Spanning Tree Protocol: Extended System ID Feature

IEEE 802.1t Extends the number of STP instances that can be supported by switch.

1025 – 4096 VLANS max

12.1(8)EA IOS

sys-id-ext – NUMBER – This is the VLAN number which is always added to the priority value


Spanning Tree Protocol: STP Timers, Determining your root switch placement + more!

Changing timers on non root switch.. bad idea of course.. Use IOS help for available options and take a moment to read them and be clear on what unit of time is being used.

  • forward-time – 4-30 seconds
  • hello-time – 1-10 seconds
  • max-age – 6-40 seconds

Root Switch Placement

Be specific with command – spanning-tree vlan root command

spanning-tree vlan NUMBER root primary

This will actually change the priority value for this specific VLAN.

Secondary/standby root switch consideration.

spanning-tree vlan NUMBER root secondary

Will change the priority just enough so it doesn’t become the root, but will win in an election process if the primary root switch fails.

When you see 28672 this is an excellent tipoff that the secondary command has been used.

How does it get this new priority using the primary and secondary commands?

  • If greater than 24,576 it sets the priority to 24,576
  • If less that 24,576 will subtract 4096 from the current root switch priority

Topology Change Notification – TCN BPDU

Generated by any switch in the network when a port goes into forwarding mode or into forwarding/learning mode from blocking mode.

This BPDU doesn’t give a lot of detail, it works it way to the root switch, each switch will send an ACK upon receipt of this BPDU. The root responds to the ACK with a bit set for a Topology Change. This indicates to all switches to change the ageing time to whatever the forward delay value is, by default 15 seconds.

How long will the ageing time for the MAC table stay at the Forward Delay value? FORWARD DELAY + MAX AGE, a total of 35 seconds.

Portfast enabled ports cannot result in TCN configuration.

Load Sharing with the port-priority command

We can set the priority of a particular interface to a value with an increment of 16, this is to utilise any blocked ports for other VLANs.

‘show spanning-tree vlan NUMBER’ – Check the Priority value of the interface, set to 128 by default. Anything lower will then be better than a standard interface with a lower interface number. Normally we would just use an Etherchannel to aggregate redundant links and use all available physical interfaces in the bundle.


Spanning Tree Protocol: Root Bridge or not, Path Costs and STP Port States

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Root Bridge only has desg/fwd ports, root ports are only for other switches to reach the root bridge.

Path Cost is local to a port, Root path Cost is overall cost to get to the root switch.

Root Path Cost increments as BPDUs are RECEIVED not SENT, as BPDU passes from switch to switch, the RPC is calculated.

1. Superior BPDU, 2. Lowest RPC, 3. Lowest Sender BID 4. Lowest sender Port ID.

Path Costs Review

  • 10Mbps:100
  • 100Mbps: 19
  • 1Gbps: 4
  • 10Gbps: 1

Physical shortest path is not always the logical shortest path. Always verify link speeds.

Changing a ports path cost

Under physical interface: ‘spanning-tree cost VALUE’

PVST Path Costs modify:

Under physical interface: ‘spanning-tree vlan NUMBER cost VALUE’

DIS/Disabled port state is a port that is admin down. Not officially taking place in STP.


STP Timers

Hello Time = 2 seconds – How often the RB will originate config BPDU.

Forward Delay = 15 seconds – Length of both listening and learning stages.

Maximum Age = 20 seconds – How often switch will retain the superior BPDU before discarding it.

Should always be changed on RB.

Spanning Tree Protocol: BPDU and Root Bridge Election Fundamentals

BPDU and Root Bridge Election Fundamentals

The Source MAC address is the first thing that the switch looks at on incoming frames.

Unknown unicast, broadcast and multicast frames are forwarded out all ports excluding the one that came in on.

Known unicast frames are unicast via the port listed in the MAC address table

Broadcasts traditionally result in more broadcasts, hence a broadcast storm!

Switching loops cause 3 issues, frames don’t reach destination – strain on CPU, wasted bandwidth

BPDUs are sent every 2 seconds to multicast MAC address 01-80-c2-00-00-00


Once root bridge is elected, only RB will originate a CONFIGURATION BPDU, all non root bridge switches will send COPIES only.

BID = 2 byte Priority value and 6 byte MAC address

If a tie in the priority value, then the mac address breaks the tie (Priority and MAC making up the entire BID)