Configure Spanning Tree Protocol (STP) on a Catalyst Switch that runs Cisco IOS Software
Introduction      Requirements      Connect your PC to the Catalyst Switch      Configure Spanning Tree Protocol           Configure the Spanning-Tree Mode           Configure the Root Switch           Configuring a Secondary Root Switch           Configure Port Fast      Disabling Spanning Tree      Next Step      Related Information	Download PDF   Configure Spanning Tree Protocol (STP) on a Catalyst Switch that runs Cisco IOS Software

Introduction

This document provides instructions on how to configure the Spanning Tree Protocol (STP) on a Catalyst switch that runs Cisco IOS Software.

Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network and can consume all available CPU resources and bandwidth.

Back to Top

Requirements

To perform the steps described in this document, you need to have this equipment:

• A switch with Cisco IOS® Software Release 12.0 - 12.2 that is installed and powered on.

• You must have completed the initial configuration in Configure a Catalyst Switch with Cisco Network Assistant document.

• You must have completed the document Prepare to Configure Spanning Tree Protocol on a Catalyst Switch.

• A straight-through Ethernet cable to connect your PC to the switch

• A console cable. For more information about cables, refer to Cable Descriptions.

• Terminal emulation software such as HyperTerminal.

  Note: For more information on how to create a terminal connection, refer to Create a HyperTerminal Connection.

• Complete the Switch Port Assignment Worksheets as instructed in the Site Survey.

Back to Top

Connect your PC to the Catalyst Switch

Follow these steps to connect your PC to the Catalyst Switch:

Complete these steps:

1. Connect a PC to the switch with a console cable.

2. Create a HyperTerminal connection to your switch. For more information, refer to Create a HyperTerminal Connection.

3. Log into the switch with the login and password that you entered in fields B10 and B11 of the switch Worksheet.

   Username:admin
   Password:

   Note: If you do not know the password for your switch, refer to Manually Reset the Password on a Catalyst Switch.

4. Type enable and press Enter to access the privileged mode. Type the enable password that you entered in field S5 of the Switch Port Assignment Worksheet.

   switch>enable
   Password:
   switch#

Back to Top

Configure Spanning Tree Protocol

This section explains how to configure the Spanning Tree Protocol on a Catalyst Switch.

Configure the Spanning-Tree Mode

The switch supports three spanning-tree modes: PVST+, rapid PVST+, or MSTP. By default, the switch runs the PVST+ protocol. For more information on modes refer to Prepare to Configure Spanning Tree Protocol on a Catalyst Switch.

Follow these steps to change the spanning-tree mode if you want to enable a mode that is different from the default mode of PVS T+.

1. Type configure terminal and press Enter to enter the switch configuration mode.

   switch#configure terminal
   switch(config)#

2. Type spanning-tree mode {pvst | mst | rapid-pvst} and press Enter to configure a spanning-tree mode. In this example, PVST is selected which enables PVST+ spanning-tree mode.

   switch(config)#spanning-tree mode pvst
   

   Note: Configuring rapid-pvst mode requires minimal extra configuration steps. Follow steps 3 to 5 to configure rapid-pvst mode else go to step 6.

3. Type spanning-tree mode rapid-pvst and press Enter to enable rapid PVST+.

   switch(config)#spanning-tree mode rapid-pvst
   

4. Type interface interface-id and press Enter. Valid interfaces include physical ports, VLANs, and port channels. The VLAN ID range is 1 to 4094. The port-channel range is 1 to 12.

   Switch(config)#interface fastEthernet 0/2
   Switch(config-if)#

5. Type spanning-tree link-type point-to-point and press Enter to specify the link type for this port is point-to-point.

   Switch(config-if)#spanning-tree link-type point-to-point
   

   Note: If you connect this port (local port) to a remote port through a point-to-point link and the local port becomes a designated port, the switch negotiates with the remote port and rapidly transitions the local port to the forwarding state.

6. Type end and press Enter to return to privileged EXEC mode.

   Switch(config-if)#end
   Switch#

7. If any port on the switch is connected to a port on a legacy 802.1D switch, restart the protocol migration process on the entire switch. Type clear spanning-tree detected-protocols and press Enter.

   Switch#clear spanning-tree detected-protocols
   

8. Type show spanning-tree summary and press Enter to verify your configuration.

   Switch #show spanning-tree summary
   Switch is in rapid-pvst mode
   Root bridge for: VLAN0001
   Extended system ID            is enabled
   Portfast Default              is disabled
   PortFast BPDU Guard Default   is disabled
   Portfast BPDU Filter Default  is disabled
   Loopguard Default             is disabled
   EtherChannel misconfig guard  is enabled
   UplinkFast                    is disabled
   BackboneFast                  is disabled
   Configured Pathcost method used is short
   
   Name              Blocking     Listening     Learning    Forwarding    STP Active
   ---------------   --------     ---------     --------    ----------    ---------
   VLAN0001               0           0            0           20             20
   ---------------   --------     ---------     --------    ----------    ---------
   1 vlan                 0           0            0           20             20

Configure the Root Switch

The switch maintains a separate spanning-tree instance for each active VLAN configured on it. A bridge ID, consists the switch priority and the switch MAC address, is associated with each instance. For each VLAN, the switch with the lowest bridge ID becomes the root switch for that VLAN.

Follow these steps to configure the Root switch.

1. Type configure terminal and press Enter to enter the switch configuration mode.

   switch#configure terminal
   switch(config)#

2. Type spanning-tree vlan 20 root primary and press Enter to modify the Default VLAN switch priority from the default value (32768) to a significantly lower value.

   Note: The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value would cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 20 root primary
   

   Note: The spanning-tree vlan vlan-id root global configuration command fails if the value necessary to be the root switch is less than 1.

3. Type spanning-tree vlan 21 root primary and press Enter to modify the Network Management VLAN switch priority from the default value (32768) to a significantly lower value.

   switch(config)#spanning-tree vlan 21 root primary
   

4. Type spanning-tree vlan 22 root primary and press Enter to modify the Secure Server VLAN switch priority from the default value (32768) to a significantly lower value. The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value could cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 22 root primary
   

5. Type spanning-tree vlan 23 root primary and press Enter to modify the Guest VLAN switch priority from the default value (32768) to a significantly lower value. The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value would cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 23 root primary
   

   Note: The spanning-tree vlan vlan-id root global configuration command fails if the value necessary to be the root switch is less than 1.

6. Type end and press Enter.

   switch(config)#end
   switch#

7. Type write memory and press Enter.

   switch#write memory
   

Configuring a Secondary Root Switch

When you configure a Catalyst switch as the secondary root, the switch priority is modified from the default value (32768) to 28672. The switch is then likely to become the root switch for the specified VLAN if the primary root switch fails. This makes us assume that the other network switches use the default switch priority of 32768 and therefore are unlikely to become the root switch.

You can execute this command on more than one switch to configure multiple backup root switches. Use the same network diameter and hello-time values that you used when you configured the primary root switch with the spanning-tree vlan vlan-id root primary global configuration command.

1. Log in to the privilege mode of the alternate switch which you want it to become secondary root switch for a specific VLAN.

2. Type configure terminal and press Enter to enter the switch configuration mode.

   switch#configure terminal
   switch(config)#

3. Type spanning-tree vlan 20 root secondary and press Enter to modify the Default VLAN switch priority from the default value 32768 to 28672. The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value would cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 20 root secondary
   

4. Type spanning-tree vlan 21 root secondary and press Enter to modify the Network Management VLAN switch priority from the default value 32768 to 28672. The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value would cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 21 root secondary
   

5. Type spanning-tree vlan 22 root secondary and press Enter to modify the Secure Server VLAN switch priority from the default value 32768 to 28672. The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value would cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 22 root secondary
   

6. Type spanning-tree vlan 23 root secondary and press Enter to modify the Guest VLAN switch priority from the default value 32768 to 28672. The switch software checks the switch priority of the other root switches for each VLAN and sets its own priority for the specified VLAN to 24576 if this value would cause this switch to become the root for the specified VLAN.

   switch(config)#spanning-tree vlan 23 root secondary
   

7. Type end and press Enter.

   switch(config)#end
   switch#

8. Type write memory and press Enter.

   switch#write memory
   

Configure Port Fast

Spanning-tree Port Fast causes a spanning-tree port to enter the forwarding state immediately, bypassing the listening and learning states. The Port Fast feature must be used, only when connecting a single end station or a server to an access or trunk port. Follow these steps to enable Port Fast:

1. Type configure terminal and press Enter to enter the switch configuration mode.

   switch#configure terminal
   switch(config)#

2. Specify the interface on which Port Fast must be enabled using interface command.

   switch(config)#interface fastEthernet 0/1
   

3. Type command spanning-tree portfast to enable Port Fast feature on this interface. If the interface is a trunk interface then use command spanning-tree portfast trunk to enable Port Fast feature. Make sure that there are no loops in the network between the trunk port and the workstation or server before enabling Port Fast on a trunk port.

   switch(config-if)#spanning-tree portfast
   

4. Type end and press Enter to return to privileged EXEC mode.

   switch(config-if)#end
   

5. Type write memory and press Enter.

   switch#write memory
   

To disable Port Fast on a particular interface get into the interface using interface command and then use the command spanning-tree portfast disable.

switch(config)#interface fastEthernet 0/1
switch(config-if)#spanning-tree portfast disable

Back to Top

Disabling Spanning Tree

STP is enabled by default on VLAN 1 and on all newly created VLANs up to the spanning-tree limit.

Caution: Disable STP only if you are sure there are no loops in the network topology. When STP is disabled and loops are present in the topology, excessive traffic and indefinite packet duplication can drastically reduce network performance.

Follow these steps to disable STP:

1. Type configure terminal and press Enter to enter the switch configuration mode.

   switch#configure terminal
   switch(config)#

2. Type no spanning-tree vlan vlan-id and press Enter to Disable STP on a per-VLAN basis. For vlan-id, the range is 1 to 4094. Do not enter leading zeros.

   switch(config)#no spanning-tree vlan 22
   

3. Type end and press Enter.

   switch(config)#end
   switch#

Back to Top

Next Step

You have completed this procedure.

To make further changes to your switch, refer to the Switch Support Page.

To configure other devices in your network, refer to the Configuration Overview Page.

Back to Top

Related Information

• Basic Setup and Configuration for the Catalyst Switch
• Configure Spanning Tree Protocol (STP) on a Catalyst Switch that runs Catalyst OS Software
• Prepare to Configure Spanning Tree Protocol (STP) on a Catalyst Switch