STP Root Bridge Election Tie-Breaker Exam Trap
Presenting Symptom
A switch in the network becomes the root bridge unexpectedly, causing suboptimal traffic flow and potential loops, even though it has a lower priority configured than another switch that should be root.
Network Context
A small enterprise campus network with three Cisco Catalyst 2960 switches (SW1, SW2, SW3) connected in a triangle topology. All switches run IOS 15.0 and use PVST+. SW1 is intended to be the root bridge with priority 4096, SW2 has priority 8192, and SW3 has default priority 32768. The network engineer notices that SW3 is elected as root bridge, causing traffic to traverse suboptimal paths.
Diagnostic Steps
Check current root bridge
show spanning-tree rootVLAN0001
Root ID Priority 32768
Address 0050.3e8d.6400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 secThe output shows the root bridge for VLAN 1 is the switch with MAC ending in 6400 (SW3). This confirms SW3 is root, not SW1 as intended.
Verify bridge priority on all switches
show spanning-tree vlan 1 | include Bridge IDSW1: Bridge ID Priority 32768 (priority 32768 sys-id-ext 1) Address 0050.3e8d.1111 SW2: Bridge ID Priority 32768 (priority 32768 sys-id-ext 1) Address 0050.3e8d.2222 SW3: Bridge ID Priority 32768 (priority 32768 sys-id-ext 1) Address 0050.3e8d.6400
All switches show priority 32768, meaning the configured priorities (4096, 8192) are not taking effect. This indicates the priority commands were not applied correctly or were overwritten.
Check running configuration for spanning-tree priority
show running-config | include spanning-tree vlanSW1: spanning-tree vlan 1 priority 4096 SW2: spanning-tree vlan 1 priority 8192 SW3: (no output)
SW1 and SW2 have the priority commands in the running config, but the show spanning-tree output still shows default priority. This suggests the switch may be using extended system ID, and the priority value is being masked.
Verify if extended system ID is enabled
show spanning-tree vlan 1 | include ExtendedExtended system ID is enabled
Extended system ID is enabled. With extended system ID, the bridge priority is a multiple of 4096. The configured priority of 4096 is valid, but the show command displays the effective priority as 32768 because the priority bits are being shifted. Actually, the priority should appear as 4096 if configured correctly. The issue might be that the priority was set using the 'priority' command but the switch is using the default priority due to a bug or misconfiguration.
Root Cause
The root bridge election tie-breaker is decided by the lowest bridge ID. In this case, all switches have the same default priority (32768) because the configured priorities were not applied correctly. The 'spanning-tree vlan 1 priority' command was entered in global configuration mode instead of interface configuration mode, but that is correct. However, the switches might have been reloaded without saving the configuration, or the priority command was negated by a later command. The actual root cause is that the priority configuration was not saved to startup-config and after a reload, all switches reverted to default priority. The tie-breaker then went to the lowest MAC address, which is SW3 (0050.3e8d.6400).
Resolution
Verification
On SW1: show spanning-tree vlan 1 | include Root ID Expected output: Root ID Priority 4096 Address 0050.3e8d.1111 This bridge is the root On SW2: show spanning-tree vlan 1 | include Root ID Expected output: Root ID Priority 4096 Address 0050.3e8d.1111 On SW3: show spanning-tree vlan 1 | include Root ID Expected output: Root ID Priority 4096 Address 0050.3e8d.1111
Prevention
1. Always save configuration changes with 'copy running-config startup-config' after making STP priority changes. 2. Use the 'spanning-tree vlan <vlan> root primary' command on the intended root bridge to automatically set priority to 24576 or lower, and 'spanning-tree vlan <vlan> root secondary' on the backup root to set priority to 28672. 3. Implement a change management process that includes verification of STP root bridge after any configuration changes or reloads.
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario tests understanding of STP root bridge election and the tie-breaker process. The exam may present a multiple-choice question where the root bridge is not the expected switch, and the candidate must identify that the priority configuration was not saved or that the extended system ID affects the priority value. Key fact: The bridge ID consists of priority (4 bits) and MAC address; if priorities are equal, the lowest MAC wins. Extended system ID uses the last 12 bits of the priority field for VLAN ID, so the configurable priority must be a multiple of 4096.
Exam Tips
Remember that the root bridge is elected by lowest bridge ID (priority + MAC). If priorities are equal, the MAC address is the tie-breaker.
Be aware that the 'spanning-tree vlan <vlan> priority <0-61440>' command requires a multiple of 4096; otherwise, the switch rejects it.
The 'show spanning-tree' command output shows the effective priority after adding the extended system ID; the configured priority is displayed in the 'Bridge ID' line.
Commands Used in This Scenario
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions