• Purpose: Prevents broadcast storms and switching loops in redundant Layer 2 networks by creating a loop-free logical topology
• Core Problem: Without STP, frames can circulate indefinitely when multiple paths exist between switches (redundant links create loops)
• Solution Method: Mathematically determines the best path to each network segment and blocks redundant paths as backup

How STP Works

• Root Bridge Election: All switches elect one “root bridge” using lowest Bridge ID (Priority + MAC address)
• Path Cost Calculation: Each switch calculates lowest cost path to root bridge (based on link speeds)
• Port States: Ports become either Forwarding (active) or Blocking (standby) to eliminate loops
• Convergence: Process takes 30-50 seconds as switches exchange Bridge Protocol Data Units (BPDUs)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

STP Network Convergence Process

    [Switch A] ←--→ [Switch B]
        |              |
        ↓              ↓
    [Switch C] ←--→ [Switch D]

Step 1: Root Bridge Election
    All switches send BPDUs
         ↓
    Lowest Bridge ID wins
         ↓
    [Root Bridge Selected]

Step 2: Path Cost Calculation  
    Each switch calculates
    cost to root bridge
         ↓
    [Best paths identified]

Step 3: Port State Assignment
    Root ports → Forwarding
         ↓
    Designated ports → Forwarding  
         ↓
    Blocked ports → Blocking
         ↓
    [Loop-free topology]

Final Result:
    [SW-A] ──── [SW-B]
      |    \      |
      |     X     |  (X = blocked)
      |      \    |
    [SW-C] ──── [SW-D]

STP Port States and Timers

STP Versions Comparison

Port Roles and Selection

• Root Port: Best path to root bridge (one per non-root switch)
• Designated Port: Best path to reach segment (one per network segment)
• Alternate Port: Backup path to root bridge (RSTP enhancement)
• Backup Port: Backup designated port on same segment (RSTP enhancement)

Selection Criteria (in order):

1. Lowest path cost to root bridge
2. Lowest sender Bridge ID
3. Lowest sender Port ID

Key STP Concepts

• Bridge ID: 8-byte value (2-byte priority + 6-byte MAC address) - lower is better
• Path Cost: Cumulative cost to reach root bridge (inversely related to bandwidth)
• BPDU: Bridge Protocol Data Unit - control frames exchanged every 2 seconds
• Root Guard: Prevents unauthorized switches from becoming root bridge
• BPDU Guard: Disables ports receiving unexpected BPDUs (typically access ports)

Standard Path Costs

Vocabulary

• Bridge ID: Unique 8-byte identifier combining priority (configurable) and MAC address (fixed)
• Convergence: Time required for all switches to agree on loop-free topology after network change
• Designated Bridge: Switch responsible for forwarding frames onto a specific network segment
• Hello Time: Interval between BPDU transmissions (default 2 seconds)
• Max Age: Time to wait for BPDU before assuming link failure (default 20 seconds)
• Forward Delay: Time spent in Listening and Learning states (default 15 seconds each)

Notes

• Default Behavior: STP runs automatically on Cisco switches - all ports participate unless configured otherwise
• Root Bridge Planning: Manually configure root bridge using spanning-tree vlan X priority Y (values 0-61440 in increments of 4096)
• PortFast Configuration: Use on access ports connecting end devices to skip Listening/Learning states (spanning-tree portfast)
• Common Issue: Connecting hubs or unmanaged switches can cause unexpected topology changes
• Best Practice: Use RPVST+ in Cisco environments for fastest convergence with per-VLAN load balancing
• Troubleshooting: Check show spanning-tree for blocked ports and root bridge location
• Design Tip: Place root bridge on fastest, most centrally located switch with redundant uplinks
• VLAN Consideration: PVST+ creates separate spanning tree per VLAN (more CPU intensive but allows load balancing)## Spanning Tree Protocol (STP)
• What does Spanning Tree Do? - CBT Nuggets