Catalyst 4000 Family Switch Cisco IOS Software Configuration Guide, 12.1(8a)EW - Configuring STP [Cisco Catalyst 4000 Series Switches]

Table Of Contents

Understanding and Configuring STP

STP Overview

Bridge Protocol Data Units

Election of the Root Bridge

STP Timers

Creating the STP Topology

STP Port States

Blocking State

Listening State

Learning State

Forwarding State

Disabled State

MAC Address Allocation

STP and IEEE 802.1Q Trunks

Default STP Configuration

Configuring STP

Enabling STP

Configuring the Root Bridge

Configuring a Secondary Root Switch

Configuring STP Port Priority

Configuring STP Port Cost

Configuring the Bridge Priority of a VLAN

Configuring the Hello Time

Configuring the Maximum Aging Time for a VLAN

Configuring the Forward-Delay Time for a VLAN

Disabling STP

Understanding and Configuring STP

This chapter describes how to configure the spanning tree protocol (STP) on Catalyst 4006 switch with Supervisor Engine III. It also provides guidelines, procedures, and configuration examples.

This chapter consists of the following sections:

•STP Overview

•Default STP Configuration

•Configuring STP

Note For information on configuring the PortFast, UplinkFast, and BackboneFast spanning tree enhancements, see "Configuring STP Features."

Note For complete syntax and usage information for the commands used in this chapter, refer to the Command Reference for the Catalyst 4006 Switch with Supervisor Engine III and the publications at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/index.htm

STP Overview

STP is a Layer 2 link management protocol that provides path redundancy while preventing undesirable loops in the network. For a Layer 2 Ethernet network to function properly, only one active path can exist between any two stations. Spanning tree operation is transparent to end stations, which cannot detect whether they are connected to a single LAN segment or a switched LAN of multiple segments.

Catalyst 4000 family switches use the STP (the IEEE 802.1D bridge protocol) on all VLANs. By default, a single instance of spanning tree runs on each configured VLAN (provided you do not manually disable spanning tree). You can enable and disable spanning tree on a per-VLAN basis.

When you create fault-tolerant internetworks, you must have a loop-free path between all nodes in a network. The spanning tree algorithm calculates the best loop-free path throughout a switched Layer 2 network. Switches send and receive spanning tree frames at regular intervals. The switches do not forward these frames, but use the frames to construct a loop-free path.

Multiple active paths between end stations cause loops in the network. If a loop exists in the network, end stations might receive duplicate messages and switches might learn end station MAC addresses on multiple Layer 2 interfaces. These conditions result in an unstable network.

Spanning tree defines a tree with a root switch and a loop-free path from the root to all switches in the Layer 2 network. Spanning tree forces redundant data paths into a standby (blocked) state. If a network segment in the spanning tree fails and a redundant path exists, the spanning tree algorithm recalculates the spanning tree topology and activates the standby path.

When two ports on a switch are part of a loop, the spanning tree port priority and port path cost setting determine which port is put in the forwarding state and which port is put in the blocking state. The spanning tree port priority value represents the location of an interface in the network topology and how well located it is to pass traffic. The spanning tree port path cost value represents media speed.

The following sections describe how STP works:

•Bridge Protocol Data Units

•Election of the Root Bridge

•STP Timers

•Creating the STP Topology

•STP Port States

•MAC Address Allocation

•STP and IEEE 802.1Q Trunks

Bridge Protocol Data Units

The stable active spanning tree topology of a switched network is determined by the following:

•The unique bridge ID (bridge priority and MAC address) associated with each VLAN on each switch

•The spanning tree path cost to the root bridge

•The port identifier (port priority and MAC address) associated with each Layer 2 interface

To communicate and compute the spanning tree topology, Bridge Protocol Data Units (BPDUs) are transmitted from each switch (configuration BPDUs) and in one direction from the root switch. Each configuration BPDU contains the following minimal information:

•The unique bridge ID of the switch that the transmitting switch believes to be the root switch

•The spanning tree path cost to the root

•The bridge ID of the transmitting bridge

•Message age

•The identifier of the transmitting port

•Values for the hello, forward delay, and max-age protocol timers

When a switch transmits a BPDU frame, all switches connected to the LAN on which the frame is transmitted receive the BPDU. When a switch receives a BPDU, it does not forward the frame but instead uses the information in the frame to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission.

A BPDU exchange results in the following:

•One switch is elected as the root switch.

•The shortest distance to the root switch is calculated for each switch based on the path cost.

•A designated bridge for each LAN segment is selected. This is the switch closest to the root bridge through which frames are forwarded to the root.

•A root port is selected. This is the port providing the best path from the bridge to the root bridge.

•Ports included in the spanning tree are selected.

Election of the Root Bridge

For each VLAN, the switch with the highest bridge priority (the lowest numerical priority value) is elected as the root switch. If all switches are configured with the default priority (32768), the switch with the lowest MAC address in the VLAN becomes the root switch.

The spanning tree root switch is the logical center of the spanning tree topology in a switched network. All paths that are not required to reach the root switch from anywhere in the switched network are placed in spanning tree blocking mode.

BPDUs contain information about the transmitting bridge and its ports, including bridge and MAC addresses, bridge priority, port priority, and path cost. Spanning tree uses this information to elect the root bridge and root port for the switched network, as well as the root port and designated port for each switched segment.

STP Timers

Table 12-1 describes the STP timers that affect the entire spanning tree performance.

Table 12-1 Spanning Tree Protocol Timers

Variable

Description

Hello timer

Determines how often the switch broadcasts hello messages to other switches.

Forward delay timer

Determines how long each of the listening and learning states will last before the port begins forwarding.

Maximum age timer

Determines the amount of time protocol information received on a port is stored by the switch.

Creating the STP Topology

In Figure 12-1, Switch A is elected as the root bridge because the bridge priority of all the switches is set to the default (32768) and Switch A has the lowest MAC address. However, due to traffic patterns, number of forwarding ports, or link types, Switch A might not be the ideal root bridge. By increasing the priority (lowering the numerical value) of the ideal switch so that it becomes the root bridge, you force a spanning tree recalculation to form a new spanning tree topology with the ideal switch as the root.

Figure 12-1 Spanning Tree Topology

When the spanning tree topology is calculated based on default parameters, the path between source and destination end stations in a switched network might not be ideal. For instance, connecting higher-speed links to a port that has a higher number than the current root port can cause a root-port change. The goal is to make the fastest link the root port.

For example, assume that one port on Switch B is a fiber-optic link, and another port on Switch B (an unshielded twisted-pair [UTP] link) is the root port. Network traffic might be more efficient over the high-speed fiber-optic link. By changing the spanning tree port priority on the fiber-optic port to a higher priority (lower numerical value) than the priority set for the root port, the fiber-optic port becomes the new root port.

STP Port States

Propagation delays can occur when protocol information passes through a switched LAN. As a result, topology changes can take place at different times and at different places in a switched network. When a Layer 2 interface transitions directly from nonparticipation in the spanning tree topology to the forwarding state, it can create temporary data loops. Ports must wait for new topology information to propagate through the switched LAN before starting to forward frames. They must allow the frame lifetime to expire for frames that have been forwarded using the old topology.

Each Layer 2 interface on a switch using spanning tree exists in one of the following five states:

•Blocking—The Layer 2 interface does not participate in frame forwarding

•Listening—First transitional state after the blocking state when spanning tree determines that the Layer 2 interface should participate in frame forwarding

•Learning—The Layer 2 interface prepares to participate in frame forwarding

•Forwarding—The Layer 2 interface forwards frames

•Disabled—The Layer 2 interface does not participate in spanning tree and is not forwarding frames

A Layer 2 interface moves through these five states as follows:

•From initialization to blocking

•From blocking to listening or to disabled

•From listening to learning or to disabled

•From learning to forwarding or to disabled

•From forwarding to disabled

Figure 12-2 illustrates how a Layer 2 interface moves through the five states.

Figure 12-2 Spanning Tree Layer 2 Interface States

When you enable spanning tree, every port in the switch, VLAN, or network goes through the blocking state and the transitory states of listening and learning at power up. If properly configured, each Layer 2 interface stabilizes to the forwarding or blocking state.

When the spanning tree algorithm places a Layer 2 interface in the forwarding state, the following process occurs:

1. The Layer 2 interface is put into the listening state while it waits for protocol information that suggests it should go to the blocking state.

2. The Layer 2 interface waits for the forward delay timer to expire, moves the Layer 2 interface to the learning state, and resets the forward delay timer.

3. In the learning state, the Layer 2 interface continues to block frame forwarding as it learns end station location information for the forwarding database.

4. The Layer 2 interface waits for the forward delay timer to expire and then moves the Layer 2 interface to the forwarding state, where both learning and frame forwarding are enabled.

Blocking State

A Layer 2 interface in the blocking state does not participate in frame forwarding, as shown in Figure 12-3. After initialization, a BPDU is sent out to each Layer 2 interface in the switch. A switch initially assumes it is the root until it exchanges BPDUs with other switches. This exchange establishes which switch in the network is the root or root bridge. If only one switch is in the network, no exchange occurs, the forward delay timer expires, and the ports move to the listening state. A port always enters the blocking state following switch initialization.

Figure 12-3 Interface 2 in Blocking State

A Layer 2 interface in the blocking state behaves as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another interface for forwarding.

•Does not incorporate end station location into its address database. (There is no learning on a blocking Layer 2 interface, so there is no address database update.)

•Receives BPDUs and directs them to the system module.

•Does not transmit BPDUs received from the system module.

•Receives and responds to network management messages.

Listening State

The listening state is the first transitional state a Layer 2 interface enters after the blocking state. The Layer 2 interface enters this state when spanning tree determines that the Layer 2 interface should participate in frame forwarding. Figure 12-4 shows a Layer 2 interface in the listening state.

Figure 12-4 Interface 2 in Listening State

A Layer 2 interface in the listening state behaves as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another interface for forwarding.

•Does not incorporate end station location into its address database. (There is no learning at this point, so there is no address database update.)

•Receives BPDUs and directs them to the system module.

•Receives, processes, and transmits BPDUs received from the system module.

•Receives and responds to network management messages.

Learning State

A Layer 2 interface in the learning state prepares to participate in frame forwarding. The Layer 2 interface enters the learning state from the listening state. Figure 12-5 shows a Layer 2 interface in the learning state.

Figure 12-5 Interface 2 in Learning State

A Layer 2 interface in the learning state behaves as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another interface for forwarding.

•Incorporates end station location into its address database.

•Receives BPDUs and directs them to the system module.

•Receives, processes, and transmits BPDUs received from the system module.

•Receives and responds to network management messages.

Forwarding State

A Layer 2 interface in the forwarding state forwards frames, as shown in Figure 12-6. The Layer 2 interface enters the forwarding state from the learning state.

Figure 12-6 Interface 2 in Forwarding State

A Layer 2 interface in the forwarding state behaves as follows:

•Forwards frames received from the attached segment.

•Forwards frames switched from another Layer 2 interface for forwarding.

•Incorporates end station location information into its address database.

•Receives BPDUs and directs them to the system module.

•Processes BPDUs received from the system module.

•Receives and responds to network management messages.

Disabled State

A Layer 2 interface in the disabled state does not participate in frame forwarding or spanning tree, as shown in Figure 12-7. A Layer 2 interface in the disabled state is virtually nonoperational.

Figure 12-7 Interface 2 in Disabled State

A disabled Layer 2 interface behaves as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another Layer 2 interface for forwarding.

•Does not incorporate end station location into its address database. (There is no learning, so there is no address database update.)

•Does not receive BPDUs.

•Does not receive BPDUs for transmission from the system module.

MAC Address Allocation

The supervisor engine has a pool of 1024 MAC addresses that are used as the bridge IDs for the VLAN spanning trees. You can use the show module command to view the MAC address range (allocation range for the supervisor) that the spanning tree uses for the algorithm.

MAC addresses are allocated sequentially, with the first MAC address in the range assigned to VLAN 1, the second MAC address in the range assigned to VLAN 2, and so forth. For example, if the MAC address range is 00-e0-1e-9b-2e-00 to 00-e0-1e-9b-31-ff, the VLAN 1 bridge ID is 00-e0-1e-9b-2e-00, the VLAN 2 bridge ID is 00-e0-1e-9b-2e-01, the VLAN 3 bridge ID is 00-e0-1e-9b-2e-02, and so on.

STP and IEEE 802.1Q Trunks

802.1Q VLAN trunks impose some limitations on the spanning tree strategy for a network. In a network of Cisco switches connected through 802.1Q trunks, the switches maintain one instance of spanning tree for each VLAN allowed on the trunks. However, non-Cisco 802.1Q switches maintain only one instance of spanning tree for all VLANs allowed on the trunks.

When you connect a Cisco switch to a non-Cisco device (that supports 802.1q) through an 802.1Q trunk, the Cisco switch combines the spanning tree instance of the 802.1Q native VLAN of the trunk with the spanning tree instance of the non-Cisco 802.1Q switch. However, all per-VLAN spanning tree information is maintained by Cisco switches separated by a network of non-Cisco 802.1Q switches. The non-Cisco 802.1Q network separating the Cisco switches is treated as a single trunk link between the switches.

Note For more information on 802.1Q trunks, see "Configuring Layer 2 Ethernet Interfaces."

Default STP Configuration

Table 12-2 shows the default spanning tree configuration.

Table 12-2 Spanning Tree Default Configuration

Feature

Default Value

Enable state

Spanning tree enabled for all VLANs

Bridge priority

32768

Spanning tree port priority (configurable on a per-interface basis—used on interfaces configured as Layer 2 access ports)

128

Spanning tree port cost (configurable on a per-interface basis—used on interfaces configured as Layer 2 access ports)

•Gigabit Ethernet: 4

•Fast Ethernet: 19

•Fast Ethernet 10/100: 19

Spanning tree VLAN port priority (configurable on a per-VLAN basis—used on interfaces configured as Layer 2 trunk ports)

128

Spanning tree VLAN port cost (configurable on a per-VLAN basis—used on interfaces configured as Layer 2 trunk ports)

•Gigabit Ethernet: 4

•Fast Ethernet: 19

Hello time

2 seconds

Forward delay time

15 seconds

Maximum aging time

20 seconds

Configuring STP

The following sections describe how to configure spanning tree on VLANs:

•Enabling STP

•Configuring the Root Bridge

•Configuring a Secondary Root Switch

•Configuring STP Port Priority

•Configuring STP Port Cost

•Configuring the Bridge Priority of a VLAN

•Configuring the Hello Time

•Configuring the Forward-Delay Time for a VLAN

•Configuring the Maximum Aging Time for a VLAN

•Disabling STP

Note The spanning tree commands described in this chapter can be configured on any interface, except interfaces that are configured with the no switchport command.

Enabling STP

Note By default, spanning tree is enabled on all the VLANs.

You can enable spanning tree on a per-VLAN basis. The switch maintains a separate instance of spanning tree for each VLAN (except on VLANs on which you disable spanning tree).

To enable spanning tree on a per-VLAN basis, perform this task:
Task

Command
Step 1

Enable spanning tree for VLAN vlan_id. The vlan_ID value can be from 1 to 1005.
Switch(config)# spanning-tree vlan vlan_ID 
Step 2

Exit configuration mode.
Switch(config)# end 
Step 3

Verify that spanning tree is enabled.
Switch# show spanning-tree vlan vlan_ID 
This example shows how to enable spanning tree on VLAN 200:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 200 
Switch(config)# end 
Switch#
Note Because spanning tree is enabled by default, issuing a show running command to view the resulting configuration will not display the command you entered to enable spanning tree.

This example shows how to verify that spanning tree is enabled on VLAN 200:
Switch# show spanning-tree vlan 200 
 VLAN200 is executing the ieee compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, address 0050.3e8d.6401
  Configured hello time 2, max age 20, forward delay 15
  Current root has priority 16384, address 0060.704c.7000
  Root port is 264 (FastEthernet5/8), cost of root path is 38
  Topology change flag not set, detected flag not set
  Number of topology changes 0 last change occurred 01:53:48 ago
  Times:  hold 1, topology change 24, notification 2
          hello 2, max age 14, forward delay 10
  Timers: hello 0, topology change 0, notification 0
 Port 264 (FastEthernet5/8) of VLAN200 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 129.9.
   Designated root has priority 16384, address 0060.704c.7000
   Designated bridge has priority 32768, address 00e0.4fac.b000
   Designated port id is 128.2, designated path cost 19
   Timers: message age 3, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 3, received 3417
Switch#
Configuring the Root Bridge

Catalyst 4006 switch with Supervisor Engine III maintain an instance of spanning tree for each active VLAN configured on the switch. A bridge ID, consisting of the bridge priority and the bridge MAC address, is associated with each instance. For each VLAN, the switch with the lowest bridge ID will become the root bridge for that VLAN. Whenever the bridge priority changes, the bridge ID also changes. This results in the re-computation of the root bridge for the VLAN.

To configure a switch to become the root bridge for the specified VLAN, use the spanning-tree vlan vlan-ID root command to modify the bridge priority from the default value (32768) to a significantly lower value. The bridge priority for the specified VLAN is set to 8192 if this value will cause the switch to become the root for the VLAN. If any bridge for the VLAN has a priority lower than 8192, the switch sets the priority to 1 less than the lowest bridge priority.

For example, let's assume that all the switches in the network have the bridge priority for VLAN 100 set to the default value of 32768. Entering the spanning-tree vlan 100 root primary command on a switch will set the bridge priority for VLAN 100 to 8192, causing this switch to become the root bridge for VLAN 100.

Note The root switch for each instance of spanning tree should be a backbone or distribution switch. Do not configure an access switch as the spanning tree primary root.

Use the diameter keyword to specify the Layer 2 network diameter (the maximum number of bridge hops between any two end stations in the network). When you specify the network diameter, a switch automatically picks an optimal hello time, forward delay time, and maximum age time for a network of that diameter. This can significantly reduce the spanning tree convergence time.

Use the hello-time keyword to override the automatically calculated hello time.

Note We recommend that you avoid manually configuring the hello time, forward delay time, and maximum age time after configuring the switch as the root bridge.

To configure a switch as the root switch, perform this task:
Task

Command
Step 1

Configure a switch as the root switch.

Use the no keyword to restore the defaults.
Switch(config)# [no] spanning-tree vlan vlan_ID 
root primary [diameter hops [hello-time seconds]] 
Step 2

Exit configuration mode.
Switch(config)# end 
This example shows how to configure a switch as the root bridge for VLAN 10, with a network diameter of 4:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 10 root primary diameter 4 
Switch(config)# end 
Switch#
The following example shows how the configuration changes when a switch becomes a spanning tree root.

This is the configuration before the switch becomes the root for VLAN 1:
Switch#show spanning-tree vlan 1
VLAN1 is executing the ieee compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, address 0030.94fc.0a00
  Configured hello time 2, max age 20, forward delay 15
  Current root has priority 32768, address 0001.6445.4400
  Root port is 323 (FastEthernet6/3), cost of root path is 19
  Topology change flag not set, detected flag not set
  Number of topology changes 2 last change occurred 00:02:19 ago
          from FastEthernet6/1
  Times: hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15
  Timers:hello 0, topology change 0, notification 0, aging 300
 Port 323 (FastEthernet6/3) of VLAN1 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 129.67.
   Designated root has priority 32768, address 0001.6445.4400
   Designated bridge has priority 32768, address 0001.6445.4400
   Designated port id is 129.67, designated path cost 0
   Timers:message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state:1
   BPDU:sent 3, received 91
 Port 324 (FastEthernet6/4) of VLAN1 is blocking
   Port path cost 19, Port priority 128, Port Identifier 129.68.
   Designated root has priority 32768, address 0001.6445.4400
   Designated bridge has priority 32768, address 0001.6445.4400
   Designated port id is 129.68, designated path cost 0
   Timers:message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state:0
   BPDU:sent 1, received 89
Now, you can set the switch as the root:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 1 root primary 
Switch(config)# spanning-tree vlan 1 root primary
 VLAN 1 bridge priority set to 8192
 VLAN 1 bridge max aging time unchanged at 20
 VLAN 1 bridge hello time unchanged at 2
 VLAN 1 bridge forward delay unchanged at 15
Switch(config)# end
This is the configuration after the switch becomes the root:
Switch# show spanning-tree vlan 1
VLAN1 is executing the ieee compatible Spanning Tree protocol
  Bridge Identifier has priority 8192, address 0030.94fc.0a00
  Configured hello time 2, max age 20, forward delay 15
  We are the root of the spanning tree
  Topology change flag set, detected flag set
  Number of topology changes 3 last change occurred 00:00:09 ago
  Times: hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15
  Timers:hello 0, topology change 25, notification 0, aging 15
Port 323 (FastEthernet6/3) of VLAN1 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 129.67.
   Designated root has priority 8192, address 0030.94fc.0a00
   Designated bridge has priority 8192, address 0030.94fc.0a00
   Designated port id is 129.67, designated path cost 0
   Timers:message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state:1
   BPDU:sent 9, received 105
 Port 324 (FastEthernet6/4) of VLAN1 is listening
   Port path cost 19, Port priority 128, Port Identifier 129.68.
   Designated root has priority 8192, address 0030.94fc.0a00
   Designated bridge has priority 8192, address 0030.94fc.0a00
   Designated port id is 129.68, designated path cost 0
   Timers:message age 0, forward delay 5, hold 0
   Number of transitions to forwarding state:0
   BPDU:sent 6, received 102
Switch#
Note Observe that the bridge priority is now set at 8192, making this switch the root of the spanning tree.

Configuring a Secondary Root Switch

When you configure a switch as the secondary root, the spanning tree bridge priority is modified from the default value (32768) to 16384. This means that the switch is likely to become the root bridge for the specified VLANs if the primary root bridge fails (assuming the other switches in the network use the default bridge priority of 32768).

You can run this command on more than one switch to configure multiple backup root switches. Use the same network diameter and hello time values that you used when configuring the primary root switch.

Note We recommend that you avoid manually configuring the hello time, forward delay time, and maximum age time after configuring the switch as the root bridge.

To configure a switch as the secondary root switch, perform this task:
Task

Command
Step 1

Configure a switch as the secondary root switch. Use the no form of this command to restore the defaults.
Switch(config)# [no] spanning-tree vlan vlan_ID 
root secondary [diameter hops [hello-time 
seconds]] 
Step 2

Exit configuration mode.
Switch(config)# end 
This example shows how to configure the switch as the secondary root switch for VLAN 10, with a network diameter of 4:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 10 root secondary diameter 4 
VLAN 10 bridge priority set to 16384
 VLAN 10 bridge max aging time set to 14
 VLAN 10 bridge hello time unchanged at 2
 VLAN 10 bridge forward delay set to 10
Switch(config)# end 
Switch#
This example shows how to verify the configuration of VLAN 10:
Switch#show spanning-tree vlan 10 
 VLAN10 is executing the ieee compatible Spanning Tree protocol
  Bridge Identifier has priority 16384, address 0050.3e7c.7809
  Configured hello time 2, max age 14, forward delay 10
  We are the root of the spanning tree
  Topology change flag not set, detected flag not set
  Number of topology changes 9 last change occurred 00:00:51 ago
  Times: hold 1, topology change 24, notification 2
          hello 2, max age 14, forward delay 10 
  Timers:hello 0, topology change 0, notification 0, aging 300
 Port 149 (FastEthernet3/21) of VLAN10 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.149.
   Designated root has priority 16384, address 0050.3e7c.7809
   Designated bridge has priority 16384, address 0050.3e7c.7809
   Designated port id is 128.149, designated path cost 0
   Timers:message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state:1
   BPDU:sent 1718, received 2
 Port 150 (FastEthernet3/22) of VLAN10 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.150.
   Designated root has priority 16384, address 0050.3e7c.7809
   Designated bridge has priority 16384, address 0050.3e7c.7809
   Designated port id is 128.150, designated path cost 0
   Timers:message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state:1
   BPDU:sent 1719, received 4
Port 173 (FastEthernet3/45) of VLAN10 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.173.
   Designated root has priority 16384, address 0050.3e7c.7809
   Designated bridge has priority 16384, address 0050.3e7c.7809
   Designated port id is 128.173, designated path cost 0
   Timers:message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state:1
   BPDU:sent 41, received 1695
Port 174 (FastEthernet3/46) of VLAN10 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.174.
   Designated root has priority 16384, address 0050.3e7c.7809
   Designated bridge has priority 16384, address 0050.3e7c.7809
   Designated port id is 128.174, designated path cost 0
   Timers:message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state:1
   BPDU:sent 34, received 1686
Configuring STP Port Priority

In the event of a loop, spanning tree considers port priority when selecting an interface to put into the forwarding state. You can assign higher priority values to interfaces that you want spanning tree to select first and lower priority values to interfaces that you want spanning tree to select last. If all interfaces have the same priority value, spanning tree puts the interface with the lowest interface number in the forwarding state and blocks other interfaces. The possible priority range is 0 through 240, configurable in increments of 16 (the default is 128).

Note IOS uses the port priority value when the interface is configured as an access port and uses VLAN port priority values when the interface is configured as a trunk port.

To configure the spanning tree port priority of an interface, perform this task:
Task

Command
Step 1

Select an interface to configure.
Switch(config)# interface {{fastethernet 
|gigabitethernet} slot/port} | {port-channel 
port_channel_number}
Step 2

Configure the port priority for an interface. The port_priority value can be from 0 to 240 in increments of 16. Use the no keyword to restore the defaults.
Switch(config-if)# [no] spanning-tree 
port-priority port_priority 
Step 3

Configure the VLAN port priority for an interface. The port_priority value can be from 0 to 240 in increments of 16. Use the no keyword to restore the defaults.
Switch(config-if)# [no] spanning-tree vlan 
vlan_ID port-priority port_priority 
Step 4

Exit configuration mode.
Switch(config-if)# end 
Step 5

Verify the configuration.
Switch# show spanning-tree interface 
{{fastethernet | gigabitethernet} slot/port} | 
{port-channel port_channel_number}
show spanning-tree vlan vlan_ID 
This example shows how to configure the spanning tree port priority of a Fast Ethernet interface:
Switch# configure terminal 
Switch(config)# interface fastethernet 5/8 
Switch(config-if)# spanning-tree port-priority 100 
Switch(config-if)# end 
Switch#
This example shows how to verify the configuration of the interface when it is configured as an access port:
Switch# show spanning-tree interface fastethernet 5/8 
Port 264 (FastEthernet5/8) of VLAN200 is forwarding
   Port path cost 19, Port priority 100, Port Identifier 129.8.
   Designated root has priority 32768, address 0010.0d40.34c7
   Designated bridge has priority 32768, address 0010.0d40.34c7
   Designated port id is 128.1, designated path cost 0
   Timers: message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 0, received 13513
Switch#
Note The show spanning-tree port-priority command only displays information for ports with an active link. If these conditions are not met, enter a show running-config interface command to verify the configuration.

This example shows how to configure the spanning tree VLAN port priority of a Fast Ethernet interface:
Switch# configure terminal 
Switch(config)# interface fastethernet 5/8 
Switch(config-if)# spanning-tree vlan 200 port-priority 64 
Switch(config-if)# end 
Switch#
This example shows how to verify the configuration of VLAN 200 on the interface when it is configured as a trunk port:
Switch# show spanning-tree vlan 200 
<...output truncated...>
Port 264 (FastEthernet5/8) of VLAN200 is forwarding
Port path cost 19, Port priority 64, Port Identifier 129.8.
   Designated root has priority 32768, address 0010.0d40.34c7
   Designated bridge has priority 32768, address 0010.0d40.34c7
   Designated port id is 128.1, designated path cost 0
   Timers: message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 0, received 13513
<...output truncated...>
Switch#
Configuring STP Port Cost

The spanning tree port path cost default value is derived from the media speed of an interface. In the event of a loop, spanning tree considers port cost when selecting an interface to put into the forwarding state. You can assign lower cost values to interfaces that you want spanning tree to select first and higher cost values to interfaces that you want spanning tree to select last. If all interfaces have the same cost value, spanning tree puts the interface with the lowest interface number in the forwarding state and blocks other interfaces. The possible cost range is 1 through 200000000 (the default is media specific).

Spanning tree uses the port cost value when the interface is configured as an access port and uses VLAN port cost values when the interface is configured as a trunk port.

To configure the spanning tree port cost of an interface, perform this task:
Task

Command
Step 1

Select an interface to configure.
Switch(config)# interface {{fastethernet 
|gigabitethernet} slot/port} | {port-channel 
port_channel_number}
Step 2

Configure the port cost for an interface. The port_cost value can be from 1 to 200000000. Use the no keyword to restore the defaults.
Switch(config-if)# [no] spanning-tree cost 
port_cost 
Step 3

Configure the VLAN port cost for an interface. The port_cost value can be from 1 to 200000000. Use the no keyword to restore the defaults.
Switch(config-if)# [no] spanning-tree vlan 
vlan_ID cost port_cost 
Step 4

Exit configuration mode.
Switch(config-if)# end 
Step 5

Verify the configuration.
Switch# show spanning-tree interface 
{{fastethernet | gigabitethernet} slot/port} | 
{port-channel port_channel_number} 
show spanning-tree vlan vlan_ID 
This example shows how to change the spanning tree port cost of a Fast Ethernet interface:
Switch# configure terminal 
Switch(config)# interface fastethernet 5/8 
Switch(config-if)# spanning-tree cost 18 
Switch(config-if)# end 
Switch#
This example shows how to verify the configuration of the interface when it is configured as an access port:
Switch# show spanning-tree interface fastethernet 5/8 
 Port 264 (FastEthernet5/8) of VLAN200 is forwarding
   Port path cost 18, Port priority 100, Port Identifier 129.8.
   Designated root has priority 32768, address 0010.0d40.34c7
   Designated bridge has priority 32768, address 0010.0d40.34c7
   Designated port id is 128.1, designated path cost 0
   Timers: message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 0, received 13513
Switch#
This example shows how to configure the spanning tree VLAN port cost of a Fast Ethernet interface:
Switch# configure terminal 
Switch(config)# interface fastethernet 5/8 
Switch(config-if)# spanning-tree vlan 200 cost 17 
Switch(config-if)# end 
Switch#
This example shows how to verify the configuration of VLAN 200 on the interface when it is configured as a trunk port:
Switch# show spanning-tree vlan 200 
<...output truncated...>
Port 264 (FastEthernet5/8) of VLAN200 is forwarding
Port path cost 17, Port priority 64, Port Identifier 129.8.
   Designated root has priority 32768, address 0010.0d40.34c7
   Designated bridge has priority 32768, address 0010.0d40.34c7
   Designated port id is 128.1, designated path cost 0
   Timers: message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 0, received 13513
<...output truncated...>
Switch#
Note The show spanning-tree command only displays information for ports with an active link (green light is on). If these conditions are not met, you can issue a show running-config command to confirm the configuration.

Configuring the Bridge Priority of a VLAN

Note Exercise care when using this command. In most cases, we recommend that you enter the spanning-tree vlan vlan_ID root primary and the spanning-tree vlan vlan_ID root secondary commands to modify the bridge priority.

To configure the spanning tree bridge priority of a VLAN, perform this task:
Task

Command
Step 1

Configure the bridge priority of a VLAN. The bridge_priority value can be from 1 to 65535. Use the no keyword to restore the defaults.
Switch(config)# [no] spanning-tree vlan vlan_ID 
priority bridge_priority 
Step 2

Exit configuration mode.
Switch(config)# end 
Step 3

Verify the configuration.
Switch# show spanning-tree vlan vlan_ID bridge 
[brief]
This example shows how to configure the bridge priority of VLAN 200 to 33792:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 200 priority 33792 
Switch(config)# end 
Switch#
This example shows how to verify the configuration:
Switch# show spanning-tree vlan 200 bridge brief
                                      Hello Max  Fwd
Vlan                   Bridge ID      Time  Age Delay  Protocol
---------------- -------------------- ---- ---- -----  --------
VLAN200          33792 0050.3e8d.64c8    2   20    15  ieee
Switch# 
Configuring the Hello Time

Note Exercise care when using this command. In most cases, we recommend that you use the spanning-tree vlan vlan_ID root primary and the spanning-tree vlan vlan_ID root secondary commands to modify the hello time.

To configure the spanning tree hello time of a VLAN, perform this task:
Task

Command
Step 1

Configure the hello time of a VLAN. The hello_time value can be from 1 to 10 seconds. Use the no keyword to restore the defaults.
Switch(config)# [no] spanning-tree vlan vlan_ID 
hello-time hello_time 
Step 2

Exit configuration mode.
Switch(config)# end 
Step 3

Verify the configuration.
Switch# show spanning-tree vlan vlan_ID bridge 
[brief]
This example shows how to configure the hello time for VLAN 200 to 7 seconds:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 200 hello-time 7 
Switch(config)# end 
Switch#
This example shows how to verify the configuration:
Switch# show spanning-tree vlan 200 bridge brief
                                      Hello Max  Fwd
Vlan                   Bridge ID      Time  Age Delay  Protocol
---------------- -------------------- ---- ---- -----  --------
VLAN200          49152 0050.3e8d.64c8    7   20    15  ieee
Switch# 
Configuring the Maximum Aging Time for a VLAN

Note Exercise care when using this command. In most cases, we recommend that you use the spanning-tree vlan vlan_ID root primary and the spanning-tree vlan vlan_ID root secondary commands to modify the maximum aging time.

To configure the spanning tree maximum aging time for a VLAN, perform this task:
Task

Command
Step 1

Configure the maximum aging time of a VLAN. The max_age value can be from 6 to 40 seconds.

Use the no keyword to restore the defaults.
Switch(config)# [no] spanning-tree vlan vlan_ID 
max-age max_age 
Step 2

Exit configuration mode.
Switch(config)# end 
Step 3

Verify the configuration.
Switch# show spanning-tree vlan vlan_ID bridge 
[brief] 
This example shows how to configure the maximum aging time for VLAN 200 to 36 seconds:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 200 max-age 36 
Switch(config)# end 
Switch#
This example shows how to verify the configuration:
Switch# show spanning-tree vlan 200 bridge brief
                                      Hello Max  Fwd
Vlan                   Bridge ID      Time  Age Delay  Protocol
---------------- -------------------- ---- ---- -----  --------
VLAN200          49152 0050.3e8d.64c8    2   36    15  ieee
Switch#
Configuring the Forward-Delay Time for a VLAN

Note Exercise care when using this command. In most cases, we recommend that you use the spanning-tree vlan vlan_ID root primary and the spanning-tree vlan vlan_ID root secondary commands to modify the forward delay time.

To configure the spanning tree forward delay time for a VLAN, perform this task:
Task

Command
Step 1

Configure the forward time of a VLAN. The forward_time value can be from 4 to 30 seconds. Use the no keyword to restore the defaults.
Switch(config)# [no] spanning-tree vlan vlan_ID 
forward-time forward_time 
Step 2

Exit configuration mode.
Switch(config)# end 
Step 3

Verify the configuration.
Switch# show spanning-tree vlan vlan_ID bridge 
[brief]
This example shows how to configure the forward delay time for VLAN 200 to 21 seconds:
Switch# configure terminal 
Switch(config)# spanning-tree vlan 200 forward-time 21 
Switch(config)# end 
Switch#
This example shows how to verify the configuration:
Switch# show spanning-tree vlan 200 bridge brief
                                      Hello Max  Fwd
Vlan                   Bridge ID      Time  Age Delay  Protocol
---------------- -------------------- ---- ---- -----  --------
VLAN200          49152 0050.3e8d.64c8    2   20    21  ieee
Switch#
Disabling STP

To disable spanning tree on a per-VLAN basis, perform this task:
Task

Command
Step 1

Disable spanning tree on a per-VLAN basis.
Switch(config)# no spanning-tree vlan vlan_ID 
Step 2

Exit configuration mode.
Switch(config)# end 
Step 3

Verify that spanning tree is disabled.
Switch# show spanning-tree vlan vlan_ID 
This example shows how to disable spanning tree on VLAN 200: