STP: Spanning Tree Protocol Part 1

Alright, another day to review! Gosh this is a long topic!! Today I'm gonna write about STP, and it stands for Spanning Tree Protocol. Without STP, boi, you'll gonna have lots of headaches, you'll know why later. STP is used by switches, and before I go any further, first let me give you an introduction of where STP comes into play on your switched network --redundancy. It's resolves the availability issue in a computer network (crucial networks) by having redundant equipment and connection in case the main line or equipment goes down. For short, redundancy is like having an alternate route. Having multiple paths to a destination allows you to reach the destination even if a route goes down. Implementing redundancy, organizations (e.g. webhosting companies or telephone companies) that depends on computer networks can be assured of business continuity.

Just a side note: redundancy is achieved by having a heirarchical network design (having the access, distribution, and core layers). I'll not write about network design since its a broad topic to talk about. Heck its got its own certification for it: CCDP (Cisco Certified Design Professional). Maybe I'll write something about simple network design and Layer 2 & 3 redundancy next time.

Here's were the problem comes. With redundancy, Layer 2 loops can occur, wherein packets will not stop traversing different switches and will eat up lots of the switch's CPU resources. How does this happen, and what is a Layer 2 loop? Ok, let me try to explain without the use of a diagram. Say we have three switches namely S1, S2, and S3, all connected together using trunk ports. Say PC1 is connected to S1, and PC2 is connected to S3. Here is the thing, remember that switches forward broadcast packets to ALL ports except the port where the broadcast packet came from? If you could visualize the diagram above, you'll get the whole idea. Each switch in the example has 2 trunk ports, and each would be receiving the broadcast message on one trunk port.
Step 1: receive a broadcast packet on a trunk port 1.
Step 2: the switch forwards the packet to all ports except where the packet came from(trunk port 1). Thus each switch will forward it to the other trunk port (trunk port 2).
Step 3: the receiving switch receives the broadcast on the trunk port 2.
Step 4: the switch forwards the packet to all ports except where the packet came from(trunk port 2). Thus each switch will forward it to the other trunk port (trunk port 1).
Step 5: go back to Step 1.
This is what we call the Layer 2 loop or the switching loop, and this occurs in a switched network having redundancy links without STP. If you're thinking that the packet will eventually get dropped when the TTL (time-to-live) expires, you're wrong. Ethernet frames or Layer 2 messages has no TTL field! Switching loops will soon turn out to broadcast storms if more broadcast are sent by different computers to the network. Switching loop can only stop if the physical link (trunk port) goes down. As more and more broadcast are sent, soon you'll find your network useless since all bandwidth is consumed.

Now knowing what disaster Layer 2 loops can do, you'll appreciate why there's STP. You might be wondering too if all switches (different brands/vendors) have STP running. Honestly, I'm not sure. What I can say is that all managed switches has STP. Managed meaning you can configure.

The purpose of STP is to avoid switching loops in your switched network. STP does that by blocking redundant ports dynamically and intentionally to maintain only one logical path to all nodes. STP dynamically unblocks the redundant port if the main path goes down.

STP utilizes the ST (spanning-tree) algorithm. Wherein the algorithm selects the shortest path to all nodes based on path cost without creating a loop. Applying STA, first we need to have our starting point, the root. Every network with switches will need and has to have one for our reference as the starting point. The selection of the root switch happens during the startup of switches (yes, all switches in your network participates in this election). They would send each other messages notifying who would be root. Now, after the election, let's say our switch has multiple paths to a destination, what STA does is it will only select one path, then the switch uses the information from STA to set port roles to the rest of the redundant ports, either blocking, forwarding. This entire process is how STP functions.

Hmm, I've mentioned about port roles, I'll give you a brief explaination about this, then I'll go into detail in part 2. Port roles are basically how a port should perform based on STP. There are four roles: root ports, designated ports, and non-designated ports. The root port is the port closest to the switch. The designated port is the port that allows the forwarding of packets. The non-designated port is the port that blocks all packets, and the disabled port is the port that is administratively down (it has the 'shutdown' configuration).

To clarify and be more detailed on the election process, the election starts when switches the starts up. All switches initially are root bridges. They'll be sending messages which is BPDU (bridge protocol data unit) every 2 seconds. Inside BPDU will contain the BID (bridge ID), and the BID consists of a priority value, switch's MAC address, and an extended system ID. Each switch will compare their BID with the BID of the other switches, and the lowest BID will be elected as the root. All subsequent BPDUs of the switches that has its root ID change will send the updated root ID so that all other switch will know the lower root ID. We could manipulate te priority value in the BID to manipulate the election process. The default value of the priority value is 32768, and it could range from 1 - 65536. The lower the priority value, the higher the chance that the switch would become the root bridge. The extended system ID is used to support VLANs (I'll write another blog explaining how STP works in per VLAN basis), so it could be ignored if there are no VLANs in the network. Let's say all switches have the default bridge priority value of 32768, switches will use the MAC address as the basis of determining the root bridge. The switch with the lower MAC address will be the root bridge.

Now about the path selection, how what parameters are used to determine which is the best/shortest path to the root bridge? STP sums up all the port costs in a given path to determine the path cost. The path will the lowest path cost is the best/shortest path. The port costs are the following:
10Gbps = 2
1Gbps = 4
100Mbps = 19
10Mbps = 100
These values are the default values set by the IEEE. If your wondering if the port cost could be modified, why yes. They can to give you the flexibility of choosing your path to the root bridge. To configure the port cost you must enter into the interface-configuration mode by selecting the port you want to configure, then enter 'spanning-tree cost '. If you want to reset if back to the default, just type 'no spanning-tree cost' in the interface-configuration mode of that port and your good to go.

Ok, let me give a scenario: Let's say we have to ports with the same path cost going to the root bridge, how does the switch decide what port to block? The answer is simple, the port with the lower port ID will be used. Example, fa0/1 and fa0/24 have both the same path cost to the root bridge. The switch will select fa0/1 since it has the lower port ID. But still, we can override this by changing the port priority for STP. The default value of this is 128. We can configure this by going to the interface-configuration mode of the chosen interface, then type 'spanning-tree port-priority <0-240,>'. To verify the change, type 'show spanning-tree' in the privelage mode and see that the port priority of that port will change from 128 to the priority number you have entered.

The general process of how STP works are the following:
Step 1: a root bridge is elected (BPDU is sent by each switch and each switch compares their root ID with the root ID of others)
Step 2: each switch uses the STA to determine the shortest path to the root bridge
Step 3: each switch takes into account the port speed/bandwidth for which port to block and unblock | path cost is calculated using port speeds/bandwidth also, so if there are two paths to one destination, the path with the lowest cost is selected.
Step 4: port roles are assigned based on the STA calculated path to use.
Step 5: voila, converged!

Reminder: all switch ports are in blocking mode when all switches are calculating the root bridge and determining paths.

Alright, seems to me that we've got the gist of how STP works in switches and in our network, but I'm not done with my review yet since Cisco is also covering the BPDU in detail. If you want to know the details of BPDUs go and read, but if you just want to know how to configure STP on your switches, just skip the BPDU part.

BPDUs has three fields, each fields contains four important information for STP.
The first field:
protocol ID - determines what protocol is used.
version - determines what version of the protocol is used.
message type - determines the type of message sent.
flags - indicates whether there's a topology change and indicates the receipt of a topology change.
The second field:
root id - when a root bridge is already elected, the bridge id of the root bridge will be indicated here. At start up, all switches are root, thus the root id will be their own bridge id.
cost of path - the total path cost of the sender of the BPDU going to the root bridge.
bridge id - the bridge id of the sender of the BPDU.
port id - indicates from what port the BPDU was sent, this allows loop created by multiple connected bridges to be detected and corrected.
The third field:
message age - indicates how much time elapsed from the time the root bridge sent the message of the current configuration.
max age - indicates how long the BPDU should last. If the message age reached the max age, there would be a new election of a root bridge since it assumes the connection is lost from the root. 20 secs by default and can be tuned from 6 - 40 secs.
hello timer - indicates the interval where the root bridge will send another BPDU. 2 secs by default, can be tuned from 1 - 10 secs.
forward delay - indicate the time for bridges to wait before transitioning to a new state.

Alright, I guess I'll stop here for the moment, my head hurts quite a bit already. I'll write part 2 of STP later this evening which includes detail discussion of port roles, BPDU timers, per VLAN STP (PVST), some design tips on STP, and what are the important stuff to configure for STP.