Part 26 – How Spanning-Tree Works

How Spanning-Tree Works

Table Of Contents
  1. How Spanning-Tree Works
  2. Resources

Introduction

Welcome to Part 26 of the Network Fundamentals study notes — and the final video in the series! If you haven’t already, we recommend watching the video first.

In Part 25 we saw why layer 2 loops are so dangerous and that Spanning-Tree Protocol prevents them. Now we look at the detail — how STP discovers the topology, elects a root bridge, assigns port roles, and decides which links to block.

BPDUs – Bridge Protocol Data Units

Spanning-tree enabled switches communicate using special frames called BPDUs. There are two types:

  • Configuration BPDU – sent by the root bridge outward to all connected switches. Used for initial topology discovery and ongoing maintenance. Each switch includes its Bridge ID in the BPDU — a unique identifier for that switch.
  • Topology Change Notification (TCN) – sent by non-root switches when a topology change occurs (a link goes up or down, a switch fails). TCNs propagate up toward the root bridge so it can update the network.

The Root Bridge

The first thing STP does is elect one switch as the root bridge — the anchor point for the entire spanning-tree topology. Think of the network as an inverted tree: the root bridge sits at the top, and all other switches branch outward from it.

The root bridge is elected based on Bridge ID. The switch with the lowest Bridge ID becomes root. The Bridge ID is made up of a priority value (configurable) and the switch’s MAC address. By default all switches have the same priority, so the one with the lowest MAC address wins. You can influence the election by manually lowering a switch’s priority.

Once elected, the root bridge sends configuration BPDUs out all of its ports. Other switches receive these, learn they’re connected to the root bridge, and forward the BPDUs onward through the network.

Port Roles

Each switch port in the spanning-tree topology is assigned a role:

  • Designated port – faces away from the root bridge (i.e. toward end devices or downstream switches). Forwards traffic normally. The root bridge has only designated ports.
  • Root port – the port on a non-root switch that provides the best path toward the root bridge. Each non-root switch has exactly one root port. The root bridge has no root ports.
  • Blocked port – a port that has been disabled by STP to break a loop. It still receives BPDUs but doesn’t forward regular traffic.

How Loops Are Detected and Broken

Detecting a Loop

As BPDUs flood outward from the root bridge, each switch forwards them to its neighbours. If a switch receives a BPDU from the root bridge via two different paths, it knows a loop exists — there should only ever be one path to the root.

Calculating Costs

Each switch port has a cost inversely related to its link speed. Faster links have lower costs; slower links have higher costs. When a switch receives a BPDU, it adds the cost of the incoming port to the cost already written in the BPDU, giving the total path cost to the root bridge.

The port with the lowest total path cost to the root bridge becomes the root port. Simple and elegant.

Breaking the Loop

Once the root ports are chosen, both ends of the looping link know they need to resolve it — but only one end should be blocked. STP uses the Bridge ID to decide: the switch with the lower Bridge ID wins and sets its port as designated (forwarding). The switch with the higher Bridge ID sets its port to blocked.

The blocked port stops forwarding regular traffic, breaking the loop. The network is now loop-free.

BPDUs as a Heartbeat

The root bridge continues sending configuration BPDUs at regular intervals. Other switches update the cost and forward them on. This steady stream of BPDUs acts as a heartbeat — as long as switches keep receiving them, they know the topology is healthy.

If BPDUs suddenly stop arriving, the switch knows something has gone wrong — probably a dead switch or broken link — and STP begins reconvergence: recalculating port roles and unblocking previously blocked links as needed to restore connectivity. Adding a new switch or link also triggers reconvergence.

Port States (Classic STP)

To prevent loops during the initial startup and convergence process, every switch port goes through a series of states before it can forward regular traffic:

  • Blocking (20 seconds) – the port is up but not forwarding any traffic. BPDUs are received so the switch can learn about the topology. This immediately prevents loops when a port first comes up.
  • Listening (15 seconds) – the port processes BPDUs and participates in root bridge election and port role selection. It may transition back to blocking if needed. Still no regular data traffic.
  • Learning (15 seconds) – the switch builds its MAC address table from incoming frames. Still no forwarding of regular data.
  • Forwarding – normal operation. Data flows freely. The port stays here until a topology change requires it to restart the process.

The total time from blocking to forwarding in Classic STP is ~50 seconds. This is fine for switch-to-switch links, but it means a workstation or printer plugged into a switch port also waits 50 seconds before it can communicate — which is a frustrating experience for users.

STP Versions

Classic STP has been improved over the years. Here’s a brief overview of the key versions:

  • Classic STP (802.1D) – the original. Blocks links the same way for all VLANs. Slow convergence (~50 seconds).
  • PVST (Cisco proprietary) – Per-VLAN Spanning Tree. Runs a separate spanning-tree instance for each VLAN. This means different links can be blocked for different VLANs, making better use of available bandwidth. Cisco-only.
  • PVST+ – an updated version of PVST that’s compatible with Classic STP (so it works with non-Cisco switches). Also added PortFast, which skips the 50-second process for ports connected to end devices like workstations and printers.
  • Rapid STP / RSTP (802.1W) – a standards-based improvement with much faster convergence. All vendors can use it. Still runs one instance for all VLANs, like Classic STP.
  • Rapid-PVST+ (Cisco proprietary) – combines RSTP speed with per-VLAN instances. Best of both worlds — but Cisco-only.
  • Multiple Spanning Tree / MST (802.1S) – the standards-based answer to per-VLAN STP. Groups multiple VLANs together into a single spanning-tree instance (rather than one instance per VLAN), which is more efficient on switches with many VLANs. Fast convergence. Supported by all major vendors.

Resources

Test your knowledge with the Spanning-Tree quiz!