tied, the lowest neighbor Port ID is used. The root port is the best path to the root and is always in forwarding state.
Designated Port Selection
On each network segment (link), the switch with the lowest path cost to the root bridge becomes the designated port for that segment. If both switches have equal cost, the one with the lower Bridge ID wins. The designated port is the only port that forwards traffic on that segment. All other ports on that segment become non-designated (blocking).
Blocking Redundant Ports
Ports that are not root or designated are placed in blocking state. These ports do not forward data frames but still listen for BPDUs. Blocking prevents loops. If a failure occurs (e.g., a link goes down), the switch re-evaluates BPDUs and may transition a blocked port to forwarding after a delay (listening and learning states).
Convergence and Timer Expiry
When the network topology changes (e.g., a link fails), the switch detects the loss of BPDUs. After Max Age (20 seconds) expires without receiving a BPDU from a neighbor, the switch re-evaluates its root port and designated ports. It then transitions through listening (15 sec) and learning (15 sec) states before forwarding. Total convergence time is typically 30-50 seconds.
In a typical enterprise data center, switches are deployed in a redundant triangle topology: two core switches (e.g., Cisco Nexus 9000) connected to each other and to multiple access switches. STP prevents loops while providing redundancy. For example, an access switch has two uplinks: one to Core-A and one to Core-B. STP blocks one uplink to avoid a loop. If the active uplink fails, STP unblocks the backup within 30-50 seconds. In production, this failover time is often too slow for critical applications, so RSTP (or Rapid PVST+) is used to reduce convergence to under 10 seconds.
Another common scenario is a campus network with multiple VLANs. Using PVST+, each VLAN can have a different root bridge, enabling load balancing. For instance, VLAN 10 roots on Core-A, while VLAN 20 roots on Core-B. This allows both uplinks to be active for different VLANs, maximizing bandwidth utilization. Configuration involves setting a different priority per VLAN on each core switch.
A third scenario is using MSTP to reduce STP instances in large networks with hundreds of VLANs. MSTP maps multiple VLANs to a single STP instance, reducing CPU and memory overhead. For example, MST instance 1 maps VLANs 1-100, instance 2 maps VLANs 101-200. This simplifies management and speeds convergence. Misconfiguration often occurs when MST region names or revision numbers do not match across switches, causing them to treat each other as separate regions and blocking ports unexpectedly. Engineers must ensure consistent MST configuration across all switches in the region.
The N10-009 exam (Objective 1.6) tests your understanding of STP concepts, including the purpose of STP, port states, root bridge election, and path cost. Key exam points: - Common wrong answers: Candidates often confuse STP port states with those of other protocols (e.g., OSPF). They may think that 'blocking' means the port is disabled or that 'listening' implies data forwarding. Also, they often forget that the root bridge has all ports in forwarding state (except for self-loops). Another trap: assuming that the switch with the highest priority becomes root; actually, the lowest priority wins. - Specific numbers: Default priority 32768, path costs: 10 Mbps=100, 100 Mbps=19, 1 Gbps=4, 10 Gbps=2. Timers: Hello=2s, Forward Delay=15s, Max Age=20s. - Edge cases: The exam may ask about STP with a single switch (all ports are designated). Or about a switch with priority 0 (lowest possible) and how it is always root. Also, understand that STP runs per VLAN in PVST+ and that RSTP reduces convergence to 6 seconds or less. - Elimination strategy: Look for keywords like 'loop-free', 'redundant links', 'BPDU', 'root bridge'. If a question mentions broadcast storms, the answer likely involves STP. Eliminate options that mention IP routing or TTL, as STP is Layer 2.
STP prevents loops in redundant Layer 2 networks by blocking ports.
Root bridge is elected based on lowest Bridge ID (priority + MAC).
Default bridge priority is 32768; must be a multiple of 4096.
Path cost: 10 Mbps=100, 100 Mbps=19, 1 Gbps=4, 10 Gbps=2.
STP timers: Hello 2s, Forward Delay 15s, Max Age 20s.
Port states: Blocking, Listening, Learning, Forwarding (and Disabled).
RSTP (802.1w) converges faster (1-3 seconds) using handshakes.
PVST+ runs STP per VLAN; MSTP maps multiple VLANs to fewer instances.
These come up on the exam all the time. Here's how to tell them apart.
STP (802.1D)
Convergence time: 30-50 seconds
Port states: Blocking, Listening, Learning, Forwarding, Disabled
Uses timers (Max Age, Forward Delay) for convergence
All switches send BPDUs every 2 seconds
No fast transition to forwarding; must go through listening and learning
RSTP (802.1w)
Convergence time: 1-3 seconds (typically <10 seconds)
Port states: Discarding, Learning, Forwarding (only 3 states)
Uses explicit handshake (proposal/agreement) for fast transition
BPDUs sent every 2 seconds, but with improved mechanism
Edge ports can transition directly to forwarding (PortFast)
PVST+
Runs one STP instance per VLAN
Higher CPU/memory usage with many VLANs
Cisco proprietary but widely supported
Allows per-VLAN load balancing
Default on Cisco switches
MSTP (802.1s)
Runs one STP instance for multiple VLANs (mapping)
Lower overhead, scales well
IEEE standard, multi-vendor
Requires consistent configuration across region
Supports up to 64 instances
Mistake
STP blocks all redundant links permanently.
Correct
STP blocks only redundant links to prevent loops, but if the active link fails, STP unblocks a backup link automatically. Blocked ports continue to receive BPDUs to monitor the network.
Mistake
The root bridge is the switch with the highest MAC address.
Correct
The root bridge is elected based on the lowest Bridge ID (priority + MAC). If priorities are equal, the lowest MAC address wins.
Mistake
All ports on the root bridge are designated ports.
Correct
On the root bridge, all ports are designated ports (forwarding) except for ports that connect to itself (which are not possible in a normal topology). However, if a root bridge port connects to another switch, that port is designated, and the other switch's port is root or alternate.
Mistake
STP converges instantly when a link fails.
Correct
Original STP takes 30-50 seconds to converge due to timers (Max Age + Forward Delay). Rapid STP (RSTP) reduces this to a few seconds using handshakes.
Mistake
Path cost is based on the speed of the local port only.
Correct
Path cost is cumulative along the path to the root bridge. Each switch adds the cost of its incoming link to the cost received from its neighbor.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
The purpose of STP is to prevent loops in Ethernet networks with redundant links. Loops cause broadcast storms, multiple frame copies, and MAC table instability. STP creates a loop-free logical topology by blocking redundant ports while keeping them as backups. For the exam, remember that STP operates at Layer 2 and does not involve IP routing.
STP elects the root bridge by comparing Bridge IDs, which consist of a 2-byte priority (default 32768) and a 6-byte MAC address. The switch with the lowest Bridge ID becomes root. If priorities are equal, the lowest MAC address wins. You can influence the election by lowering the priority (e.g., to 4096). The root bridge is the reference point for all path cost calculations.
The STP port states are: Blocking (no forwarding, no learning, receives BPDUs), Listening (no forwarding, no learning, sends/receives BPDUs), Learning (no forwarding, learns MAC addresses), and Forwarding (forwards frames, learns MAC). The order is Blocking -> Listening -> Learning -> Forwarding. Also, there is a Disabled state (administratively down). The transition from Blocking to Forwarding takes about 30-50 seconds due to timers.
RSTP (IEEE 802.1w) is an evolution of STP that provides faster convergence (1-3 seconds vs 30-50 seconds). RSTP reduces port states to three: Discarding, Learning, Forwarding. It uses an explicit handshake (proposal/agreement) between switches to quickly transition ports to forwarding. RSTP also introduces edge ports (connected to end devices) that can go directly to forwarding (PortFast).
Default STP timers: Hello Time = 2 seconds (interval between BPDUs), Forward Delay = 15 seconds (time spent in listening and learning states each), Max Age = 20 seconds (time a switch waits without receiving a BPDU before re-evaluating topology). These timers can be adjusted but are rarely changed in practice.
When a link fails, the switch stops receiving BPDUs on that port. After Max Age (20 seconds) expires, the switch re-evaluates its root port and designated ports. It then transitions the best alternate port through listening (15s) and learning (15s) to forwarding. Total convergence is 30-50 seconds. RSTP reduces this by using handshakes and edge ports.
In original STP (802.1D), the path cost for a 1 Gbps link is 4 (calculated as 1000 Mbps / 1000 Mbps = 1, but the standard uses a non-linear scale: 1000/1000=1, but the actual cost is 4). For 10 Gbps, cost is 2; for 100 Mbps, cost is 19; for 10 Mbps, cost is 100. The exam may test these exact values.
You've just covered Spanning Tree Protocol Concepts — now see how well it sticks with free N10-009 practice questions. Full explanations included, no account needed.
Done with this chapter?