STP calls ports) to prevent them from endlessly looping through the network. Radia Perlman began work on the original STP (802.1D) in 1984. Because this was prior to the widespread use of VLANs, 802.1D worked by simply blocking interfaces, a logical choice since the physical topology and the logical topology were the same. An interface could be a member of only a single LAN.
The advent of VLANs required a different approach. Each VLAN represented a different logical topology such that one VLAN might be configured in a loop while another VLAN would be loop-free. No longer could STP prevent loops by blocking interfaces. Instead, it had to determine the logical topology of each VLAN, and then selectively drop any Ethernet frames that might cause a loop—an approach called Per-VLAN Spanning Tree (PVST). Much of Spanning Tree's reputation for being complicated is due to this decoupling of the physical and logical topologies. It's not that Spanning Tree itself is hard to understand but that it behaves differently depending on the VLAN.
The first step to understanding and configuring Spanning Tree is to get a handle on the logical topology of each VLAN, so we'll start by looking at VLANs and trunking. After that, you'll learn about Rapid Per-VLAN Spanning Tree (RPVST+ or RSTP), which is the most common Spanning Tree protocol in use today. We'll then cover Multiple Spanning Tree Protocol (MSTP) and finally some Cisco-proprietary Spanning Tree extensions. You can classify each STP type by the approach it uses to prevent loops. There are three approaches:
802.1D—Avoids a loop in the LAN.
PVST—Prevents loops in a VLAN. Most of the time this is what people mean when they say “Spanning Tree.”
MST—Prevents loops in an arbitrary group of VLANs.
Keep these differences in mind as you read through this chapter.
The Need for Spanning Tree
There's nothing inherently problematic about having physical loops. The physical loops become problematic only when they create layer 2 loops. In Figure 2.1, all links are in VLAN 1, creating a loop between each pair of switches as well as among them. We could easily eliminate these layer 2 loops in two ways:
By removing the physical loops
By doing away with a stretched VLAN and turning each link into a routed (layer 3) link, where each link represents a separate broadcast domain
Figure 2.1 Physical looped topology
The latter option would eliminate any chance of a broadcast storm and, from a scalability and stability perspective, would be ideal. We'll cover routed topologies in Chapter 3, “Enterprise Network Design.” Although a routed topology is ideal, implementing it requires planning and effort that the organization may not be willing or able to spend. Many therefore extend VLANs across several switches connected together, often in a loop for redundancy.
The goal of STP is to impose a loop-free logical topology by strategically dropping certain Ethernet frames on specific interfaces (what STP calls ports) to prevent them from endlessly looping through the network. You should already have at least a passing familiarity with Spanning Tree. Before continuing, take a moment to test your understanding by trying to calculate the root bridge and root ports for the topology in Figure 2.1.
To refresh your memory, the STP process is as follows:
1 All switches elect a root bridge. The root bridge doesn't block any traffic but forwards frames normally.
2 Each non-root switch determines its root port. The root port is the port that provides the lowest-cost path back to the root bridge. Any other ports leading back to the root block frames to prevent a loop from forming between the root and the non-root bridge.
3 Each connected pair of non-root switches elects a designated bridge for that link or segment. The designated bridge forwards frames over that link normally, whereas the other bridge doesn't forward any frames. The result is a logical loop-free topology, as shown in Figure 2.2.
Figure 2.2 Converged STP topology with SW1 as the root
VLANs and Trunking
The first step in configuring or troubleshooting Spanning Tree is to ensure your VLANs and trunks are configured properly. Although we naturally think of Spanning Tree as an answer to loops caused by redundant physical connections, bridging loops actually only occur when a layer 2 loop exists in a VLAN. It's possible—indeed, preferable—to configure your trunks in such a way that they don't form a loop to begin with. We'll cover design considerations around VLANs and trunks in Chapter 3. But for Spanning Tree, recognize that the first step is to figure out what VLANs you should have on each switch and what trunks those VLANs should traverse.
Most networks have multiple VLANs stretching across 802.1Q trunks. Ideally, you'll selectively prune VLANs from trunks where you don't need those VLANs. Because any given trunk may carry some VLANs and not others, it's possible for there to be layer 2 loops in one VLAN but not in another. Consider the two VLANs in Figure 2.3. All trunks carry VLAN 3, creating a loop. But only the trunks between SW1 and SW2, SW3, and SW4 carry VLAN 2.
Figure 2.3 Multiple VLANs over 802.1Q trunks
To eliminate the bridging loops in VLAN 3, Spanning Tree must block VLAN 3 traffic from traversing two links. (As a fun exercise, see if you can figure out which two.) VLAN 2 has no loops, so there's no need to block anything. Although we typically say that STP “blocks a port,” this isn't quite accurate. If Spanning Tree were to truly block a port, it would block traffic for all VLANs, not just the one with the loop. This isn't what happens. What it does to break the loop is drop Ethernet frames ingressing a particular port on a particular VLAN. Hence, in order for Spanning Tree to be useful in a multi-VLAN environment, it must treat each VLAN independently.
Per-VLAN Spanning Tree+ (PVST+) is Cisco's implementation of the original Spanning Tree specification, IEEE 802.1D. PVST+ creates a separate Spanning Tree instance for each VLAN. You can configure each Spanning Tree instance differently so that a port blocked for one VLAN will be forwarding for another. This way, you can simultaneously use all available physical links. PVST+ is also sometimes called Shared Spanning Tree Protocol (SSTP).
RPVST+ performs the same basic function as PVST+ but has a faster convergence time—the speed at which each switch settles on which ports to block. As of IOS 15.2(4)E, RPVST+ is the default mode.
MST (802.1s) is similar to RPVST+, except instead of having one Spanning Tree instance per VLAN, MST lets you choose
