CCNA 200-301 Day 21

STP (Spanning Tree Protocol) Part 2

 Things we’ll cover

●
STP states/timers

●
STP BPDU

●
STP optional features

●
STP configuration
 Spanning Tree Port States
●
Root/Designated ports remain stable in a
Forwarding state.
STP Port State Stable/Transitional
●
Non-designated ports remain stable in a
Blocking Stable Blocking state.
●
Listening and Learning are transitional
Listening Transitional states which are passed through when an
interface is activated, or when a Blocking
port must transition to a Forwarding state
Learning Transitional due to a change in the network topology.

Forwarding Stable

(Disabled)
 Spanning Tree Port States
STP Port State Stable/Transitional

Blocking Stable

●
Non-designated ports are in a Blocking state.
●
Interfaces in a Blocking state are effectively disabled to prevent loops.
●
Interfaces in a Blocking state do not send/receive regular network traffic.
●
Interfaces in a Blocking state receive STP BPDUs.
●
Interfaces in a Blocking state do NOT forward STP BPDUs.
●
Interfaces in a Blocking state do NOT learn MAC addresses.
 Spanning Tree Port States
STP Port State Stable/Transitional

Listening Transitional

●
After the Blocking state, interfaces with the Designated or Root role enter the
Listening state.
●
Only Designated or Root ports enter the Listening state (Non-designated ports
are always Blocking).
●
The Listening state is 15 seconds long by default. This is determined by the
Forward delay timer.
●
An interface in the Listening state ONLY forwards/receives STP BPDUs.
●
An interface in the Listening state does NOT send/receive regular traffic.
●
An interface in the Listening state does NOT learn MAC addresses from regular
traffic that arrives on the interface.
 Spanning Tree Port States
STP Port State Stable/Transitional

Learning Transitional

●
After the Listening state, a Designated or Root port will enter the Learning state.
●
The Learning state is 15 seconds long by default. This is determined by the
Forward delay timer (the same timer is used for both the Listening and Learning
states)
●
An interface in the Learning state ONLY sends/receives STP BPDUs.
●
An interface in the Learning state does NOT send/receive regular traffic.
●
An interface in the Learning state learns MAC addresses from regular traffic that
arrives on the interface.
 Spanning Tree Port States
STP Port State Stable/Transitional

Forwarding Stable

●
Root and Designated ports are in a Forwarding state.
●
A port in the Forwarding state operate as normal.
●
A port in the Forwarding state sends/receives BPDUs.
●
A port in the Forwarding state sends/receives normal traffic.
●
A port in the Forwarding state learns MAC addresses.
 Spanning Tree Port States

Frame
Send/Receive MAC address Stable/
STP Port State forwarding
BPDUs learning Transitional
(regular traffic)

Blocking NO/YES NO NO Stable

Listening YES/YES NO NO Transitional

Learning YES/YES NO YES Transitional

Forwarding YES/YES YES YES Stable

Disabled NO/NO NO NO Stable

 Spanning Tree Timers

STP Timer Purpose Duration

Hello How often the root bridge sends hello BPDUs 2sec

How long the switch will stay in the Listening

Forward delay and Learning states (each state is 15 seconds = 15sec
total 30 seconds)

How long an interface will wait after ceasing to

20sec
Max Age receive Hello BPDUs to change the STP
topology. (10* hello)
 Spanning Tree Timers
= Hello BPDU 10.0.0.0/24

SW1 SW2
PC1 PC2

.1 .2

SW3
PC3

.3
 Spanning Tree Timers
= Hello BPDU

SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3

Pri: 32769
MAC: C.C.C
 Spanning Tree Timers
= Hello BPDU

SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3
Switches do not forward the BPDUs out of their root ports and non-
designated ports, only their designated
Pri: 32769
ports.
MAC: C.C.C
 Spanning Tree Timers

STP Timer Purpose Duration

Hello How often the root bridge sends hello BPDUs 2sec

How long the switch will stay in the Listening

Forward delay and Learning states (each state is 15 seconds = 15sec
total 30 seconds)
How long an interface will wait to change the
STP topology after ceasing to receive Hello 20sec
Max Age BDPUs. The timer is reset every time a BPDU (10* hello)
is received.
 Spanning Tree Timers
SW1 SW2
SW2 Max Age Timer: Pri: 32769 Pri: 32769
MAC: 014A.38F1.BA81 MAC: 193D.72DE.36E1
20
D R
19 R G0/0
G0/1
N
G0/1 G0/0
18
G0/0 G0/1
D
D
G0/1 G0/0
D R

SW3 SW4
Pri: 32769 Pri: 32769
MAC: 014A.3821.2981 MAC:
83F1.2846.392F
 Spanning Tree Timers
SW1 SW2
SW2 Max Age Timer: Pri: 32769 Pri: 32769
MAC: 014A.38F1.BA81 MAC: 193D.72DE.36E1
20
D R
19 R G0/0
G0/1
N
G0/1 G0/0
18
20 D
G0/0 G0/1
D

19 D
G0/1 G0/0
R

18 SW3 SW4
Pri: 32769 Pri: 32769
MAC: 014A.3821.2981 MAC:
83F1.2846.392F
 Spanning Tree Timers
SW1 SW2
SW2 Max Age Timer: Pri: 32769 Pri: 32769
MAC: 014A.38F1.BA81 MAC: 193D.72DE.36E1
20 15
19 R
D
G0/0
x G0/1
R

N
G0/1 G0/0
18
20 D
G0/0 G0/1
D

19 D
G0/1 G0/0
R

18 SW3 SW4
Pri: 32769
17 MAC: 014A.3821.2981
Pri: 32769
MAC:
16 0 83F1.2846.392F
 Spanning Tree Timers
STP Timer Purpose Duration
How long an interface will wait to change the
STP topology after ceasing to receive Hello 20sec
Max Age BDPUs. The timer is reset every time a (10* hello)
BPDU is received.
●
If another BPDU is received before the max age timer counts down to 0, the time will reset
to 20 seconds and no changes will occur.

●
If another BPDU is not received, the max age timer counts down to 0 and the switch will
reevaluate its STP choices, including root bridge, and local root, designated, and non-
designated ports.

●
If a non-designated port is selected to become a designated or root port, it will transition
from the blocking state to the listening state (15 seconds), learning state (15 seconds), and
then finally the forwarding state. So, it can take a total of 50 seconds for a blocking
interface to transition to forwarding.

●
These timers and transitional states are to make sure that loops aren’t accidentally created
by an interface moving to forwarding state too soon.
 Spanning Tree Timers
A forwarding interface can move directly to a blocking state (there is no worry about
STP Timer a loop by blocking
creating Purpose
an interface). Duration
How long an interface will wait to change the
A blocking STP topology
interface after ceasing
cannot move to receive to
directly Hello 20secstate.
forwarding It must go through the
Max Age BDPUs. The timer is reset every time a (10* hello)
listening and learning BPDU
states. is received.
●
If another BPDU is received before the max age timer counts down to 0, the time will reset
to 20 seconds and no changes will occur.

●
If another BPDU is not received, the max age timer counts down to 0 and the switch will
reevaluate its STP choices, including root bridge, and local root, designated, and non-
designated ports.

●
If a non-designated port is selected to become a designated or root port, it will transition
from the blocking state to the listening state (15 seconds), learning state (15 seconds), and
then finally the forwarding state. So, it can take a total of 50 seconds for a blocking
interface to transition to forwarding.

●
These timers and transitional states are to make sure that loops aren’t accidentally created
by an interface moving to forwarding state too soon.
 Spanning Tree BPDU

PVST = Only ISL trunk encapsulation

PVST+ = Supports 802.1Q
Regular STP (not Cisco’s PVST+)
uses a destination MAC address of
0180.c200.0000

The STP timers on the root bridge

determine the STP timers for the entire
network.
 Spanning Tree Optional Features (STP Toolkit)
Portfast

SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3

Pri: 32769
MAC: C.C.C
 Spanning Tree Optional Features (STP Toolkit)
Portfast
 Spanning Tree Optional Features (STP Toolkit)
Portfast
 Spanning Tree Optional Features (STP Toolkit)
Portfast
 Spanning Tree Optional Features (STP Toolkit)
Portfast

SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3
Portfast allows a port to move immediately to the Forwarding state, bypassing
Listening and Learning.
If used, it must be enabled only on Pri:
ports connected to end hosts.
32769
MAC: C.C.C
If enabled on a port connected to another switch it could cause a Layer 2 loop.
 Spanning Tree Optional Features (STP Toolkit)
Portfast

You can also enable portfast with the following command:

SW1(config)# spanning-tree portfast default

This enables portfast on all access ports (not trunk ports).

 Spanning Tree Optional Features (STP Toolkit)
Portfast

SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3

Pri: 32769
MAC: C.C.C
 Spanning Tree Optional Features (STP Toolkit)
Portfast

SW1 SW2
PC1 D R
G0/0 G0/1
G0/2 G0/2
D D
.1
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2

Pri: 32769
MAC: C.C.C
 Spanning Tree Optional Features (STP Toolkit)
BPDU Guard

SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
If an interface with BPDU Guard enabled receives a BPDU from another
switch, the interface will be shut down to preventPri:
Pri: 32769 32769
a loop from forming.
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3

Pri: 32769
MAC: C.C.C
 Spanning Tree Optional Features (STP Toolkit)
BPDU Guard

You can also enable BPDU Guard with the following command:
SW1(config)# spanning-tree portfast bpduguard default

This enables BPDU Guard on all Portfast-enabled interfaces.

 Spanning Tree Optional Features (STP Toolkit)
BPDU Guard
 Spanning Tree Optional Features (STP Toolkit)
BPDU Guard
 Spanning Tree Optional Features (STP Toolkit)
BPDU Guard

You probably don’t have to know these STP optional features (or others such as
UplinkFast, Backbone Fast, etc) for the CCNA. But make sure you know Portfast and
BPDU Guard. If you want to read more about the others just in case, do a Google
search.

If you enable root guard on an interface, even if it receives a superior

Root Guard BPDU (lower bridge ID) on that interface, the switch will not accept
the new switch as the root bridge. The interface will be disabled.

If you enable loop guard on an interface, even if the interface stops

Loop Guard receiving BPDUs, it will not start forwarding. The interface will be
disabled.
Configure the Spanning Tree mode
 Configure the Primary Root Bridge

SW1 SW2
PC1 PC2
G0/0 G0/1
G0/2 G0/2
.1 .2
G0/0
G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 G0/1 PC3

G0/2 .3

Pri: 32769
MAC: C.C.C
 Configure the Primary Root Bridge

The spanning-tree vlan vlan-number root primary command sets the STP
priority to 24576. If another switch already has a priority lower than 24576, it sets this
switch’s priority to 4096 less than the other switch’s priority.
 Configure the Secondary Root Bridge

The spanning-tree vlan vlan-number root secondary command sets the STP
priority to 28672.
 STP Load-Balancing
VLAN 1 Topology
SW1 SW2
PC1 N D PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 R
R G0/1
Pri: 32769 Pri: 28673
MAC: A.A.A SW3 MAC: B.B.B
G0/0 D D G0/1 PC3

D
G0/2 .3

Pri: 24577
MAC: C.C.C
 STP Load-Balancing
VLAN 2 Topology
SW1 SW2
PC1 D R PC2
G0/0 G0/1
G0/2 G0/2
D D
.1 .2
G0/0 D
D G0/1
Pri: 32769 Pri: 32769
MAC: A.A.A SW3 MAC: B.B.B
G0/0 R N G0/1 PC3

D
G0/2 .3

Pri: 32769
MAC: C.C.C
 Spanning Tree Quiz 7
SW2 SW4
SW1(config)# spanning-tree vlan 10 root primary
SW1(config)# spanning-tree vlan 20 root secondary

SW2(config)# spanning-tree vlan 20 root primary

SW2(config)# spanning-tree vlan 10 root secondary

SW1 SW3

Two VLANs are active in this network, 10 and 20. By default, SW3 is the root bridge for both
VLANs. Configure SW1 as the primary root for VLAN10 and the secondary root for VLAN20.
Configure SW2 as the primary root for VLAN20 and the secondary root for VLAN10.
Which two commands should you issue on SW1, and which two commands should you issue on
SW2?
 Spanning Tree Quiz 7
VLAN 10 Topology SW2 SW4

SW1 SW3
 Spanning Tree Quiz 7
VLAN 20 Topology SW2 SW4

SW1 SW3
Configure STP Port Settings
 Things we covered

●
STP states/timers

●
STP BPDU

●
STP optional features

●
STP configuration
 QUIZ
+
 Spanning Tree Quiz 8

You connect a PC to a switch, however for about half a minute you are unable to connect to
the network. Which two options could fix this issue and allow you to access the network
more quickly? (Choose two. Each answer is a complete solution.)

a) Enable PortFast on the switch port you connect the PC to.

b) Reduce the STP hello timer.

c) Reduce the STP forward delay timer.

d) Reduce the STP max age timer.

 Spanning Tree Quiz 9

A packet capture indicates that a switch port has an STP port ID of 0x8002. What is the
STP port priority of this port?

a) 80

b) 32

c) 128

d) 224
 Spanning Tree Quiz 10

You want to make sure that a Layer 2 loop will not be caused if a user connects a switch to
a switch port. Which spanning tree optional feature achieves this?

a) PortFast

b) Loop Guard

c) Root Guard

d) BPDU Guard
 Supplementary Materials

●
Review flash cards
(link in the description)

●
Packet Tracer lab
JCNP-Level Channel Members