Cisco CCNA 200-301 – STP – Spanning Tree Protocol Part 2

4. Spanning Tree Terminology – The Bridge

In this lecture, you’ll learn about the spanning tree terminology of bridges. This is going to just be a short lecture and I wanted to cover this before we get into the details of how spanning tree works. Okay, before we talk about the bridge, we need to talk about hubs. Hubs were layer one only devices which preferred formed the same function as switches, which is connecting ethernet land hosts to the network. So way back in the day, we used hubs, but you can’t even buy them anymore. Now they’ve been replaced by switches, hubs, layer one only.

So they did not learn Mac addresses like switches do. So they flooded all traffic out, all parts apart from the one it was received on, not just broadcast traffic, but all unicast and multicast traffic as well, flooded everywhere. Now hubs have been replaced. We use switches instead. In modern networks, switches provide performance and security improvements over hubs by forwarding traffic, which is to know and unicast Mac addresses only out the relevant port, rather than flooding it everywhere. But early switches were expensive, had very few ports, commonly only two parts, and they were called bridges. They segmented lands which were built with hubs elsewhere. So if you have a look in the diagram here, you can see that the main part of our network is built with hubs.

That’s where we’ve got all of our hand hosts plugged in. But in between the two parts of the network that are built with hubs, we can boot a bridge in there. The bridge is a layer two device, and it learns the Mac addresses on both sides. So what a bridge did was it segmented that large collision domain into two smaller collision domains. Traffic would typically stay on one side of the bridge only would move over if it had to move over, because if the destination was on the other side. So bridges, they’re basically switches, but they’ve only got around two parts in them. When layer two devices were first available, before switches, we had bridges.

So a switch is a multipart bridge. Basically, a bridge and a switch are the same thing, just that switches are modern devices and they’ve got more ports than bridges had. Again, just like hubs, you can’t even buy bridges anymore. Now, spanning three was invented back when bridges were in use, before switches were available. So it uses the terminology of the bridge, such as the root bridge and the bridge protocol data unit, you’ll what the root bridge and BBtus are as we go through the rest of this section. Okay, so just a quick lecture to explain why the terminology uses the term bridge rather than switch. See you in the next lecture where we’ll get into the details of how spanning three does its job.

5. How Spanning Tree Works

Learn about how spanning three works. This is going to be a bit of a longer lecture because there is a fair bit to spanning three and there’s not really any logical points where I can break this into separate videos. So this is a good time to go and grab yourself a coffee and then come back and settle into the video. Okay, so how spanning three works? It’s an industry standard protocol which is enabled by default on all vendors switches. You’ve already seen how devastating a broadcast storm can be on a local area network. We need to avoid that at all costs and spanning three is how we do it. So it’s always enabled on all vendor switches when they come out of the box. Switches send Bpdus bridge protocol data units when they come online and the Bpdus are used to detect other switches and potential loops. The switch will not forward traffic out any port until it’s certain that that port is loop free. When the port first comes online it will be in a blocking state because the switch needs to make sure it doesn’t send traffic until it’s sure there’s not a loop there.

Spanning tree will detect if the port forms a potential loop and if there is no loop, the port will then transition to a forwarding state. But that process can take up to 50 seconds if you’re using traditional legacy spanning tree. The BPTU contains the switch’s Bridge ID which uniquely identifies the switch on the land and the Bridge ID is comprised of the switch’s unique Mac address and also an administrator defined bridge priority value. The bridge priority can be from zero to 65535 and 32768 is the default. So switches were always going to have a Mac address on them that’s they are out of the box. The bridge priority can be set by you, the administrator, but if you don’t set that, it’s going to default to 32768. Next thing we have is the root bridge, a route bridge.

A single root bridge is elected based on the switches bridge ID values. The switch with the lowest bridge priority value in the land is preferred to be the root bridge. So if a bridge priority value is 16384 for example, that would be more preferred than 49152 because it’s a lower number. In the case of a tie, the switch with the lowest Mac address will be selected. So going back a slide, if you don’t manually manipulate this by manually setting a bridge ID, all the switches in your land will have the same bridge priority which will be 32768. In that case they’ll all have a tie. So it will be the one with the lowest Mac address that will be selected as the root bridge. The switches build a loop free forwarding path tree which leads back to the root bridge and you’ll see how this works as we go through this lecture. So a spanning tree example in our example here. We’ve not manually set bridge priority on any of our switches. We’ve got four switches here CD one, the CD is for core distribution, CD two and we’ve got access layer three and access four. CD one has got Mac address one one. It’s actually one one one. But to make it a bit shorthand, I’ve said it’s Mac one one.

CD two is Mac two two. Axis three is Mac three three and axis four is Mac four four. Because I haven’t set a bridge priority on any of switches, CD one will be elected as the root bridge because it has got the numerically lowest Mac address. The other switches will then detect the lowest cost path to get to the root bridge and those paths will transition to a forwarding state for the cost. When a switch calculates its best path towards the root bridge, higher bandwidth links are preferred. So a gigabit Ethernet interface would be preferred over a lower bandwidth fast Ethernet interface. For example, each switch’s exit interface on the lowest cost path towards the root bridge is selected as its root port. So if you have a look at the diagram here, we already said that CD one is the root bridge. From CD two’s point of view, it’s got two paths. Actually, it’s got three paths it can take to get to CD one. It can go out interface gigabit zero two. It’s directly connected to CD one. Or it could go via axis four by going out fast 00:24 and then out fast 00:21 on axis four. Or it could go via axis three. So it would go out port fast 00:21 on CD two and then out port fast 00:24 on axis three. Hopefully it’s really obvious which is going to be the lowest cost path out of those three. It’s going to be the direct connection along the top on the gigabit zero slash two interface.

So on CD two interface gig zero two will be selected as its root port. Next up we have access three. Access three could get to the root bridge. CD one either out interface fast zero slash 24 directly or it could go out interface fast zero slash 21 to CD two and then across on interface gig zero slash two. Again, it should be obvious that a single fast Ethernet link is going to be a lower cost than a Gigabit Ethernet plus a fast Ethernet link. So axis three will select portfast 00:24 as it’s the lowest cost to get to CD one and that interface becomes its root part. And then finally we have access four and it should be obvious again which will be the root port. On axis four it’s going to be interface fast 00:21 which again is directly connected to the root bridge of CD One. While I’m going through this, by the way, this is how the spanning three operations work as well. The first thing that happens is a root bridge is elected so all the switches come online. They send BBtus to each other over the land. They all detect each other and whichever bridge has got the best bridge ID.

So the lowest priority, if there’s a tie, it will be the lowest Mac address becomes the root bridge. That’s the first thing that happens. The next thing that happens is that all the switches in the land will figure out which is their root part, the best part to get towards the root bridge. And we’ll carry on going through the operations through the rest of this lecture. Now importantly, spanning tree does not do load balancing. If a switch has multiple equal cost paths towards the root bridge, it will select the neighbor switch with the lowest bridge ID. And that is going to be just one path. She’s seen the example diagram here. Core one is the root bridge. Now and looking at it from axis three down at the bottom’s point of view, it’s got two equal cost paths it could take to get to the root bridge. Core one, it could either go out interface fast 00:24 on the left hand side or interface fast 00:23 on the right hand side. Now, spanning three, it’s not a dynamic routing protocol. If this was a routing protocol, it would do equal cost load balancing and traffic would go up both paths. But with spanning three, it doesn’t do load balancing. It selects the one best path.

So what happens here is access three selects the path to the core one root bridge by a distribution two as it has a lower bridge ID. Whenever there’s a tie, the switch will select the neighbor switch with the lowest bridge ID. And that is distribution two. In this case, because it’s got a lower Mac address than distribution one is. And we didn’t set priority on either of them for this example. Another example of load balancing. So if I go back a slide here, we had two equal cost paths towards root bridge going through two different switches. In this next example, again, spanning three does not do load balancing. If a switch has multiple equal cost paths via the same neighbor switch towards the root bridge, again, it will only select one of those paths. It will select the port with the lowest port ID. So the example here, we’ve actually got four up links towards the root bridge.

Core one, from axis three, we’ve got two going towards distribution one and two going towards distribution two. Out of those four up links, only one of them is going to be selected. Access Free will select the path to the core one root bridge via distribution two, portfast zero one as it is the port with the lowest port ID, which is going to the switch with the lowest bridge ID. Okay, moving on. So first thing we select which is the root bridge.

Next up, all of the other switches select their root port towards the root bridge. Next thing is designated parts. Parts on the neighbor switch opposite the root port are designated parts. So your root parts point towards the root bridge, designated parts point away from it and all parts in the root bridge will always be designated parts because obviously they are going to be pointing away from the root bridge when they’re on it. So in the example here we already discovered which were our root parts on the interface on the other side of those links they will be set as designated parts. So looking at CD two it’s root port was gig zero two along the top. The interface on the other side which is gig zero two on CD one will be set as a designated part. The next one is facing access three. Access three’s root port was Fast 00:24. The interface on the other side of that link is Fast 00:24 on CD one. And finally it should be obvious that access for its root port is Fast 00:21.

So the designated port will be on the other side of that link. It’s going to be on Fast 00:21 on CD one. And you can see here that all the ports in the root bridge are always designated ports. Now looking at that previous example you may be thinking well it’s obvious which are the designated parts, it’s just all the parts that are on the route bridge. But that’s not necessarily the case because you see here I’m going to add another switch into the network which is not directly connected to the root bridge, it’s connected to CD two. If you look at that switch it should be pretty obvious that its root part is going to be on the interface facing CD two and then the designated port will be the part on CD two which is facing back towards that root part. So whenever we’ve got a root part, the interface on the other side of the link is going to be a designated port. Your root ports and your designated ports are the most direct paths to and from the root bridge. And the root bridge serves as a central point of the networking for where our traffic flows are going to go to and from.

So because your root ports and designated ports are on the most direct path, they are always going to transition to a forwarding state. On the remaining links, the switches determine which of them has the least cost path to the route. If they have equal cost paths when the bridge ID is used as a tiebreaker and the port connecting this switch to the link is selected as a designated port. So looking at our diagram again here, you see that we’ve got two links left over which have not been configured with root and designated ports. That’s the link from interface fast zero slash 21 on axis three to fast zero slash 21 on CD two and the other link is on axis four part fast 00:24 going up to Fast 00:24 on CD two. On those two remaining links, they’re links that would form a loop. So we’re going to need to block, and we’re going to block on one side of the link.

The other side of the link will remain a designated port. So right now we need to figure out which side will be the blocking side, which will be the designated port side. The side which has got the switch with the least cost path to the root or the lowest bridge ID will be the designated port side, the other side will be the blocking port. So right now CD two has got a gigabit Ethernet direct link going to the root bridge of CD two. That’s going to be lower cost than axis three and axis four which have got fast Ethernet links. So CD two is going to be the preferred switch. So it’s going to have designated ports on each side of those links. So from axis three, Fast 00:21 to CD two, Fast 00:21, the CD two side is going to be the designated port and it’s also going to be the CD two side, which is the designated port going on the link on fast zero, slash 24 down to access four. Any ports which have not been selected as a root port or a designated port pair would potentially form a loop and those are going to be selected as our blocking ports. So you can see on the diagram right now, we’ve only got two ports left over that’s Fast 00:21 on axis three and Fast 00:24 on axis four. If those parts were also forwarding, we would be forwarding everywhere and we would have a loop.

So we’re going to block on those parts to break the loops. So we block on Fast 00:24 on axis four and on Fast 00:21 on axis three. And you can now see that I’ve completed my diagram. Every single port has been labeled as either a root port, a designated port, or a blocking port spanning three. Only blocks ports on one side of the blocked link, BBtus continue to be sent over the link, but other traffic is dropped. So we continue to send BB to use so that spanning tree can detect if any links go down and fail around to a different path around that. Okay, so we covered how to figure out the route, the designated and the blocking ports. I’ll summarize here about the quick and easy way to do that, which really aligns with how spanning three actually works as well. So first off, determine which is the root bridge. Out of all the switches, that will be the switch which has got the best bridge ID. Next, all ports on the root bridge are designated ports. So if you’ve drawn, this is a diagram on your diagram on all the ports that are on the root bridge, you can mark them as DP designated ports next, determine the root ports on the other switches, the non root bridges. The root port will be the port which is at the lowest cost to the root bridge. Mark those as RP root ports on your diagram.

Next up, the ports on the other side of those links on the other side of your root ports are going to be designated ports so you can mark them off. And then on the links which are left over one port will be blocking, the other side will be a designated port. Determine which is the blocking port. That’s the one which has got the highest cost path to the root bridge or the highest bridge ID. The ports on the other side of those links are designated ports. You’ve now completed your diagram. You know all the ports in the network, what type they are. So going back to our original diagram showing the entire network here and if you look back at the previous slides with the diagrams, this was just a zoomed in drill down level of the switches. So going back this diagram here, I’ve zoomed back out again to show the entire network. So those are the available paths through the network. If you look at the switching part here, you can see I’ve removed the links which were blocked all unicast multicast and broadcast traffic. So all the traffic on the network can only go over those links. If you look up at the top part of the network you see that there are loops between our routers.

But routing protocol, loop prevention mechanisms and the TTL field in our IP header prevent traffic from actually looping at layer three. Looking at the switched part of a network, you see that there are no actual loops there. Now they’ve all been removed by spanning three. So spanning three ensures that there are no loops at layer two. And if we go back to the ARP request that we covered at the start of this section where PC one sent out an ARP request for its default gateway at R one, you can see that now we are using spanning tree. The traffic still gets flooded everywhere over the tree but it doesn’t get looped anywhere. So traffic still can still get where it needs to go, but we’re not going to have any broadcast storms formed by loops. If an uplink to CD one fails, spanning tree will detect it and transition the redundant link to forwarding. So you can see in the example here, but my uplink from axis three to CD one and my uplink from axis four to the root bridge at CD one, both of those failed. If that happens, then spanning three will detect it and it will fail it over to the next best path, still ensuring that there are no loops. So this is what our topology would look like if we had lost those uplinks to CD one. You can now see that we still have just that one spanning three, again with no loops in it. Now the traffic is going via okay, we got there. That’s it. You now know the whole thing about how spanning three works. In the next few lectures we’ll get into how to actually monitor.