Spanning Tree Protocol

November 23, 2020 - Reading time: 4 minutes

By default, all Cisco switches have Spanning Tree Protocol (STP) enabled. However, you can choose to configure STP on your switches manually. 

STP is used by switches to prevent loops (broadcast storms) from disrupting local area networks. It ensures that there is only one logical path between all destinations on the network, which is achieved by disabling unwanted paths and blocking ports that could cause the loop.

A switch blocks a port when it detects a loop on the network. On the network segment with switches, one switch is elected to be Root Bridge on the network. Other switches on the network then select one of its ports as Root Port. Also, a Designated Port is chosen on each segment and any other ports are put in Blocking state. We shall follow these same procedure in our manual configurations.

The lab below is used in this tutorial:

In this lab, we can see that interface fa0/1 is down on Switch2. This is because this is neither a root port nor designated port, hence it’s in the blocking state. To view the STP configuration on the switches, the command show spanning-tree is used. This command reveals whether STP is enabled, the current Root Bridge, the route priority, status of ports, etc. Let’s view the default STP configuration our three switches:

On Switch0:

On Switch1:

On Switch2:

From the above screenshots we can see that Swicth0 is the Root Bridge, both fa0/1 and fa0/2 on Swicth0 are designated ports, and in forwarding state. Fa0/1 and fa0/2 are Root ports on Switch1 and Switch2 respectively. Fa0/2 on Switch1 is a designated port, and fa0/1 on Switch2 is in blocking state.

For our configuration, we shall make Switch1 the Root Bridge, Switch2 and the Secondary Root Bridge, and then block interface fa0/2

Configure switch1 as the primary root:

Switch1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z
Switch1 (config)#spanning-tree vlan 1 root primary
Switch1 (config)#

Configure switch2 as the secondary root:

Switch2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z
Switch1 (config)#spanning-tree vlan 1 root secondary
Switch1 (config)#

Now let’s view the how the topology looks like:

From the screenshot above, fa0/2 on Switch0 is in blocking stake, and Switch0 is no longer the root switch. We made Switch1 the root bridge, and Switch2 the secondary root bridge. You can use the show spanning-tree command to verify these on each switch.

Spanning Tree Protocol | PocketCLI