Catalyst 6500 Series Software Configuration Guide, 5.5 - Configuring Spanning Tree [Cisco Catalyst 6500 Series Switches]

Table Of Contents

Configuring Spanning Tree

Understanding How Spanning Tree Protocol Works

Election of the Root Switch

Bridge Protocol Data Units

Creating a Stable STP Topology

STP Port States

Blocking State

Listening State

Learning State

Forwarding State

Disabled State

Default Spanning Tree Configuration

Configuring Spanning Tree

Enabling STP

Configuring the Port Priority

Configuring the Port VLAN Priority

Configuring Port Cost

Configuring Port-VLAN Cost

Configuring a Primary Root Switch

Configuring a Secondary Root Switch

Configuring Additional STP Parameters

Disabling STP

Configuring Spanning Tree

This chapter describes how to configure the Spanning Tree Protocol (STP) and the Uplink Fast Switchover and Backbone Fast Convergence features on the Catalyst 6000 family switches.

Note For information on configuring the spanning tree PortFast, UplinkFast, and BackboneFast enchancements, see "Configuring Spanning Tree PortFast, UplinkFast, and BackboneFast."

Note For complete syntax and usage information for the commands used in this chapter, refer to the Catalyst 6000 Family Command Reference publication.

This chapter consists of these sections:

•Understanding How Spanning Tree Protocol Works

•Default Spanning Tree Configuration

•Configuring Spanning Tree

Understanding How Spanning Tree Protocol Works

STP is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path must exist between two stations.

STP (IEEE 802.1D bridge protocol) is used on all Ethernet, Fast Ethernet, Gigabit Ethernet, and Token Ring port-based VLANs. A single instance of STP runs on each configured VLAN (provided you do not manually disable STP). You can enable and disable STP on a per-VLAN basis.

Note In network environments using IEEE 802.1Q trunks, only a single instance of spanning tree runs on the switch, instead of a single spanning tree for each configured VLAN.

When you create fault-tolerant internetworks, you must have a loop-free path between all nodes in a network. In STP, an algorithm calculates the best loop-free path throughout a switched network. Switches send and receive spanning tree packets at regular intervals. The switches do not forward the packets, but use the packets to identify a loop-free path. The default configuration has STP enabled for all VLANs.

Multiple active paths between stations cause loops in the network. If a loop exists in the network, you might receive duplicate messages. When loops occur, some switches see stations on both sides of the switch. This condition confuses the forwarding algorithm and allows duplicate frames to be forwarded.

To provide path redundancy, STP defines a tree that spans all switches in an extended network. STP forces certain redundant data paths into a standby (blocked) state. If one network segment in the STP becomes unreachable, or if STP costs change, the spanning tree algorithm reconfigures the spanning tree topology and reestablishes the link by activating the standby path.

STP operation is transparent to end stations, which do not detect whether they are connected to a single LAN segment or a switched LAN of multiple segments.

Election of the Root Switch

All switches in an extended LAN participating in STP gather information on other switches in the network through an exchange of data messages called bridge protocol data units (BPDUs). This exchange of messages results in the following actions:

•The election of a unique root switch for the stable spanning tree network topology

•The election of a designated switch for every switched LAN segment

•The removal of loops in the switched network by placing redundant switch ports in a backup state

The STP root switch is the logical center of the spanning tree topology in a switched network. All paths that are not needed to reach the root switch from anywhere in the switched network are placed in STP blocked mode. Table 6-1 describes the root switch variables that affect the entire spanning tree performance.

Table 6-1 STP Root Switch Parameters

Variable

Description

Hello Time

Determines how often the switch broadcasts its hello message to other switches.

Maximum Age Timer

Measures the age of the received protocol information recorded for a port and ensures that this information is discarded when its age limit exceeds the value of the maximum age parameter recorded by the switch. The timeout value is the maximum age parameter of the switches.

Forward Delay Timer

Monitors the time spent by a port in the learning and listening states. The timeout value is the forward delay parameter of the switches.

BPDUs contain information about the transmitting switch and its ports, including switch and port MAC addresses, switch priority, port priority, and port cost. The STP uses this information to elect the root switch and root port for the switched network, as well as the root port and designated port for each switched segment.

Bridge Protocol Data Units

The stable active topology of a switched network is determined by the following:

•The unique switch identifier (MAC address) associated with each switch

•The path cost to the root associated with each switch port

•The port identifier (MAC address) associated with each switch port

Each configuration BPDU contains the following minimal information:

•The unique identifier of the switch that the transmitting switch believes to be the root switch

•The cost of the path to the root from the transmitting port

•The identifier of the transmitting port

The switch sends configuration BPDUs to communicate and compute the spanning tree topology. A MAC frame conveying a BPDU sends the switch group address to the destination address field. All switches connected to the LAN on which the frame is transmitted receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if topology changes, initiate a BPDU transmission.

A BPDU exchange results in the following:

•One switch is elected as the root switch.

•The shortest distance to the root switch is calculated for each switch.

•A designated switch is selected. This is the switch closest to the root switch through which frames will be forwarded to the root.

•A port for each switch is selected. This is the port providing the best path from the switch to the root switch.

•Ports included in the STP are selected.

Creating a Stable STP Topology

If all switches are enabled with default settings, the switch with the lowest MAC address in the network becomes the root switch. In Figure 6-1, Switch A is the root switch because it has the lowest MAC address. However, due to traffic patterns, number of forwarding ports, or line types, Switch A might not be the ideal root switch. By increasing the priority (lowering the numerical priority number) of the ideal switch so that it becomes the root switch, you force an STP recalculation to form a new, stable topology.

Figure 6-1 Configuring a Stable Topology

When the stable STP topology is based on default parameters, the path between source and destination stations in a switched network might not be the most ideal. For instance, connecting higher-speed links to a port that has a higher number than the current root port can cause a root-port change. The goal is to make the fastest link the root port.

For example, assume that port 2 on Switch B is a fiber-optic link, and that port 1 on Switch B (an unshielded twisted-pair [UTP] link) is the root port. Network traffic might be more efficient over the high-speed fiber-optic link. By changing the Port Priority parameter for port 2 to a higher priority (lower numerical value) than port 1, port 2 becomes the root port. The same change can occur by changing the Port Cost parameter for port 2 to a lower value than that of port 1.

STP Port States

Propagation delays can occur when protocol information passes through a switched LAN. As a result, topology changes can take place at different times and at different places in a switched network. When a switch port transitions directly from nonparticipation in the stable topology to the forwarding state, it can create temporary data loops. Ports must wait for new topology information to propagate through the switched LAN before starting to forward frames. They must allow the frame lifetime to expire for frames that have been forwarded using the old topology.

Each port on a switch using STP exists in one of the following five states:

•Blocking

•Listening

•Learning

•Forwarding

•Disabled

A port moves through these five states as follows:

•From initialization to blocking

•From blocking to listening or to disabled

•From listening to learning or to disabled

•From learning to forwarding or to disabled

•From forwarding to disabled

Figure 6-2 illustrates how a port moves through the five states.

Figure 6-2 STP Port States

You can modify each port state by using management software. When you enable STP, every switch in the network goes through the blocking state and the transitory states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.

When the spanning tree algorithm places a port in the forwarding state, the following occurs:

•The port is put into the listening state while it waits for protocol information that suggests it should go to the blocking state.

•The port waits for the expiration of a protocol timer that moves the port to the learning state.

•In the learning state, the port continues to block frame forwarding as it learns station location information for the forwarding database.

•The expiration of a protocol timer moves the port to the forwarding state, where both learning and forwarding are enabled.

Blocking State

A port in the blocking state does not participate in frame forwarding, as shown in Figure 6-3. After initialization, a BPDU is sent to each port in the switch. A switch initially assumes it is the root until it exchanges BPDUs with other switches. This exchange establishes which switch in the network is really the root. If only one switch resides in the network, no exchange occurs, the forward delay timer expires, and the ports move to the listening state. A switch always enters the blocking state following switch initialization.

Figure 6-3 Port 2 in Blocking State

A port in the blocking state performs as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another port for forwarding.

•Does not incorporate station location into its address database. (There is no learning on a blocking port, so there is no address database update.)

•Receives BPDUs and directs them to the system module.

•Does not transmit BPDUs received from the system module.

•Receives and responds to network management messages.

Listening State

The listening state is the first transitional state a port enters after the blocking state. The port enters this state when STP determines that the port should participate in frame forwarding. Learning is disabled in the listening state. Figure 6-4 shows a port in the listening state.

Figure 6-4 Port 2 in Listening State

A port in the listening state performs as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another port for forwarding.

•Does not incorporate station location into its address database. (There is no learning at this point, so there is no address database update.)

•Receives BPDUs and directs them to the system module.

•Processes BPDUs received from the system module.

•Receives and responds to network management messages.

Learning State

A port in the learning state prepares to participate in frame forwarding. The port enters the learning state from the listening state. Figure 6-5 shows a port in the learning state.

A port in the learning state performs as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another port for forwarding.

•Incorporates station location into its address database.

•Receives BPDUs and directs them to the system module.

•Receives, processes, and transmits BPDUs received from the system module.

•Receives and responds to network management messages.

Figure 6-5 Port 2 in Learning State

Forwarding State

A port in the forwarding state forwards frames, as shown in Figure 6-6. The port enters the forwarding state from the learning state.

Figure 6-6 Port 2 in Forwarding State

A port in the forwarding state performs as follows:

•Forwards frames received from the attached segment.

•Forwards frames switched from another port for forwarding.

•Incorporates station location information into its address database.

•Receives BPDUs and directs them to the system module.

•Processes BPDUs received from the system module.

•Receives and responds to network management messages.

Caution Use spanning tree PortFast mode only on ports directly connected to individual workstations to allow these ports to come up and go directly to the forwarding state, instead of having to go through the entire spanning tree initialization process. To prevent illegal topologies, enable STP on ports connected to switches or other devices that forward messages. For more information about PortFast, see "Configuring Spanning Tree PortFast, UplinkFast, and BackboneFast."

Disabled State

A port in the disabled state does not participate in frame forwarding or STP, as shown in Figure 6-7. A port in the disabled state is virtually nonoperational.

Figure 6-7 Port 2 in Disabled State

A disabled port performs as follows:

•Discards frames received from the attached segment.

•Discards frames switched from another port for forwarding.

•Does not incorporate station location into its address database. (There is no learning, so there is no address database update.)

•Receives BPDUs, but does not direct them to the system module.

•Does not receive BPDUs for transmission from the system module.

•Receives and responds to network management messages.

Default Spanning Tree Configuration

Table 6-2 shows the default STP configuration.

Table 6-2 STP Default Configuration

Feature

Default Value

Enable state

STP enabled for all VLANs.

Port priority

128

Port cost

62

Bridge Priority

32,768

Configuring Spanning Tree

These sections describe how to configure STP on any Ethernet VLAN:

•Enabling STP

•Configuring the Port Priority

•Configuring the Port VLAN Priority

•Configuring Port Cost

•Configuring Port-VLAN Cost

•Configuring a Primary Root Switch

•Configuring a Secondary Root Switch

•Configuring Additional STP Parameters

•Disabling STP

Enabling STP

Note STP is enabled by default on VLAN 1 and on all newly created VLANs.

To enable STP, perform this task in privileged mode:

Task

Command

Step 1

Enable spanning tree on the desired VLAN.

set spantree enable [vlan]

Step 2

Verify that spanning tree is enabled.

show spantree [vlan]

This example shows how to enable spanning tree and verify that it is enabled:
Console> (enable) set spantree enable 100
Spantree 100 enabled.
Console> (enable) show spantree 100
VLAN 100
Spanning tree enabled
Spanning tree type          ieee
Designated Root             00-10-0d-40-34-63
Designated Root Priority    32768
Designated Root Cost        19
Designated Root Port        1/2
Root Max Age   20 sec    Hello Time 2  sec   Forward Delay 15 sec
Bridge ID MAC ADDR          00-10-0d-aa-cc-63
Bridge ID Priority          32768
Bridge Max Age 20 sec    Hello Time 2  sec   Forward Delay 15 sec
Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-method
--------- ----  -------------  -----  --------  ----------  ------------
 1/2      100   forwarding        19        32   disabled              
Console> (enable)
Configuring the Port Priority

You can configure the port priority of switch ports. The port with the lowest priority value forwards frames for all VLANs. The possible port-priority range is 0 through 63. The default is 32. If all ports have the same priority value, the port with the lowest port number forwards frames.

To configure the port priority for a port, perform this task in privileged mode:

Task

Command

Step 1

Configure the port priority for a switch port.

set spantree portpri mod_num/port_num priority [vlans]

Step 2

Verify the port priority setting.

show spantree [mod_num/port_num]

This example shows how to configure the port priority for a port and verify the configuration:
Console> (enable) set spantree portpri 1/2 20
Bridge port 1/2 port priority set to 20.
Console> (enable) show spantree 1/2
Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-method
--------- ----  -------------  -----  --------  ----------  ------------
 1/2      1     blocking          19        20   disabled              
 1/2      100   forwarding        19        20   disabled              
 1/2      521   blocking          19        20   disabled              
 1/2      522   blocking          19        20   disabled              
 1/2      523   blocking          19        20   disabled              
 1/2      524   blocking          19        20   disabled              
 1/2      1003  not-connected     19        20   disabled              
 1/2      1005  not-connected     19         4   disabled              
Console> (enable)
Configuring the Port VLAN Priority

You can set the port priority for a port on a per-VLAN basis. The port with the lowest priority value for a specific VLAN forwards frames for that VLAN. The possible port-VLAN priority range is 0 through 63. The default is 32. If all ports have the same priority value for a particular VLAN, the port with the lowest port number forwards frames for that VLAN.

To configure the port-VLAN priority for a port, perform this task in privileged mode:

Task

Command

Step 1

Configure the port-VLAN priority for a VLAN on a switch port.

set spantree portvlanpri mod_num/port_num priority [vlans]

Step 2

Verify the port-VLAN priority setting.

show spantree [mod_num/port_num]

This example shows how to change the port-VLAN priority on a port and verify the configuration:
Console> (enable) set spantree portvlanpri 1/2 1 100
Port 1/2 vlans 1-99,101-1004 using portpri 32.
Port 1/2 vlans 100 using portpri 1.
Port 1/2 vlans 1005 using portpri 4.
Console> (enable)
Console> (enable) show spantree 1/2
Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-method
--------- ----  -------------  -----  --------  ----------  ------------
 1/2      1     blocking          19        32   disabled              
 1/2      100   forwarding        19         1   disabled              
 1/2      521   blocking          19        32   disabled              
 1/2      522   blocking          19        32   disabled              
 1/2      523   blocking          19        32   disabled              
 1/2      524   blocking          19        32   disabled              
 1/2      1003  not-connected     19        32   disabled              
 1/2      1005  not-connected     19         4   disabled              
Console> (enable) 
Configuring Port Cost

You can configure the port cost of switch ports. Ports with lower port costs are more likely to be chosen to forward frames. Assign lower numbers to ports attached to faster media (such as full duplex) and higher numbers to ports attached to slower media.The possible range is 1 to 65535. The default differs for different media. Path cost is typically 1000 ÷ LAN speed in megabits per second.

To configure the port cost for a port, perform this task in privileged mode:

Task

Command

Step 1

Configure the port cost for a switch port.

set spantree portcost mod_num/port_num cost

Step 2

Verify the port cost setting.

show spantree [mod_num/port_num]

This example shows how to configure the port-VLAN priority on a port and verify the configuration:
Console> (enable) set spantree portcost 1/2 10
Spantree port 1/2 path cost set to 10.
Console> (enable) show spantree 1/2
Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-method
--------- ----  -------------  -----  --------  ----------  ------------
 1/2      1     forwarding        10        20   disabled              
 1/2      100   forwarding        10        20   disabled              
 1/2      521   forwarding        10        20   disabled              
 1/2      522   forwarding        10        20   disabled              
 1/2      523   forwarding        10        20   disabled              
 1/2      524   forwarding        10        20   disabled              
 1/2      1003  not-connected     10        20   disabled              
 1/2      1005  not-connected     10         4   disabled              
Console> (enable)
Configuring Port-VLAN Cost

You can configure the port cost for a port on a per-VLAN basis. Ports with lower port-VLAN costs are more likely to be chosen to forward frames. You should assign lower numbers to ports attached to faster media (such as full duplex) and higher numbers to ports attached to slower media. The possible range is 1 to 65535. The default differs for different media.

To configure the port-VLAN cost for a port, perform this task in privileged mode:

Task

Command

Step 1

Configure the port-VLAN cost for a VLAN on a switch port.

set spantree portvlancost mod_num/port_num cost cost [vlans]

Step 2

Verify the port-VLAN cost setting.

show spantree [mod_num/port_num]

This example shows how to change the port-VLAN priority on a port and verify the configuration:
Console> (enable) set spantree portvlancost 1/2 cost 10 100
Port 1/2 VLANs 1-99,101-1005 have path cost 19.
Port 1/2 VLANs 100 have path cost 10.
Console> (enable) show spantree 1/2
Port      Vlan  Port-State     Cost   Priority  Fast-Start  Group-method
--------- ----  -------------  -----  --------  ----------  ------------
 1/2      1     blocking          19        20   disabled              
 1/2      100   forwarding        10        20   disabled              
 1/2      521   blocking          19        20   disabled              
 1/2      522   blocking          19        20   disabled              
 1/2      523   blocking          19        20   disabled              
 1/2      524   blocking          19        20   disabled              
 1/2      1003  not-connected     19        20   disabled              
 1/2      1005  not-connected     19         4   disabled              
Console> (enable)
Configuring a Primary Root Switch

The set spantree root command reduces the bridge priority (the value associated with the switch) from the default (32,768) to a significantly lower value, which allows the switch to become the root switch.

When you specify a switch as the primary root, the default bridge priority is modified so that it becomes the root for the specified VLANs. The switch checks the bridge priority of the current root switches for each VLAN. The bridge priority for the specified VLANs is set to 8192 if this value will cause the switch to become the root for the specified VLANs. If any root switch for the specified VLANs has a bridge priority lower than 8192, the switch sets the bridge priority for the specified VLANs to 1 less than the lowest bridge priority. Because different VLANs could potentially have different root switches, the bridge VLAN-priority chosen makes this switch the root for all the VLANs that are specified. If reducing the bridge priority as low as 1 still does not make the switch the root switch, the system displays a message.

Note Run the set spantree root command on backbone switches or distribution switches only, not on access switches.

To configure a switch as the primary root switch, perform this task in privileged mode:

Task

Command

Configure a switch as the primary root switch.

set spantree root vlans [dia network_diameter] [hello hello_time]

This example shows how to specify the primary root switch for VLANs 1-10:
Console> (enable) set spantree root 1-10 dia 4
VLANs 1-10 bridge priority set to 8192
VLANs 1-10 bridge max aging time set to 14 seconds.
VLANs 1-10 bridge hello time set to 2 seconds.
VLANs 1-10 bridge forward delay set to 9 seconds.
Switch is now the root switch for active VLANs 1-6.
Console> (enable)
Configuring a Secondary Root Switch

The set spantree root secondary command reduces the bridge priority to 16,384, making it the probable candidate to become the root switch if the primary root switch fails. You can run this command on more than one switch to create multiple backup switches in case the primary root switch fails.

To configure a switch as the secondary root switch, perform this task in privileged mode:

Task

Command

Configure a switch as the secondary root switch.

set spantree root [secondary] vlans [dia network_diameter] [hello hello_time]

This example shows how to specify the secondary root switch for VLANs 22 and 24:
Console> (enable) set spantree root secondary 22,24 dia 5 hello 1
VLANs 22,24 bridge priority set to 16384.
VLANs 22,24 bridge max aging time set to 10 seconds.
VLANs 22,24 bridge hello time set to 1 second.
VLANs 22,24 bridge forward delay set to 7 seconds.
Console> (enable)
Configuring Additional STP Parameters

To configure additional STP parameters, perform one of these tasks in privileged mode:

Task

Command

•Set the bridge forward delay for a VLAN.

set spantree fwddelay delay [vlan]

•Set the bridge hello time for a VLAN.

set spantree hello interval

•Set the bridge maximum aging time for a VLAN.

set spantree maxage agingtime [vlan]

•Set the bridge priority for a VLAN.

set spantree priority bridge_priority [vlan]

Disabling STP

To disable STP, perform this task in privileged mode:

Task

Command

Disable STP.

set spantree disable [vlan]