CISCO 2948G Understand Configure Catalyst Switches User Guide Product Information: Understand and Configure STP on Catalyst Switches

: December 19, 2023
: Cisco

2948G Understand Configure Catalyst Switches

Product Information: Understand and Configure STP on Catalyst

Switches

Specifications

Software version: [insert software version]
Hardware version: [insert hardware version]

Introduction

This document provides instructions on how to use Spanning Tree
Protocol (STP) to prevent the creation of loops in a network with
redundant paths.

Prerequisites

There are no specific requirements for this document.

Components Used

The information in this document is based on the following
software and hardware versions:

Software version: [insert software version]
Hardware version: [insert hardware version]

The spanning tree principles presented in this document are
applicable to almost all devices that support STP.

Note: The information in this document assumes that all devices
used have a cleared (default) configuration. If your network is
live, make sure to understand the potential impact of any
command.

Background Information

This document uses the following network setup:

[insert network diagram]

Concepts

In this network setup, a redundant link is planned between
Switch A and Switch B. However, this configuration can create a
bridging loop, where packets continue to circulate between the
switches. STP is used to prevent such loops.

STP defines a tree that spans all the switches in an extended
network. It forces certain redundant data paths into a standby
(blocked) state and leaves other paths in a forwarding state. If a
link in the forwarding state becomes unavailable, STP reconfigures
the network and reroutes data paths through the appropriate standby
path.

Description of the Technology

In the STP root selection process, the selection of the root
switch for a particular VLAN is crucial. You can manually choose
the root switch or let the switches decide, which can be risky. If
you do not control the root selection process, there may be
suboptimal paths in your network.

All switches exchange information using Bridge Protocol Data
Units (BPDUs) to determine the root switch and configure the
network accordingly. Each switch compares the parameters in the
BPDU it sends to a neighbor with the parameters in the BPDU it
receives from that neighbor.

In the STP root selection process, a lower root ID is preferred.
If Switch A advertises a lower root ID than Switch B, Switch B
stops advertising its root ID and accepts the root ID of Switch
A.

STP Operation

Task: Decide on the Root Switch

Prerequisites:

After deciding on the root switch, set the appropriate variables
to designate the switch as the root switch. The only variable that
needs to be set is the bridge priority. If the switch has a bridge
priority lower than all other switches, it will automatically be
selected as the root switch.

Step-by-Step Instructions:

[Insert step-by-step instructions]
[Insert step-by-step instructions]
[Insert step-by-step instructions]

Verify:

[Insert verification instructions]

Troubleshoot:

[Insert troubleshooting instructions]

STP Path Cost Automatically Changes When a Port Speed/Duplex Is

Changed

Troubleshoot Commands:

[Insert troubleshooting commands]

Command Summary:

[Insert command summary]

[Insert related information]

FAQ

Q: What is STP?

A: Spanning Tree Protocol (STP) is a network protocol that
prevents loops in a network with redundant paths.

Q: How does STP work?

A: STP defines a tree that spans all the switches in a network.
It forces certain redundant data paths into a standby state and
leaves other paths in a forwarding state. If a link in the
forwarding state becomes unavailable, STP reconfigures the network
and reroutes data paths through the appropriate standby path.

Q: How do I decide on the root switch for a VLAN?

A: The selection of the root switch can be manually controlled
or left to the switches. It is important to choose a root switch
with a lower root ID to ensure optimal path selection in the
network.

Understand and Configure STP on Catalyst Switches
Contents
Introduction Prerequisites Requirements Components Used Background Information Network Diagram Concepts Description of the Technology STP Operation Task Step-by-Step Instructions Verify Troubleshoot STP Path Cost Automatically Changes When a Port Speed/Duplex Is Changed Troubleshoot Commands Command Summary Related Information
Introduction
This document describes how to use Spanning Tree Protocol (STP) to ensure that you do not create loops when you have redundant paths in your network.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on these software and hardware versions:
· Cisco Catalyst 5500/5000 Switches
· A console cable that is suitable for the Supervisor Engine in the switch
· Six Catalyst 5509 Switches
The spanning tree principles that the document presents are applicable to almost all devices that support STP.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

Background Information
Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network. The configurations in this document apply to Catalyst 2926G, 2948G, 2980G, 4500/4000, 5500/5000, and 6500/6000 Switches that run Catalyst OS (CatOS). Refer to these documents for information on the configuration of STP on other switch platforms:
· STP and MST (Catalyst 6500/6000 Switches that run Cisco IOS®Software) · Configure STP and MST (Catalyst 4500/4000 Switches that run Cisco IOS Software)
Network Diagram
This document uses this network setup:
Concepts
STP runs on bridges and switches that are 802.1D-compliant. There are different flavors of STP, but 802.1D is the most popular and widely implemented. You implement STP on bridges and switches in order to prevent loops in the network. Use STP in situations where you want redundant links, but not loops. Redundant links are as important as backups in the case of a failover in a network. A failure of your primary activates the backup links so that users can continue to use the network. Without STP on the bridges and switches, such a failure can result in a loop. If two connected switches run different flavors of STP, they require different controls to converge. When different flavors are used in the switches, it creates control issues between Blocking and Forwarding states. Therefore, it is recommended to use the same flavors of STP. Consider this network:

In this network, a redundant link is planned between Switch A and Switch B. However, this setup creates the possibility of a bridging loop. For example, a broadcast or multicast packet that transmits from Station M and is destined for Station N simply continues to circulate between both switches. However, when STP runs on both switches, the network logically looks like this:
This information applies to the scenario in the Network Diagram: · Switch 15 is the backbone switch. · Switches 12, 13, 14, 16, and 17 are switches that attach to workstations and PCs. · The network defines these VLANs: 1 200 201 202 203 204 · The VLAN Trunk Protocol (VTP) domain name is STD-Doc.
In order to provide this desired path redundancy, as well as to avoid a loop condition, STP defines a tree that spans all the switches in an extended network. STP forces certain redundant data paths into a standby (blocked) state and leaves other paths in a forwarding state. If a link in the forwarding state becomes unavailable, STP reconfigures the network and reroutes data paths through the activation of the appropriate standby path.
Description of the Technology
With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. All other decisions in the network, such as which port to block and which port to put in forwarding mode, are made from the perspective of this root bridge. A switched environment, which is different from a bridge environment, most likely deals with multiple VLANs. When you implement a root bridge in a switching network, you usually refer to the root bridge as the root switch. Each VLAN must have its own root bridge because each VLAN is a separate broadcast domain. The roots for the different VLANs can all reside in a single switch or in various switches.
Note: The selection of the root switch for a particular VLAN is very important. You can choose the root switch, or you can let the switches decide, which is risky. If you do not control the root

selection process, there can be suboptimal paths in your network.
All the switches exchange information for use in the root switch selection and for subsequent configuration of the network. Bridge protocol data units (BPDUs) carry this information. Each switch compares the parameters in the BPDU that the switch sends to a neighbor with the parameters in the BPDU that the switch receives from the neighbor.
In the STP root selection process, less is better. If Switch A advertises a root ID that is a lower number than the root ID that Switch B advertises, the information from Switch A is better. Switch B stops the advertisement of its root ID, and accepts the root ID of Switch A.
Refer to Optional STP Features for more information about some of the optional STP features, such as:
· PortFast
· Root guard
· Loop guard
· BPDU guard
STP Operation
Task
Prerequisites
Before you configure STP, select a switch to be the root of the spanning tree. This switch does not need to be the most powerful switch, but choose the most centralized switch on the network. All data flow across the network is from the perspective of this switch. Also, choose the least disturbed switch in the network. The backbone switches often serve as the spanning tree root because these switches typically do not connect to end stations. Also, moves and changes within the network are less likely to affect these switches.
After you decide on the root switch, set the appropriate variables to designate the switch as the root switch. The only variable that you must set is the bridge priority . If the switch has a bridge priority that is lower than all the other switches, the other switches automatically select the switch as the root switch.
Clients (end stations) on Switch Ports
You can also issue the set spantree portfast command, on a per-port basis. When you enable the portfast variable on a port, the port immediately switches from blocking mode to forwarding mode. Enablement of portfast helps to prevent timeouts on clients who use Novell Netware or use DHCP in order to obtain an IP address. However, donotuse this command when you have switch-to-switch connection. In this case, the command can result in a loop. The 30- to 60-second delay that occurs during the transition from blocking to forwarding mode prevents a temporal loop condition in the network when you connect two switches.
Leave most other STP variables at their default values.
Rules of Operation
This section lists rules for how STP works. When the switches first come up, they start the root switch selection process. Each switch transmits a BPDU to the directly connected switch on a per-VLAN basis.

As the BPDU goes out through the network, each switch compares the BPDU that the switch sends to the BPDU that the switch receives from the neighbors. The switches then agree on which switch is the root switch. The switch with the lowest bridge ID in the network wins this election process.
Note: Remember that one root switch is identified per-VLAN. After the root switch identification, the switches adhere to these rules.
· STP Rule 1â”All ports of the root switch must be in forwarding mode.
Note: In some corner cases, which involve self-looped ports, there is an exception to this rule.
Next, each switch determines the best path to get to the root. The switches determine this path by a comparison of the information in all the BPDUs that the switches receive on all ports. The switch uses the port with the least amount of information in the BPDU in order to get to the root switch; the port with the least amount of information in the BPDU is the root port. After a switch determines the root port, the switch proceeds to rule 2.
· STP Rule 2â”The root port must be set to forwarding mode.
In addition, the switches on each LAN segment communicate with each other to determine which switch is best to use in order to move data from that segment to the root bridge. This switch is called the designated switch.
· STP Rule 3â”In a single LAN segment, the port of the designated switch that connects to that LAN segment must be placed in forwarding mode.
· STP Rule 4â”All the other ports in all the switches (VLAN-specific) must be placed in blocking mode. The rule only applies to ports that connect to other bridges or switches. STP does not affect ports that connect to workstations or PCs. These ports remain forwarded.
Note: The addition or removal of VLANs when STP runs in per-VLAN spanning tree (PVST / PVST+) mode triggers spanning tree recalculation for that VLAN instance and the traffic is disrupted only for that VLAN. The other VLAN parts of a trunk link can forward traffic normally. The addition or removal of VLANs for a Multiple Spanning Tree (MST) instance that exists triggers spanning tree recalculation for that instance and traffic is disrupted for all the VLAN parts of that MST instance.
Note: By default, spanning tree runs on every port. The spanning tree feature cannot be turned off in switches on a per-port basis. Although it is not recommended, you can turn off STP on a perVLAN basis, or globally on the switch. Extreme care must be taken whenever you disable spanning tree because this creates Layer 2 loops within the network.
Step-by-Step Instructions
Complete these steps:
1. Issue the show version command in order to display the software version that the switch runs.

Note: All switches run the same software version.

<#root>

Switch-15> (enable) show version

System Bootstrap Version: 5.1(2)

Hardware Version: 1.0 Model: WS-C5505 Serial #: 066509927

Mod Port Model

Serial # Versions

— —- ———- ——— —————————————-

1 0 WS-X5530 008676033 Hw : 2.3

Fw : 5.1(2)

Fw1: 4.4(1)

Sw : 4.2(1)

In this scenario, Switch 15 is the best choice for the root switch of the network for all the VLANs because Switch 15 is the backbone switch.
2. Issue the set spantree root vlan_id command in order to set the priority of the switch to 8192 for the VLAN or VLANs that the vlan_id specifies.
Note: The default priority for switches is 32768. When you set the priority with this command, you force the selection of Switch 15 as the root switch because Switch 15 has the lowest priority.

<#root>
Switch-15> (enable)
set spantree root 1
VLAN 1 bridge priority set to 8192. VLAN 1 bridge max aging time set to 20. VLAN 1 bridge hello time set to 2. VLAN 1 bridge forward delay set to 15. Switch is now the root switch for active VLAN 1. Switch-15> (enable)
Switch-15> (enable)
set spantree root 200
VLAN 200 bridge priority set to 8192. VLAN 200 bridge max aging time set to 20. VLAN 200 bridge hello time set to 2. VLAN 200 bridge forward delay set to 15. Switch is now the root switch for active VLAN 200.

Switch-15> (enable)
Switch-15> (enable)
set spantree root 201
VLAN 201 bridge priority set to 8192. VLAN 201 bridge max aging time set to 20. VLAN 201 bridge hello time set to 2. VLAN 201 bridge forward delay set to 15. Switch is now the root switch for active VLAN 201. Switch-15> (enable)
Switch-15> (enable)
set spantree root 202
VLAN 202 bridge priority set to 8192. VLAN 202 bridge max aging time set to 20. VLAN 202 bridge hello time set to 2. VLAN 202 bridge forward delay set to 15. Switch is now the root switch for active VLAN 202. Switch-15>
Switch-15> (enable)
set spantree root 203
VLAN 203 bridge priority set to 8192. VLAN 203 bridge max aging time set to 20. VLAN 203 bridge hello time set to 2. VLAN 203 bridge forward delay set to 15. Switch is now the root switch for active VLAN 203. Switch-15>
Switch-15> (enable)
set spantree root 204
VLAN 204 bridge priority set to 8192. VLAN 204 bridge max aging time set to 20. VLAN 204 bridge hello time set to 2. VLAN 204 bridge forward delay set to 15. Switch is now the root switch for active VLAN 204. Switch-15> (enable)
The shorter version of the command has the same effect, as this example shows:
<#root>
Switch-15> (enable)
set spantree root 1,200-204
VLANs 1,200-204 bridge priority set to 8189. VLANs 1,200-204 bridge max aging time set to 20. VLANs 1,200-204 bridge hello time set to 2. VLANs 1,200-204 bridge forward delay set to 15. Switch is now the root switch for active VLANs 1,200-204. Switch-15> (enable)

The set spantree priority command provides a third method to specify the root switch:
<#root>
Switch-15> (enable) set spantree priority 8192 1 Spantree 1 bridge priority set to 8192. Switch-15> (enable)
Note: In this scenario, all the switches started with cleared configurations. Therefore, all the switches started with a bridge priority of 32768. If you are not certain that all the switches in your network have a priority that is greater than 8192, set the priority of your desired root bridge to 1.
3. Issue the set spantree portfast mod_num/port_num enable command in order to configure the PortFast setting on Switches 12, 13, 14, 16, and 17.
Note: Only configure this setting on ports that connect to workstations or PCs. Do not enable PortFast on any port that connects to another switch.
· Port 2/1 connects to Switch 13. · Port 2/2 connects to Switch 15. · Port 2/3 connects to Switch 16. · Ports 3/1 through 3/24 connect to PCs. · Ports 4/1 through 4/24 connect to UNIX workstations. With this information as a basis, issue the set spantree portfast command on ports 3/1 through 3/24 and on ports 4/1 through 4/24:
<#root>
Switch-12> (enable) set spantree portfast 3/1-24 enable
Warning: Spantree port fast start should only be enabled on ports connected to a single host. Connec to a fast start port can cause temporary spanning-tree loops. Use with caution. Spantree ports 3/1 Switch-12> (enable) Switch-12> (enable) set spantree portfast 4/1-24 enable
Warning: Spantree port fast start should only be enabled on ports connected to a single host. Conne to a fast start port can cause temporary spanning-tree loops. Use with caution. Spantree ports 4/1

4. Issue the show spantree vlan_id command in order to verify that Switch 15 is the root of all the appropriate VLANs.
From the output from this command, compare the MAC address of the switch that is the root switch to the MAC address of the switch from which you issued the command. If the addresses match, the switch that you are in is the root switch of the VLAN. A root port that is 1/0 also indicates that you are at the root switch. This is the sample command output:

<#root>
Switch-15> (enable) show spantree 1
VLAN 1 spanning-tree enabled spanning-tree type
Designated Root

ieee 00-10-0d-b1-78-00

!— This is the MAC address of the root switch for VLAN 1.

Designated Root Priority 8192

Designated Root Cost

0

Designated Root Port

1/0

Root Max Age 20 sec Hello Time 2 sec

Forward Delay 15 sec

Bridge ID MAC ADDR Bridge ID Priority
Bridge Max Age 20 sec

00-10-0d-b1-78-00 8192
Hello Time 2 sec Forward Delay 15 sec

This output shows that Switch 15 is the designated root on the spanning tree for VLAN 1. The MAC address of the designated root switch,00-10-0d-b1-78-00, is the same as the bridge ID MAC address of Switch 15,00-10-0d-b1-78-00. Another indicator that this switch is the designated root is that the designated root port is 1/0.
In this output from Switch 12, the switch recognizes Switch 15 as the Designated Root for VLAN 1:
<#root>
Switch-12> (enable) show spantree 1
VLAN 1 spanning-tree enabled spanning-tree type

IEEEDesignated Root 00-10-0d-b1-78-00
!— This is the MAC address of the root switch for VLAN 1.

Designated Root Priority 8192

Designated Root Cost Designated Root Port Root Max Age 20 sec

19 2/3 Hello Time 2 sec

Forward Delay 15 sec

Bridge ID MAC ADDR Bridge ID Priority
Bridge Max Age 20 sec

00-10-0d-b2-8c-00 32768
Hello Time 2 sec Forward Delay 15 sec

Note: The output of the show spantree vlan_id command for the other switches and VLANs can also indicate that Switch 15 is the designated root for all VLANs.

Verify
This section provides information you can use to confirm that your configuration works properly.
· show spantree vlan_idâ” Shows the current state of the spanning tree for this VLAN ID, from the perspective of the switch on which you issue the command.
· show spantree summaryâ” Provides a summary of connected spanning tree ports by VLAN.
Troubleshoot
This section provides information you can use to troubleshoot your configuration.
STP Path Cost Automatically Changes When a Port Speed/Duplex Is Changed
STP calculates the path cost based on the media speed (bandwidth) of the links between switches and the port cost of each port forwarding frame. Spanning tree selects the root port based on the path cost. The port with the lowest path cost to the root bridge becomes the root port. The root port is always in the forwarding state.
If the speed/duplex of the port is changed, spanning tree recalculates the path cost automatically. A change in the path cost can change the spanning tree topology.
Refer to the Calculate and Assign Port Costs section of Configure Spanning Tree for more information on how to calculate the port cost.
Troubleshoot Commands
Note: Refer to Important Information on Debug Commands before you use debug commands.

· show spantree vlan_idâ”Shows the current state of the spanning tree for this VLAN ID, from the perspective of the switch on which you issue the command.
· show spantree summaryâ”Provides a summary of connected spanning tree ports by VLAN.
· show spantree statisticsâ”Shows spanning tree statistical information.
· show spantree backbonefastâ”Displays whether the spanning tree BackboneFast Convergence feature is enabled.
· show spantree blockedportsâ”Displays only the blocked ports.
· show spantree portstateâ”Determines the current spanning tree state of a Token Ring port within a spanning tree.
· show spantree portvlancostâ”Shows the path cost for the VLANs on a port.
· show spantree uplinkfastâ”Shows the UplinkFast settings.
Command Summary

Syntax:

show version

As used in this document: show version

Syntax:

set spantree root [vlan_id]

As used in this document: set spantree root 1

set spantree root 1,200-204

Syntax:

set spantree priority [vlan_id]

As used in this document: set spantree priority 8192 1

Syntax:

set spantree portfast mod_num/port_num {enable | disable}