2007 2010, Cisco Systems, Inc. All rights reserved.

Cisco Public
SWIC! v" Ch#$ter %
1
Ch#$ter %&
Im$lementing S$#nning
ree
CCNP SWITCH: Implementing IP Switching
Ch#$ter %
2 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 3 Objectives
'escribe s$#nning tree $rotocols.
'escribe #nd con(igure )SP.
'escribe #nd con(igure *S.
Con(igure SP (e#tures to enh#nce resiliency #nd $revent
(or+#rding loo$s.
,-$l#in recommended SP con(igur#tions #nd $r#ctices.
roubleshoot s$#nning tree issues.
Ch#$ter %
% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Spanning Tree
Protocol Basics
Ch#$ter %
. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Spanning Tree History
SP +#s invented in 1/01 by )#di# Perlm#n #t the 'igit#l
,2ui$ment Cor$or#tion.
In 1//0, I,,, $ublished the (irst st#nd#rd (or the $rotocol #s
002.1'.
Common S$#nning ree 3CS4 56 Cisco P7S8 56 )#$id SP
3)SP4 or I,,, 002.1+ 56 Cisco P7)S8 56 *ulti$le S$#nning
ree 3*S4 or I,,, 002.1s 56 SP security enh#ncements
Ch#$ter %
1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
STP Operation !"eview #rom CCN$%
Ch#$ter %
" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
STP Operation & !"eview #rom CCN$%
$ll lin's are (( )b*s+
Ch#$ter %
7 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"api, Spanning
Tree Protocol
Ch#$ter %
0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - Port States
Port State .escription
'isc#rding
his st#te is seen in both # st#ble #ctive to$ology #nd during to$ology
synchroni9#tion #nd ch#nges. he disc#rding st#te $revents the (or+#rding o(
d#t# (r#mes, thus :bre#;ing< the continuity o( # =#yer 2 loo$.
=e#rning
his st#te is seen in both # st#ble #ctive to$ology #nd during to$ology
synchroni9#tion #nd ch#nges. he le#rning st#te #cce$ts d#t# (r#mes to
$o$ul#te the *AC t#ble to limit (looding o( un;no+n unic#st (r#mes.
>or+#rding
his st#te is seen only in st#ble #ctive to$ologies. he (or+#rding s+itch $orts
determine the to$ology. >ollo+ing # to$ology ch#nge, or during
synchroni9#tion, the (or+#rding o( d#t# (r#mes occurs only #(ter # $ro$os#l
#nd #greement $rocess.
Operational
Stat/s
STP Port State "STP Port State Port Incl/,e, in
$ctive Topology
,n#bled ?loc;ing 'isc#rding @o
,n#bled =istening 'isc#rding @o
,n#bled =e#rning =e#rning Aes
,n#bled >or+#rding >or+#rding Aes
'is#bled 'is#bled 'isc#rding @o
Ch#$ter %
/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - Port "oles
STP Port "ole "STP Port
"ole
STP Port
State
"STP Port
State
)oot $ort )oot $ort >or+#rding >or+#rding
'esign#ted $ort 'esign#ted
$ort
>or+#rding >or+#rding
@ondesign#ted
$ort
Altern#te or
b#c;u$ $ort
?loc;ing 'isc#rding
'is#bled 'is#bled 5 'isc#rding
r#nsition r#nsition =istening
=e#rning
=e#rning
Ch#$ter %
10 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - "api, Transition to
0orwar,ing - 1in' Type
1in'
Type
.escription
Point5to5
$oint
Port o$er#ting in (ull5
du$le- mode. It is
#ssumed th#t the $ort is
connected to # single
s+itch device #t the other
end o( the lin;.
Sh#red Port o$er#ting in h#l(5
du$le- mode. It is
#ssumed th#t the $ort is
connected to sh#red
medi# +here multi$le
s+itches might e-ist.
Ch#$ter %
11 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - "api, Transition to
0orwar,ing - 2,ge Ports
An )SP edge $ort is # s+itch $ort
th#t is never intended to be
connected to #nother s+itch device.
It immedi#tely tr#nsitions to the
(or+#rding st#te +hen en#bled.
@either edge $orts nor Port>#st5
en#bled $orts gener#te to$ology
ch#nges +hen the $ort tr#nsitions
to dis#bled or en#bled st#tus.
Bnli;e Port>#st, #n edge $ort th#t
receives # ?P'B immedi#tely loses
its edge $ort st#tus #nd becomes #
norm#l s$#nning5tree $ort. When #n
edge $ort receives # ?P'B, it
gener#tes # to$ology ch#nge
noti(ic#tion 3C@4.
Ch#$ter %
12 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - Proposal an, $greement
Ch#$ter %
1% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - Topology Change !TC%
)echanism
Cnly non5edge $orts th#t #re moving to the (or+#rding st#te
c#use # to$ology ch#nge. A $ort th#t is moving to bloc;ing does
not c#use the res$ective bridge to gener#te # C ?P'B.
Ch#$ter %
1. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP Operation - Bri,ge I,enti#ier #or P3"ST4
Cnly (our high5order bits o( the 1"5bit ?ridge Priority (ield
#((ect the $riority. here(ore, $riority c#n be incremented
only in ste$s o( .0/", onto +hich #re #dded the 7=A@
number. >or e-#m$le, (or 7=A@ 11& I( the $riority is le(t #t
de(#ult, the 1"5bit Priority (ield +ill hold %27"0 8 11 D %277/.
Ch#$ter %
11 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"STP an, 5(&+. STP Compatibility
)SP c#n o$er#te +ith 002.1' SP. !o+ever, 002.1+Es
(#st5convergence bene(its #re lost +hen inter#cting +ith
002.1' bridges.
,#ch $ort m#int#ins # v#ri#ble th#t de(ines the $rotocol to
run on the corres$onding segment. I( the $ort receives
?P'Bs th#t do not corres$ond to its current o$er#ting mode
(or t+o times the hello time, it s+itches to the other SP
mode.
Ch#$ter %
1" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
.e#a/lt STP Con#ig/ration on Cisco Switch
P7S8
?ridge $riority %2,7"0 (or e#ch 7=A@
Ch#$ter %
17 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Spanning Tree Port0ast
?y$#ss 002.1' SP listening #nd le#rning st#tes 3bloc;ing
st#te (or+#rding st#te4
Ports connected to end st#tions
Prevents '!CP timeouts
*#y cre#te bridging loo$s i( en#bled on trun; $ort
Ch#$ter %
10 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Con#ig/ring Port0ast on $ccess Ports
Bse the spanning-tree portfast inter(#ce comm#nd
to en#ble the Port>#st (e#ture.
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface FastEthernet 3/27
Switch(configif)# spanning-tree portfast
!"arning# portfast should onl$ %e ena%led on ports connected to a
single
host. Connecting hu%s, concentrators, switches, %ridges, etc... to
this
interface when portfast is ena%led, can cause temporar$ %ridging
loops.
&se with C'&T()N
!*ortfast has %een configured on +astEthernet,/-. %ut will onl$
ha/e effect when the interface is in a nontrun0ing mode.
Switch(configif)# end
Switch#
Switch# show spanning-tree interface FastEthernet 3/27 portfast
1L'N2223 ena%led
Ch#$ter %
1/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Con#ig/ring Port0ast 6lobally
Bse the spanning-tree portfast de(#ult glob#l
con(igur#tion mode comm#nd to en#ble the Port>#st
(e#ture on #ll nontrun;ing inter(#ces.
Switch(config)# spanning-tree portfast default
Ch#$ter %
20 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Con#ig/ring Port0ast on Tr/n' Ports
Bse the spanning-tree portfast trunk inter(#ce
comm#nd to en#ble the Port>#st (e#ture on # trun; $ort.
Switch(config)# spanning-tree portfast trunk
Ch#$ter %
21 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Con#ig/ring $ccess Port )acro
Bse the switchport host m#cro comm#nd on #n
inter(#ce connecting to #n end st#tion.
Switch(configif)# switchport host
switchport mode will %e set to access
spanningtree portfast will %e ena%led
channel group will %e disa%led
Switch(configif)# end
Switch#
Ch#$ter %
22 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing P3"ST4
1. ,n#ble P7)S8 glob#lly. P7)S8 should be con(igured on #ll
s+itches in the bro#dc#st dom#in.
2. 'esign#te #nd con(igure # s+itch to be the root bridge.
%. 'esign#te #nd con(igure # s+itch to be the second#ry 3b#c;u$4 root
bridge.
.. ,nsure lo#d sh#ring on u$lin;s using $riority #nd cost $#r#meters.
1. 7eri(y the con(igur#tion.
Ch#$ter %
2% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying P3"ST4
he out$ut belo+ illustr#tes ho+ to veri(y the )SP
con(igur#tion (or 7=A@2 on # nonroot s+itch in # to$ology.
Switch# show spanningtree /lan -
1L'N222-
Spanning tree ena%led protocol rstp
4oot (5 *riorit$ ,-.67
'ddress 222%.fc%8.dac2
Cost ,7
*ort . (+astEthernet2/.)
9ello Time - sec :a; 'ge -2 sec +orward 5ela$ 38 sec
<ridge (5 *riorit$ ,-..2 (priorit$ ,-.67 s$side;t -)
'ddress 223,.8f3c.e3c2
9ello Time - sec :a; 'ge -2 sec +orward 5ela$ 38 sec
'ging Time ,22
(nterface 4ole Sts Cost *rio.N%r T$pe

+a2/. 4oot +"5 3= 3-7.. *-p

+a2/7 4oot +"5 3= 3-7.7 *-p
Ch#$ter %
2. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)/ltiple
Spanning Tree
Ch#$ter %
21 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST )otivation
Above& 2 lin;s 1000 7=A@s 2 *S inst#nces.
,#ch s+itch m#int#ins only t+o s$#nning trees, reducing
the need (or s+itch resources.
Conce$t e-tend#ble to .0/" 7=A@s& 7=A@ lo#d b#l#ncing.
*S converges (#ster th#n P7)S8 #nd is b#c;+#rd
com$#tible +ith 002.1' SP #nd 002.1+.
Ch#$ter %
2" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST Instances
2 distinct SP to$ologies re2uire 2 *S inst#nces 3100 $er inst#nce here4.
=o#d5b#l#ncing +or;s bec#use h#l( o( the 7=A@s (ollo+ e#ch se$#r#te
inst#nce.
S+itch utili9#tion is lo+ bec#use it only h#s to h#ndle t+o inst#nces.
*S is the best solution (or this scen#rio.
Consider#tions& *S is more com$le- th#n 002.1' #nd 002.1+, so it re2uires
#ddition#l tr#ining. Inter#ction +ith leg#cy bridges c#n be ch#llenging.
Ch#$ter %
27 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST "egions
,#ch s+itch th#t runs *S in the net+or; h#s # single *S con(igur#tion th#t consists o(
three #ttributes&
F An #l$h#numeric con(igur#tion n#me 3%2 bytes4
F A con(igur#tion revision number 32 bytes4
F A .0/"5element t#ble th#t #ssoci#tes e#ch o( the $otenti#l .0/" 7=A@s su$$orted on the ch#ssis to
# given inst#nce
he $ort on ?1 is #t the bound#ry o( )egion A, +here#s the $orts on ?2 #nd ?% #re
intern#l to )egion ?.
Ch#$ter %
20 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST 7se o# 28ten,e, System I.
*S c#rries the inst#nce number in the 125bit ,-tended
System I' (ield o( the ?ridge I'.
Ch#$ter %
2/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST Con#ig/ration
,n#ble *S on s+itch.
Switch(config)# spanning-tree mode mst
,nter *S con(igur#tion submode.
Switch(config)# spanning-tree mst configuration
'is$l#y current *S con(igur#tion.
Switch(configmst)# show current
@#me *S inst#nce.
Switch(configmst)# name name
Set the 1"5bit *S revision number. It is not incremented
#utom#tic#lly +hen you commit # ne+ *S con(igur#tion.
Switch(configmst)# revision revision_number
Ch#$ter %
%0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST Con#ig/ration !cont%
*#$ 7=A@s to *S inst#nce.
S+itch3con(ig5mst4G instance instance_number vlan vlan_range
'is$l#y ne+ *S con(igur#tion to be #$$lied.
S+itch3con(ig5mst4G show pen,ing
A$$ly con(igur#tion #nd e-it *S con(igur#tion submode.
S+itch3con(ig5mst4G e8it
Assign root bridge (or *S inst#nce. his synt#- m#;es the
s+itch root $rim#ry or second#ry 3only #ctive i( $rim#ry
(#ils4. It sets $rim#ry $riority to 2.17" #nd second#ry to
20"72.
S+itch3con(ig4G spanning9tree mst instance_number root primary H
secondary
Ch#$ter %
%1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
)ST Con#ig/ration 28ample
Switch'(config)# spanning-tree mode mst
Switch'(config)# spanning-tree mst configuration
Switch'(configmst)# name XYZ
Switch'(configmst)# revision 1
Switch'(configmst)# instance 1 vlan 11 21 31
Switch'(configmst)# instance 2 vlan 12 22 32
Switch'(config)# spanning-tree mst 1 root primar!
Switch<(config)# spanning-tree mode mst
Switch<(config)# spanning-tree mst configuration
Switch<(configmst)# name XYZ
Switch<(configmst)# revision 1
Switch<(configmst)# instance 1 vlan 11 21 31
Switch<(configmst)# instance 2 vlan 12 22 32
Switch<(config)# spanning-tree mst 2 root primar!
Ch#$ter %
%2 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying )ST Con#ig/ration 28ample !%
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# spanning-tree mode mst
Switch(config)# spanning-tree mst configuration
Switch(configmst)# show current
Current :ST configuration
Name >?
4e/ision 2
(nstance 1lans mapped

2 3@2=@

Switch(configmst)# name cisco

Switch(configmst)# revision 1
Switch(configmst)# instance 1 vlan 1-1"
Switch(configmst)# show pending
*ending :ST configuration
Name >cisco?
4e/ision 3
(nstance 1lans mapped

2 33@2=@
3 332
Switch(configmst)# end
Ch#$ter %
%% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying )ST Con#ig/ration 28ample !&%
Switch# show spanning-tree mst
###### :ST22 /lans mapped# 8@2=@
<ridge address 222=.e7@8.6@72 priorit$ ,-.67 (,-.67 s$sid 2)
4oot this switch for CST and (ST
Configured hello time -, forward dela$ 38, ma; age -2, ma; hops -2
(nterface 4ole Sts Cost *rio.N%r T$pe

+a,/-@ 5esg +"5 -222222 3-7.38- Shr
+a,/,- 5esg +"5 -22222 3-7.362 *-p
+a,/@- <ac0 <LA -22222 3-7.3.2 *-p
###### :ST23 /lans mapped# 3-
<ridge address 222=.e7@8.6@72 priorit$ ,-.6= (,-.67 s$sid 3)
4oot this switch for :ST23
(nterface 4ole Sts Cost *rio.N%r T$pe

+a,/-@ 5esg +"5 -222222 3-7.38- Shr
+a,/,- 5esg +"5 -22222 3-7.362 *-p
+a,/@- <ac0 <LA -22222 3-7.3.2 *-p
###### :ST2- /lans mapped# ,@
<ridge address 222=.e7@8.6@72 priorit$ ,-..2 (,-.67 s$sid -)
4oot this switch for :ST2-
(nterface 4ole Sts Cost *rio.N%r T$pe

+a,/-@ 5esg +"5 -222222 3-7.38- Shr
Ch#$ter %
%. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying )ST Con#ig/ration 28ample !3%
Switch# show spanning-tree mst 1
###### :ST23 /lans mapped# 3-
<ridge address 222=.e7@8.6@72 priorit$ ,-.6= (,-.67 s$sid 3)
4oot this switch for :ST23
(nterface 4ole Sts Cost *rio.N%r T$pe

+a,/-@ 5esg +"5 -222222 3-7.38- Shr
+a,/,- 5esg +"5 -22222 3-7.362 *-p
+a,/@- <ac0 <LA -22222 3-7.3.2 *-p
Ch#$ter %
%1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying )ST Con#ig/ration 28ample !:%
Switch# show spanning-tree mst interface FastEthernet 3/2#
+astEthernet,/-@ of :ST22 is designated forwarding
Edge port# no (default) port guard # none (default)
Lin0 t$pe# shared (auto) %pdu filter# disa%le (default)
<oundar$ # internal %pdu guard # disa%le (default)
<pdus sent 73, recei/ed 73
(nstance 4ole Sts Cost *rio.N%r 1lans mapped

2 5esg +"5 -222222 3-7.38- 8@2=@
3 5esg +"5 -222222 3-7.38- 3-
- 5esg +"5 -222222 3-7.38- ,@
Ch#$ter %
%" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying )ST Con#ig/ration 28ample !;%
Switch# show spanning-tree mst 1 detail
###### :ST23 /lans mapped# 3-
<ridge address 222=.e7@8.6@72 priorit$ ,-.6= (,-.67 s$sid 3)
4oot this switch for :ST23
+astEthernet,/-@ of :ST23 is designated forwarding
*ort info port id 3-7.38- priorit$ 3-7 cost -222222
5esignated root address 222=.e7@8.6@72 priorit$ ,-.6= cost 2
5esignated %ridge address 222=.e7@8.6@72 priorit$ ,-.6= port id 3-7.38-
Timers# message e;pires in 2 sec, forward dela$ 2, forward transitions 3
<pdus (:4ecords) sent.88, recei/ed 2
+astEthernet,/,- of :ST23 is designated forwarding
*ort info port id 3-7.362 priorit$ 3-7 cost -22222
5esignated root address 222=.e7@8.6@72 priorit$ ,-.6= cost 2
5esignated %ridge address 222=.e7@8.6@72 priorit$ ,-.6= port id 3-7.362
Timers# message e;pires in 2 sec, forward dela$ 2, forward transitions 3
<pdus (:4ecords) sent .6=, recei/ed 3
+astEthernet,/@- of :ST23 is %ac0up %loc0ing
*ort info port id 3-7.3.2 priorit$ 3-7 cost -22222
5esignated root address 222=.e7@8.6@72 priorit$ ,-.6= cost 2
5esignated %ridge address 222=.e7@8.6@72 priorit$ ,-.6= port id 3-7.362
Timers# message e;pires in 8 sec, forward dela$ 2, forward transitions 2
<pdus (:4ecords) sent 3, recei/ed .6=
Ch#$ter %
%7 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
7n,erstan,ing
Spanning Tree
2nhancements
Ch#$ter %
%0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Spanning Tree 2nhancements
BP.7 g/ar,& Prevents #ccident#l connection o( s+itching devices to Port>#st5
en#bled $orts. Connecting s+itches to Port>#st5en#bled $orts c#n c#use =#yer 2
loo$s or to$ology ch#nges.
BP.7 #iltering: )estricts the s+itch (rom sending unnecess#ry ?P'Bs out #ccess
$orts.
"oot g/ar,& Prevents s+itches connected on $orts con(igured #s #ccess $orts (rom
becoming the root s+itch.
1oop g/ar,& Prevents root $orts #nd #ltern#te $orts (rom moving to (or+#rding st#te
+hen they sto$ receiving ?P'Bs.
Ch#$ter %
%/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
BP.7 6/ar,
?P'B Iu#rd $uts #n inter(#ce con(igured (or SP Port>#st in the err5
dis#ble st#te u$on recei$t o( # ?P'B. ?P'B gu#rd dis#bles inter(#ces
#s # $reventive ste$ to #void $otenti#l bridging loo$s.
?P'B gu#rd shuts do+n Port>#st5con(igured inter(#ces th#t receive
?P'Bs, r#ther th#n $utting them into the SP bloc;ing st#te 3the de(#ult
beh#vior4. In # v#lid con(igur#tion, Port>#st5con(igured inter(#ces should
not receive ?P'Bs. )ece$tion o( # ?P'B by # Port>#st5con(igured
inter(#ce sign#ls #n inv#lid con(igur#tion, such #s connection o( #n
un#uthori9ed device.
?P'B gu#rd $rovides # secure res$onse to inv#lid con(igur#tions,
bec#use the #dministr#tor must m#nu#lly re5en#ble the err5dis#bled
inter(#ce #(ter (i-ing the inv#lid con(igur#tion. It is #lso $ossible to set u$
# time5out interv#l #(ter +hich the s+itch #utom#tic#lly tries to re5en#ble
the inter(#ce. !o+ever, i( the inv#lid con(igur#tion still e-ists, the s+itch
err5dis#bles the inter(#ce #g#in.
Ch#$ter %
.0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
BP.7 6/ar, Con#ig/ration
o en#ble ?P'B gu#rd glob#lly, use the comm#nd&
spanning-tree portfast $pduguard default
o en#ble ?P'B gu#rd on # $ort, use the comm#nd&
spanning-tree $pduguard ena$le
?P'B gu#rd logs mess#ges to the console&
-22= :a$ 3- 38#3,#,- !S*'NT4EE-
4BC*)4T+'ST#4ecei/ed <*5& on *ort+ast ena%le port.
5isa%ling -/3
-22= :a$ 3- 38#3,#,- !*'D*8*)4T+4):ST*#*ort -/3
left %ridge port -/3
Ch#$ter %
.1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
BP.7 6/ar, Con#ig/ration 28ample
Switch(config)# spanning-tree portfast edge $pduguard default
Switch(config)# end
Switch# show spanning-tree summar! totals
4oot %ridge for# none.
*ort+ast <*5& Duard is ena%led
Etherchannel misconfiguration guard is ena%led
&plin0+ast is disa%led
<ac0%one+ast is disa%led
5efault pathcost method used is short
Name <loc0ing Listening Learning +orwarding ST* 'cti/e

,@ 1L'Ns 2 2 2 ,6 ,6
Ch#$ter %
.2 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
BP.7 0iltering
?P'B (iltering $revents # Cisco s+itch (rom sending ?P'Bs on
Port>#st5en#bled inter(#ces, $reventing unnecess#ry ?P'Bs (rom
being tr#nsmitted to host devices.
?P'B gu#rd h#s no e((ect on #n inter(#ce i( ?P'B (iltering is en#bled.
When en#bled glob#lly, ?P'B (iltering h#s these #ttributes&
F It #((ects #ll o$er#tion#l Port>#st $orts on s+itches th#t do not h#ve ?P'B (iltering
con(igured on the individu#l $orts.
F I( ?P'Bs #re seen, the $ort loses its Port>#st st#tus, ?P'B (iltering is dis#bled,
#nd SP sends #nd receives ?P'Bs on the $ort #s it +ould +ith #ny other SP
$ort on the s+itch.
F B$on st#rtu$, the $ort tr#nsmits ten ?P'Bs. I( this $ort receives #ny ?P'Bs
during th#t time, Port>#st #nd Port>#st ?P'B (iltering #re dis#bled.
When en#bled on #n inter(#ce, ?P'B (iltering h#s these #ttributes&
F It ignores #ll ?P'Bs received.
F It sends no ?P'Bs.
Ch#$ter %
.% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
BP.7 0iltering Con#ig/ration
o en#ble ?P'B (iltering glob#lly, use the comm#nd&
spanning-tree portfast $pdufilter default
o en#ble ?P'B gu#rd on # $ort, use the comm#nd&
spanning-tree $pdufilter ena$le
Ch#$ter %
.. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying BP.7 0iltering Con#ig/ration !%
Port>#st ?P'B (iltering st#tus&
Switch# show spanningtree summar$
Switch is in p/st mode
4oot %ridge for# none
E;tended s$stem (5 is ena%led
*ortfast 5efault is disa%led
*ort+ast <*5& Duard 5efault is disa%led
*ortfast <*5& +ilter 5efault is disa%led
Loopguard 5efault is disa%led
EtherChannel misconfig guard is ena%led
&plin0+ast is disa%led
<ac0%one+ast is disa%led
Configured *athcost method used is short
Name <loc0ing Listening Learning +orwarding ST*
'cti/e

1L'N2223 - 2 2 6 7

3 /lan - 2 2 6 7
Ch#$ter %
.1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying BP.7 0iltering Con#ig/ration !&%
7eri(ying Port>#st ?P'B (iltering on # s$eci(ic $ort&
Switch# show spanning-tree interface fastEthernet #/# detail
*ort 3=6 (+astEthernet@/@) of 1L'N2232 is forwarding
*ort path cost 3222, *ort priorit$ 362, *ort (dentifier 362.3=6.
5esignated root has priorit$ ,-.67, address 22d2.22%7.3@2a
5esignated %ridge has priorit$ ,-.67, address 22d2.22%7.3@2a
5esignated port id is 362.3=6, designated path cost 2
Timers#message age 2, forward dela$ 2, hold 2
Num%er of transitions to forwarding state#3
The port is in the portfast mode %$ portfast trun0 configuration
Lin0 t$pe is pointtopoint %$ default
<pdu filter is ena%led
<*5&#sent 2, recei/ed 2
Ch#$ter %
." 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"oot 6/ar,
)oot gu#rd is use(ul in #voiding =#yer 2 loo$s during
net+or; #nom#lies. he )oot gu#rd (e#ture (orces #n
inter(#ce to become # design#ted $ort to $revent
surrounding s+itches (rom becoming root bridges.
)oot gu#rd5en#bled $orts #re (orced to be design#ted $orts.
I( the bridge receives su$erior SP ?P'Bs on # )oot
gu#rd5en#bled $ort, the $ort moves to # root5inconsistent
SP st#te, +hich is e((ectively e2uiv#lent to the SP
listening st#te, #nd the s+itch does not (or+#rd tr#((ic out o(
th#t $ort. As # result, this (e#ture en(orces the $osition o(
the root bridge.
Ch#$ter %
.7 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"oot 6/ar, )otivation
S+itches A #nd ? com$rise the core o( the net+or;. S+itch A is the root bridge.
S+itch C is #n #ccess l#yer s+itch. When S+itch ' is connected to S+itch C, it
begins to $#rtici$#te in SP. I( the $riority o( S+itch ' is 0 or #ny v#lue lo+er
th#n th#t o( the current root bridge, S+itch ' becomes the root bridge.
!#ving S+itch ' #s the root c#uses the Iig#bit ,thernet lin; connecting the t+o
core s+itches to bloc;, thus c#using #ll the d#t# to (lo+ vi# # 1005*b$s lin;
#cross the #ccess l#yer. his is obviously # terrible outcome.
Ch#$ter %
.0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"oot 6/ar,
Operation
A(ter the root gu#rd (e#ture is en#bled on # $ort, the s+itch
does not en#ble th#t $ort to become #n SP root $ort.
Cisco s+itches log the (ollo+ing mess#ge +hen # root
gu#rden#bled $ort receives # su$erior ?P'B&
!S*'NT4EE-4))TD&'45<L)CA# *ort 3/3 tried to
%ecome nondesignated in 1L'N ...
:o/ed to rootinconsistent state.
Ch#$ter %
./ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"oot 6/ar,
Operation
he current design recommend#tion is to en#ble root gu#rd on #ll #ccess $orts so th#t #
root bridge is not est#blished through these $orts.
In this con(igur#tion, S+itch C bloc;s the $ort connecting to S+itch ' +hen it receives #
su$erior ?P'B. he $ort tr#nsitions to the root5inconsistent SP st#te. @o tr#((ic $#sses
through the $ort +hile it is in root5inconsistent st#te.
When S+itch ' sto$s sending su$erior ?P'Bs, the $ort unbloc;s #g#in #nd goes through
regul#r SP tr#nsition o( listening #nd le#rning, #nd eventu#lly to the (or+#rding st#te.
)ecovery is #utom#ticJ no intervention is re2uired.
Ch#$ter %
10 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"oot 6/ar, Con#ig/ration
Switch(config)# interface FastEthernet %/&
Switch(configif)# spanning-tree guard root
Switch(configif)# end
Switch# show running-config interface FastEthernet %/&
<uilding configuration...
Current configuration# 6. %$tes
E
interface +astEthernet8/7
switchport mode access
spanningtree guard root
end
Ch#$ter %
11 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying "oot 6/ar, Con#ig/ration
Switch# show spanning-tree inconsistentports
Name (nterface (nconsistenc$

1L'N2223 +astEthernet,/3 *ort T$pe (nconsistent
1L'N2223 +astEthernet,/- *ort T$pe (nconsistent
1L'N322- +astEthernet,/3 *ort T$pe (nconsistent
1L'N322- +astEthernet,/- *ort T$pe (nconsistent
Num%er of inconsistent ports (segments) in the s$stem #@
Ch#$ter %
12 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1oop 6/ar,
he =oo$ Iu#rd SP (e#ture im$roves the st#bility o( =#yer 2 net+or;s by $reventing bridging loo$s.
In SP, s+itches rely on continuous rece$tion or tr#nsmission o( ?P'Bs, de$ending on the $ort role. A
design#ted $ort tr#nsmits ?P'Bs +here#s # nondesign#ted $ort receives ?P'Bs.
?ridging loo$s occur +hen # $ort erroneously tr#nsitions to (or+#rding st#te bec#use it h#s sto$$ed
receiving ?P'Bs.
Ports +ith loo$ gu#rd en#bled do #n #ddition#l chec; be(ore tr#nsitioning to (or+#rding st#te. I( #
nondesign#ted $ort sto$s receiving ?P'Bs, the s+itch $l#ces the $ort into the SP loop-inconsistent
bloc;ing st#te.
I( # s+itch receives # ?P'B on # $ort in the loo$5inconsistent SP st#te, the $ort tr#nsitions through
SP st#tes #ccording to the received ?P'B. As # result, recovery is #utom#tic, #nd no m#nu#l
intervention is necess#ry.
Ch#$ter %
1% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1oop 6/ar, )essages
When the =oo$ Iu#rd (e#ture $l#ces # $ort into the loo$5
inconsistent bloc;ing st#te, the s+itch logs the (ollo+ing
mess#ge&
S*'NT4EE-L))*D&'45<L)CA# No <*5&s were recei/ed on port ,/-
in /lan ,.
:o/ed to loopinconsistent state.
A(ter recovery, the s+itch logs the (ollo+ing mess#ge&
S*'NT4EE-L))*D&'45&N<L)CA# port ,/- restored in /lan ,.
Ch#$ter %
1. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1oop 6/ar, Operation
Ch#$ter %
11 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1oop 6/ar, Con#ig/ration Consi,erations
Con(igure =oo$ Iu#rd on # $er5$ort b#sis,
#lthough the (e#ture bloc;s inconsistent $orts on #
$er57=A@ b#sisJ (or e-#m$le, on # trun; $ort, i(
?P'Bs #re not received (or only one $#rticul#r
7=A@, the s+itch bloc;s only th#t 7=A@ 3th#t is,
moves the $ort (or th#t 7=A@ to the loo$5
inconsistent SP st#te4. In the c#se o( #n
,therCh#nnel inter(#ce, the ch#nnel st#tus goes
into the inconsistent st#te (or #ll the $orts
belonging to the ch#nnel grou$ (or the $#rticul#r
7=A@ not receiving ?P'Bs.
,n#ble =oo$ Iu#rd on #ll nondesign#ted $orts.
=oo$ gu#rd should be en#bled on root #nd
#ltern#te $orts (or #ll $ossible combin#tions o(
#ctive to$ologies.
=oo$ Iu#rd is dis#bled by de(#ult on Cisco
s+itches.
Ch#$ter %
1" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1oop 6/ar, Con#ig/ration
Bse the (ollo+ing inter(#ce5level con(igur#tion comm#nd to
en#ble =oo$ Iu#rd&
Switch(configif)# spanning-tree guard loop
I( =oo$ Iu#rd is en#bled glob#lly, the s+itch en#bles =oo$
Iu#rd only on $orts considered to be $oint5to5$oint lin;s
3(ull5du$le- lin;s4.
he glob#l con(igur#tion c#n be overridden on # $er5$ort
b#sis. o en#ble =oo$ Iu#rd glob#lly, use the (ollo+ing
glob#l con(igur#tion comm#nd&
Switch(config)# spanning-tree loopguard default
Ch#$ter %
17 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying 1oop 6/ar, Con#ig/ration
o veri(y =oo$ Iu#rd st#tus on #n inter(#ce, issue the
(ollo+ing &
Switch(configif)# spanning-tree guard loop
I( =oo$ Iu#rd is en#bled glob#lly, the s+itch en#bles =oo$
Iu#rd only on $orts considered to be $oint5to5$oint lin;s
3(ull5du$le- lin;s4. he glob#l con(igur#tion c#n be
overridden on # $er5$ort b#sis. o en#ble =oo$ Iu#rd
glob#lly, use the (ollo+ing glob#l con(igur#tion comm#nd&
Switch(config)# spanning-tree loopguard default
Ch#$ter %
10 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
3eri#ying 1oop 6/ar, Con#ig/ration
o veri(y =oo$ Iu#rd st#tus on #n inter(#ce, issue the
comm#nd show spanning-tree interface
interface-id detail.
Switch# show spanning-tree interface FastEthernet 3/#2 detail
*ort 3.2 (+astEthernet,/@-) of 1L'N2223 is %loc0ing
*ort path cost 3=, *ort priorit$ 3-7, *ort (dentifier 3-7.3.2.
5esignated root has priorit$ 73=,, address 222=.e7@8.6@72
5esignated %ridge has priorit$ 73=,, address 222=.e7@8.6@72
5esignated port id is 3-7.362, designated path cost 2
Timers# message age 3, forward dela$ 2, hold 2
Num%er of transitions to forwarding state# 2
Lin0 t$pe is pointtopoint %$ default
Loop guard is ena%led on the port
<*5&# sent 3, recei/ed @823
Ch#$ter %
1/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
7ni,irectional 1in' .etection !7.1.%
he lin; bet+een S+itches ? #nd C becomes unidirection#l. S+itch ? c#n
receive tr#((ic (rom S+itch C, but S+itch C c#nnot receive tr#((ic (rom S+itch ?.
Cn the segment bet+een S+itches ? #nd C, S+itch ? is the design#ted bridge
sending the root ?P'Bs #nd S+itch C e-$ects to receive the ?P'Bs.
S+itch C +#its until the m#-5#ge timer 320 seconds4 e-$ires be(ore it t#;es
#ction. When this timer e-$ires, S+itch C moves through the listening #nd
le#rning st#tes #nd then to the (or+#rding st#te. At this moment, both S+itch ?
#nd S+itch C #re (or+#rding to e#ch other #nd there is no bloc;ing $ort in the
net+or;.
Ch#$ter %
"0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
7.1. )o,es
Normal )o,e B'=' detects unidirection#l lin;s due to
misconnected inter(#ces on (iber5o$tic connections. B'='
ch#nges the B'='5en#bled $ort to #n undetermined st#te i(
it sto$s receiving B'=' mess#ges (rom its directly
connected neighbor.
$ggressive )o,e 3Pre(erred4 When # $ort sto$s
receiving B'=' $#c;ets, B'=' tries to reest#blish the
connection +ith the neighbor. A(ter eight (#iled retries, the
$ort st#te ch#nges to the err5dis#ble st#te. Aggressive
mode B'=' detects unidirection#l lin;s due to one5+#y
tr#((ic on (iber5o$tic #nd t+isted5$#ir lin;s #nd due to
misconnected inter(#ces on (iber5o$tic lin;s.
Ch#$ter %
"1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
7.1. Con#ig/ration
B'=' is dis#bled on #ll inter(#ces by de(#ult.
he udld glob#l con(igur#tion comm#nd #((ects (iber5o$tic inter(#ces only.
F udld ena$le en#bles B'=' norm#l mode on #ll (iber inter(#ces.
F udld aggressive en#bles B'=' #ggressive mode on #ll (iber inter(#ces.
he udld port inter(#ce con(igur#tion comm#nd c#n be used (or t+isted5$#ir
#nd (iber inter(#ces.
F o en#ble B'=' in norm#l mode, use the udld port comm#nd. o en#ble B'=' in
#ggressive mode, use the udld port aggressive.
F Bse the no udld port comm#nd on (iber5o$tic $orts to return :control< o( B'=' to
the udld ena$le glob#l con(igur#tion comm#nd or to dis#ble B'=' on non(iber5o$tic
$orts.
F Bse the udld port aggressive comm#nd on (iber5o$tic $orts to override the
setting o( the udld ena$le or udld aggressive glob#l con(igur#tion comm#nd.
Bse the no (orm on (iber5o$tic $orts to remove this setting #nd to return control o(
B'=' en#bling to the udld glob#l con(igur#tion comm#nd or to dis#ble B'=' on
non(iber5o$tic $orts.
Ch#$ter %
"2 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
7.1. Con#ig/ration an, 3eri#ication
Switch(config)# interface giga$itEthernet %/1
Switch(configif)# udld port aggressive
Switch# show udld giga$itEthernet %/1
(nterface Di8/3

*ort ena%le administrati/e configuration setting# Ena%led / in aggressi/e mode

*ort ena%le operational state# Ena%led / in aggressi/e mode
Current %idirectional state# <idirectional
Current operational state# 'd/ertisement Single neigh%or detected
:essage inter/al# 38
Time out inter/al# 8
Entr$ 3

E;piration time# ,7
5e/ice (5# 3
Current neigh%or state# <idirectional
5e/ice name# +)B26,324"3
*ort (5# Di3/3
Neigh%or echo 3 de/ice# +)B26-.'223
Neigh%or echo 3 port# Di8/3
:essage inter/al# 38
Time out inter/al# 8
C5* 5e/ice name# Switch<
Ch#$ter %
"% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1oop 6/ar, vers/s $ggressive )o,e 7.1.
1oop 6/ar, $ggressive )o,e 7.1.
Con(igur#tion Per $ort Per $ort
Action gr#nul#rity Per 7=A@ Per $ort
Auto5recovery Aes Aes, +ith err5dis#ble timeout
(e#ture
Protection #g#inst SP
(#ilures c#used by
unidirection#l lin;s
Aes, +hen en#bled on
#ll root $orts #nd
#ltern#te $orts in
redund#nt to$ology
Aes, +hen en#bled on #ll
lin;s in redund#nt to$ology
Protection #g#inst SP
(#ilures c#used by
$roblem in so(t+#re in
design#ted bridge not
sending ?P'Bs
Aes @o
Protection #g#inst
mis+iring
@o Aes
Ch#$ter %
". 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
0le8 1in's
>le- =in;s is # =#yer 2 #v#il#bility (e#ture
th#t $rovides #n #ltern#tive solution to SP
#nd #llo+s users to turn o(( SP #nd still
$rovide b#sic lin; redund#ncy.
>le- =in;s c#n coe-ist +ith s$#nning tree on
the distribution l#yer s+itchesJ ho+ever, the
distribution l#yer s+itches #re un#+#re o( the
>le- =in;s (e#ture.
>le- =in;s en#bles # convergence time o(
less th#n 10 milliseconds. In #ddition, this
convergence time rem#ins consistent
reg#rdless o( the number o( 7=A@s or *AC
#ddresses con(igured on s+itch u$lin; $orts.
>le- =in;s is b#sed on de(ining #n
#ctiveKst#ndby lin; $#ir on # common #ccess
s+itch. >le- =in;s #re # $#ir o( =#yer 2
inter(#ces, either s+itch$orts or $ort
ch#nnels, th#t #re con(igured to #ct #s
b#c;u$ to other =#yer 2 inter(#ces.
Ch#$ter %
"1 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
0le8 1in's Con#ig/ration Consi,erations
A >le- =in; is con(igured on one =#yer 2 inter(#ce 3the #ctive lin;4 by
#ssigning #nother =#yer 2 inter(#ce #s the >le- =in; or b#c;u$ lin;. When
one o( the lin;s is u$ #nd (or+#rding tr#((ic, the other lin; is in st#ndby
mode, re#dy to begin (or+#rding tr#((ic i( the other lin; shuts do+n. At #ny
given time, only one o( the inter(#ces is in the lin; u$ st#te #nd (or+#rding
tr#((ic. I( the $rim#ry lin; shuts do+n, the st#ndby lin; st#rts (or+#rding
tr#((ic. When the #ctive lin; comes b#c; u$, it goes into st#ndby mode #nd
does not (or+#rd tr#((ic.
>le- =in;s #re su$$orted only on =#yer 2 $orts #nd $ort ch#nnels, not on
7=A@s or on =#yer % $orts.
Cnly one >le- =in; b#c;u$ lin; c#n be con(igured (or #ny #ctive lin;.
An inter(#ce c#n belong to only one >le- =in; $#ir. An inter(#ce c#n be #
b#c;u$ lin; (or only one #ctive lin;. An #ctive lin; c#nnot belong to #nother
>le- =in; $#ir.
SP is dis#bled on >le- =in; $orts. A >le- =in; $ort does not $#rtici$#te in
SP, even i( the 7=A@s $resent on the $ort #re con(igured (or SP.
Ch#$ter %
"" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
0le8 1in's Con#ig/ration an, 3eri#ication
>le-=in;s #re con(igured #t the inter(#ce level +ith the
comm#nd switchport $ackup interface.
!ere +e con(igure #n inter(#ce +ith # b#c;u$ inter(#ce #nd
veri(y the con(igur#tion.
Switch(config)# interface fastethernet1/"/1
Switch(configif)# switchport $ackup interface fastethernet1/"/2
Switch(configif)# end
Switch# show interface switchport $ackup
Switch <ac0up (nterface *airs#
'cti/e (nterface <ac0up (nterface State

+astEthernet3/2/3 +astEthernet3/2/- 'cti/e &p/<ac0up Stand%$
Ch#$ter %
"7 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
STP Best
Practices an,
Tro/bleshooting
Ch#$ter %
"0 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Switching .esign Best Practices
Bse =#yer % connectivity #t the
distribution #nd core l#yers.
Bse P7)S8 or *S. 'o not dis#ble
SP #t the #ccess l#yer. Isol#te
di((erent SP dom#ins in #
multivendor environment.
Bse =oo$ Iu#rd on =#yer 2 $orts
bet+een distribution s+itches #nd on
u$lin; $orts (rom #ccess to
distribution s+itches.
Bse )oot Iu#rd on distribution
s+itches (#cing #ccess s+itches.
Bse Port security, Port>#st, ?P'B
Iu#rd, #nd )oot Iu#rd on #ccess
s+itch $orts (#cing end st#tions.
Bse #ggressive mode B'=' on $orts
lin;ing s+itches.
Ch#$ter %
"/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Potential STP Problems
'u$le- mism#tch
Bnidirection#l lin; (#ilure
>r#me corru$tion
)esource errors
Port>#st con(igur#tion error
Ch#$ter %
70 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
./ple8 )ismatch
Point5to5$oint lin;.
Cne side o( the lin; is m#nu#lly con(igured #s (ull du$le-.
Cther side is using the de(#ult con(igur#tion (or #uto5
negoti#tion.
Ch#$ter %
71 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
7ni,irectional 1in' 0ail/re
>re2uent c#use o( bridge loo$s.
Bndetected (#ilure on # (iber lin; or # $roblem +ith #
tr#nsceiver.
Ch#$ter %
72 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
0rame Corr/ption
I( #n inter(#ce is e-$eriencing # high r#te o( $hysic#l errors,
the result m#y be lost ?P'Bs, +hich m#y le#d to #n
inter(#ce in the bloc;ing st#te moving to the (or+#rding
st#te.
Bncommon scen#rio due to conserv#tive de(#ult SP
$#r#meters.
>r#me corru$tion is gener#lly # result o( # du$le- mism#tch,
b#d c#ble, or incorrect c#ble length.
Ch#$ter %
7% 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"eso/rce 2rrors
SP is $er(ormed by the CPB 3so(t+#re5b#sed4. his
me#ns th#t i( the CPB o( the bridge is over5utili9ed (or #ny
re#son, it might l#c; the resources to send out ?P'Bs.
SP is gener#lly not # $rocessor5intensive #$$lic#tion #nd
h#s $riority over other $rocessesJ there(ore, # resource
$roblem is unli;ely to #rise.
,-ercise c#ution +hen multi$le 7=A@s in P7S8 or
P7)S8 mode e-ist. Consult the $roduct document#tion (or
the recommended number o( 7=A@s #nd SP inst#nces on
#ny s$eci(ic s+itch to #void e-h#usting resources.
Ch#$ter %
7. 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Port0ast Con#ig/ration 2rror
S+itch A h#s Port $1 in the (or+#rding st#te #nd Port $2 con(igured (or
Port>#st. 'evice ? is # hub. Port $2 goes to (or+#rding #nd cre#tes # loo$
bet+een $1 #nd $2 #s soon #s the second c#ble $lugs in to S+itch A. he loo$
ce#ses #s soon #s $1 or $2 receives # ?P'B th#t tr#nsitions one o( these t+o
$orts into bloc;ing mode.
he $roblem +ith this ty$e o( tr#nsient loo$ condition is th#t i( the loo$ing tr#((ic
is intensive, the bridge might h#ve trouble success(ully sending the ?P'B th#t
sto$s the loo$. ?P'B gu#rd $revents this ty$e o( event (rom occurring.
Ch#$ter %
71 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Tro/bleshooting )etho,ology
roubleshooting SP issues c#n be di((icult i( logic#l
troubleshooting $rocedures #re not de$loyed in #dv#nce.
Ccc#sion#lly, rebooting o( the s+itches might resolve the
$roblem tem$or#rily, but +ithout determining the underlying
c#use o( the $roblem, the $roblem is li;ely to return. he
(ollo+ing ste$s $rovide # gener#l overvie+ o( #
methodology (or troubleshooting SP&
Ste$ 1. 'evelo$ # $l#n.
Ste$ 2. Isol#te the c#use #nd correct #n SP $roblem.
Ste$ %. 'ocument (indings.
Ch#$ter %
7" 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 3 S/mmary !%
S$#nning ree Protocol is # (und#ment#l $rotocol to
$revent =#yer 2 loo$s #nd #t the s#me time $rovide
redund#ncy in the net+or;. his ch#$ter covered the b#sic
o$er#tion #nd con(igur#tion o( )SP #nd *S.
,nh#ncements no+ en#ble SP to converge more 2uic;ly
#nd run more e((iciently.
F )SP $rovides (#ster convergence th#n 002.1' +hen to$ology
ch#nges occur.
F )SP en#bles sever#l #ddition#l $ort roles to incre#se the over#ll
mech#nismEs e((iciency.
F show spanning-tree is the m#in (#mily o( comm#nds used to
veri(y )SP o$er#tions.
F *S reduces the encumbr#nce o( P7)S8 by #llo+ing # single
inst#nce o( s$#nning tree to run (or multi$le 7=A@s.
Ch#$ter %
77 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 3 S/mmary !&%
he Cisco SP enh#ncements $rovide robustness #nd resiliency to the
$rotocol. hese enh#ncements #dd #v#il#bility to the multil#yer s+itched
net+or;. hese enh#ncements not only isol#te bridging loo$s but #lso
$revent bridging loo$s (rom occurring. o $rotect SP o$er#tions, sever#l
(e#tures #re #v#il#ble th#t control the +#y ?P'Bs #re sent #nd received&
F ?P'B gu#rd $rotects the o$er#tion o( SP on Port>#st5con(igured $orts.
F ?P'B (iltering $revents ?P'Bs (rom being sent #nd ignores received ?P'Bs +hile
le#ving the $ort in (or+#rding st#te.
F )oot gu#rd $revents root s+itch being elected vi# ?P'Bs received on # root5gu#rd
con(igured $ort.
F =oo$ gu#rd detects #nd dis#bles #n inter(#ce +ith =#yer 2 unidirection#l connectivity,
$rotecting the net+or; (rom #nom#lous SP conditions.
F B'=' detects #nd dis#bles #n inter(#ce +ith unidirection#l connectivity, $rotecting the
net+or; (rom #nom#lous SP conditions.
F In most im$lement#tions, the SP tool;it should be used in combin#tion +ith #ddition#l
(e#tures such #s >le- =in;s.
Ch#$ter %
70 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
1ab 39 Spanning Tree Protocol !STP% .e#a/lt Behavior
1ab 39& )o,i#ying .e#a/lt Spanning Tree Behavior
1ab 393 Per931$N Spanning Tree Behavior
1ab 39: )/ltiple Spanning Tree
Chapter 3 1abs
Ch#$ter %
7/ 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
"eso/rces
Cisco S$#nning ree Protocol Con(igur#tion Iuide&
+++.cisco.comKenKBSKdocsKs+itchesKl#nKc#t#lyst%1"0Kso(t+#reKrele#s
eK12.2L12LseKcomm#ndKre(erenceK%1"0cr.html
Con(iguring *S Con(igur#tion Iuide&
+++.cisco.comKenKBSKdocsKs+itchesKl#nKc#t#lyst%1"0Kso(t+#reKrele#s
eK12.2L12LseKcon(igur#tionKguideKs+st$.html
Cisco C$tion#l S$#nning5ree >e#tures Con(igur#tion
Iuide&
+++.cisco.comKenKBSKdocsKs+itchesKl#nKc#t#lyst%1"0Kso(t+#reKrele#s
eK12.2L12LseKcon(igur#tionKguideKs+mst$.html
+++.cisco.comKenKBSKdocsKs+itchesKl#nKc#t#lyst%1"0Kso(t+#reKrele#s
eK12.2L12LseKcon(igur#tionKguideKs+st$o$t.html
Ch#$ter %
00 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public