STP Configuration #
Spanning Tree Protocol Variants #
| Protocol | Standard | Resources Needed | Convergence | Tree Calculation |
|---|---|---|---|---|
| STP | 802.1D | Low | Slow | All VLANs |
| PVST+ | Cisco | High | Slow | Per VLAN |
| RSTP | 802.1w | Medium | Fast | All VLANs |
| Rapid PVST+ | Cisco | Very high | Fast | Per VLAN |
| MSTP | 802.1s | Medium or high | Fast | Per Instance |
Spanning Tree Mode Selection #
Cisco IOS use PVST+ as default mode.
Switch(config)# spanning-tree mode {stp | pvst | rapid-pvst | mst}
Bridge Priority Setup #
Bridge priority only allows to be in multiple of 4096.
Switch(config)# spanning-tree vlan <vlan_id> root {primary | secondary}
% or
Switch(config)# spanning-tree vlan <vlan_id> priority <value>
STP Cost Settings #
Switch(config)# interface <interface>
Switch(config-if)# spanning-tree vlan <vlan_id> cost <value>
STP Port States Overview #
| Status | Receive BPDU | Send BPDU | Learn MAC | Forwarding | Duration |
|---|---|---|---|---|---|
| Disabled | ✘ | ✘ | ✘ | ✘ | Until no shutdown |
| Blocking | ✔ | ✘ | ✘ | ✘ | Until topology changed |
| Listening | ✔ | ✔ | ✘ | ✘ | Forward Delay (default 15s) |
| Learning | ✔ | ✔ | ✔ | ✘ | Forward Delay (default 15s) |
| Forwarding | ✔ | ✔ | ✔ | ✔ | Until shutdown or not root/designated port |
STP Enhancements #
PortFast Configuration #
⚠️Warning: PortFast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc., to this interface when PortFast is enabled can cause temporary bridging loops.
Allow a port to enter from blocking to forwarding state immediately, bypassing the listening and learning states.
-
Configure PortFast on a switch port
Switch(config)# interface <interface> Switch(config-if)# spanning-tree portfast -
Enable PortFast on all non-trunking interfaces
Switch(config)# spanning-tree portfast default
BPDU Guard Configuration #
If BPDU guard is enabled, it puts the port in an err-disabled state when receiving a BPDU.
Switch(config)# interface <interface>
Switch(config-if)# spanning-tree bpduguard enable
Root Guard Configuration #
If there is a superior BPDU received on the port, root guard does not take the BPDU into account and so puts the port into root inconsistent state.
Switch(config)# interface <interface>
Switch(config-if)# spanning-tree guard root
Verify STP Configuration #
Switch# show spanning-tree
Switch# show spanning-tree vlan <vlan_id>
Switch# show spanning-tree detail