Spanning Tree Protocol: STP Timers, Determining your root switch placement + more!

Changing timers on non root switch.. bad idea of course.. Use IOS help for available options and take a moment to read them and be clear on what unit of time is being used.

  • forward-time – 4-30 seconds
  • hello-time – 1-10 seconds
  • max-age – 6-40 seconds

Root Switch Placement

Be specific with command – spanning-tree vlan root command

spanning-tree vlan NUMBER root primary

This will actually change the priority value for this specific VLAN.

Secondary/standby root switch consideration.

spanning-tree vlan NUMBER root secondary

Will change the priority just enough so it doesn’t become the root, but will win in an election process if the primary root switch fails.

When you see 28672 this is an excellent tipoff that the secondary command has been used.

How does it get this new priority using the primary and secondary commands?

  • If greater than 24,576 it sets the priority to 24,576
  • If less that 24,576 will subtract 4096 from the current root switch priority

Topology Change Notification – TCN BPDU

Generated by any switch in the network when a port goes into forwarding mode or into forwarding/learning mode from blocking mode.

This BPDU doesn’t give a lot of detail, it works it way to the root switch, each switch will send an ACK upon receipt of this BPDU. The root responds to the ACK with a bit set for a Topology Change. This indicates to all switches to change the ageing time to whatever the forward delay value is, by default 15 seconds.

How long will the ageing time for the MAC table stay at the Forward Delay value? FORWARD DELAY + MAX AGE, a total of 35 seconds.

Portfast enabled ports cannot result in TCN configuration.

Load Sharing with the port-priority command

We can set the priority of a particular interface to a value with an increment of 16, this is to utilise any blocked ports for other VLANs.

‘show spanning-tree vlan NUMBER’ – Check the Priority value of the interface, set to 128 by default. Anything lower will then be better than a standard interface with a lower interface number. Normally we would just use an Etherchannel to aggregate redundant links and use all available physical interfaces in the bundle.



Spanning Tree Protocol: Root Bridge or not, Path Costs and STP Port States

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Root Bridge only has desg/fwd ports, root ports are only for other switches to reach the root bridge.

Path Cost is local to a port, Root path Cost is overall cost to get to the root switch.

Root Path Cost increments as BPDUs are RECEIVED not SENT, as BPDU passes from switch to switch, the RPC is calculated.

1. Superior BPDU, 2. Lowest RPC, 3. Lowest Sender BID 4. Lowest sender Port ID.

Path Costs Review

  • 10Mbps:100
  • 100Mbps: 19
  • 1Gbps: 4
  • 10Gbps: 1

Physical shortest path is not always the logical shortest path. Always verify link speeds.

Changing a ports path cost

Under physical interface: ‘spanning-tree cost VALUE’

PVST Path Costs modify:

Under physical interface: ‘spanning-tree vlan NUMBER cost VALUE’

DIS/Disabled port state is a port that is admin down. Not officially taking place in STP.


STP Timers

Hello Time = 2 seconds – How often the RB will originate config BPDU.

Forward Delay = 15 seconds – Length of both listening and learning stages.

Maximum Age = 20 seconds – How often switch will retain the superior BPDU before discarding it.

Should always be changed on RB.

Spanning Tree Protocol: BPDU and Root Bridge Election Fundamentals

BPDU and Root Bridge Election Fundamentals

The Source MAC address is the first thing that the switch looks at on incoming frames.

Unknown unicast, broadcast and multicast frames are forwarded out all ports excluding the one that came in on.

Known unicast frames are unicast via the port listed in the MAC address table

Broadcasts traditionally result in more broadcasts, hence a broadcast storm!

Switching loops cause 3 issues, frames don’t reach destination – strain on CPU, wasted bandwidth

BPDUs are sent every 2 seconds to multicast MAC address 01-80-c2-00-00-00


Once root bridge is elected, only RB will originate a CONFIGURATION BPDU, all non root bridge switches will send COPIES only.

BID = 2 byte Priority value and 6 byte MAC address

If a tie in the priority value, then the mac address breaks the tie (Priority and MAC making up the entire BID)

CCNP Revision

Ok so as previously stated I am going to go back to the past and revise all of the routing and switching concepts to NP level. I made a smart a decision a year or so to purchase the excellent CCNP training material from Chris Bryant at Chris teaches with incredible depth and  offers a good prerequisite of knowledge required for the IE. I will try and fit as much as this in as possible over the next few weeks. I am also going to document notes from the training videos so this website will grow into a full on repository of NP/IE concepts.

CCIE Links

Whilst I was surfing this morning I came across a few other CCIE related links that were worth noting: – (This is a brilliant resource from Paul Alexander)

Some videos:

Time to go back..

Ok so I reviewed the check list and left a lot of blanks. The problem is I am scared to commit to being an ‘expert’ at any concept, let alone ones I am good at. I have decided to go back to my CCNP R&S Videos to recap a lot of concepts, then I hopefully can begin to tick those boxes.

Materials Used:

Chris Bryant in my opinion is the best instructor I have come across for video based traning. Jeremy Cioara of CBT Nuggets does enough to open the door on a concept and show you enough to probably get away with it, but Chris Bryant offers far more depth and even quotes a lot of time ‘if you want to get your IE, you want to know this!’

My intention is to catch up on a lot of CCNP concepts, then begin the training for the written exam. I am not sure at this point what materials I will use. We will cross that bridge in time..

Written Exam Topics

Here is the rather long list from Cisco on all concepts you need to know for CCIE Written.
Exam Sections and Sub-task Objectives
1.00 Implement Layer 2 Technologies
1.10 Implement Spanning Tree Protocol (STP)
(a) 802.1d
(b) 802.1w
(c) 802.1s
(d) Loop guard
(e) Root guard
(f) Bridge protocol data unit (BPDU) guard
(g) Storm control
(h) Unicast flooding
(i) Port roles,  failure propagation, and loop guard operation
1.20 Implement VLAN and VLAN Trunking Protocol (VTP)
1.30 Implement trunk and trunk protocols, EtherChannel, and load-balance
1.40 Implement Ethernet technologies
(a) Speed and duplex
(b) Ethernet, Fast Ethernet, and Gigabit Ethernet
(c) PPP over Ethernet  (PPPoE)
1.50 Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
1.60 Implement Frame Relay
(a) Local Management   Interface (LMI)
(b) Traffic shaping
(c) Full mesh
(d) Hub and spoke
(e) Discard eligible   (DE)
1.70 Implement High-Level   Data Link Control (HDLC) and PPP
2.00 Implement IPv4
2.10 Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
2.20 Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
2.30 Implement IPv4 RIP version 2 (RIPv2)
2.40 Implement IPv4 Open Shortest Path First (OSPF)
(a) Standard OSPF areas
(b) Stub area
(c) Totally stubby area
(d) Not-so-stubby-area (NSSA)
(e) Totally NSSA
(f) Link-state  advertisement (LSA) types
(g) Adjacency on a  point-to-point and on a multi-access network
(h) OSPF graceful restart
2.50 Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
(a) Best path
(b) Loop-free paths
(c) EIGRP operations when alternate loop-free paths are available, and when they are not available
(d) EIGRP queries
(e) Manual   summarization and autosummarization
(f) EIGRP stubs
2.60 Implement IPv4 Border Gateway Protocol (BGP)
(a) Next hop
(b) Peering
(c) Internal BorderGateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)
2.70 Implement policy routing
2.80 Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
2.90 Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced features
3.00 Implement IPv6
3.10 Implement IP version 6 (IPv6) addressing and different addressing types
3.20 Implement IPv6 neighbor discovery
3.30 Implement basic IPv6 functionality protocols
3.40 Implement tunneling techniques
3.50 Implement OSPF version 3 (OSPFv3)
3.60 Implement EIGRP version 6 (EIGRPv6)
3.70 Implement filtering and route redistribution
4.00 Implement MPLS Layer 3 VPNs
4.10 Implement   Multiprotocol Label Switching (MPLS)
4.20 Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer edge (CE) routers
4.30 Implement virtual   routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
5.00 Implement IP Multicast
5.10 Implement Protocol Independent Multicast (PIM) sparse mode
5.20 Implement Multicast Source Discovery Protocol (MSDP)
5.30 Implement interdomain multicast routing
5.40 Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and   bootstrap router (BSR)
5.50 Implementmulticast tools, features, and source-specific multicast
5.60 Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery (MLD)
6.00 Implement Network   Security
6.01 Implement access lists
6.02 Implement Zone Based Firewall
6.03 Implement Unicast Reverse Path Forwarding (uRPF)
6.04 Implement IP Source Guard
6.05 Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not required, only the client-side (IOS) is configured)
6.06 Implement Control Plane Policing (CoPP)
6.07 Implement Cisco IOS Firewall
6.08 Implement Cisco IOS Intrusion Prevention System (IPS)
6.09 Implement Secure Shell (SSH)
6.10 Implement 802.1x
6.11 Implement NAT
6.12 Implement routing protocol authentication
6.13 Implement device access control
6.14 Implement security features
7.00 Implement Network   Services
7.10 Implement Hot Standby Router Protocol (HSRP)
7.20 Implement Gateway Load Balancing Protocol (GLBP)
7.30 Implement Virtual Router Redundancy Protocol (VRRP)
7.40 Implement Network Time Protocol (NTP)
7.50 Implement DHCP
7.60 Implement Web Cache Communication Protocol (WCCP)
8.00 Implement Quality of   Service (QoS)
8.10 Implement Modular QoS CLI (MQC)
(a) Network-Based Application Recognition (NBAR)
(b) Class-based weighted fair queuing (CBWFQ),  modified deficit round robin (MDRR), and low latency queuing (LLQ)
(c) Classification
(d) Policing
(e) Shaping
(f) Marking
(g) Weighted random early detection (WRED) and random early detection (RED)
(h) Compression
8.20 Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
8.30 Implement link fragmentation and interleaving (LFI) for Frame Relay
8.40 Implement generic traffic shaping
8.50 Implement Resource Reservation Protocol (RSVP)
8.60 Implement Cisco AutoQoS
9.00 Troubleshoot a  Network
9.10 Troubleshoot complex Layer 2 network issues
9.20 Troubleshoot complex Layer 3 network issues
9.30 Troubleshoot a network in response to application problems
9.40 Troubleshoot network services
9.50 Troubleshoot network security
10.00 Optimize the Network
10.01 Implement syslog and local logging
10.02 Implement IP Service Level Agreement SLA
10.03 Implement NetFlow
10.04 Implement SPAN, RSPAN, and router IP traffic export (RITE)
10.05 Implement Simple Network Management Protocol (SNMP)
10.06 Implement Cisco IOS Embedded Event Manager (EEM)
10.07 Implement Remote Monitoring (RMON)
10.08 Implement FTP
10.09 Implement TFTP
10.10 Implement TFTP server   on router
10.11 Implement  Secure Copy Protocol (SCP)
10.12 Implement HTTP and   HTTPS
10.13 Implement Telnet
11.00 Evaluate proposed changes to a Network
11.01 Evaluate interoperability of proposed technologies against deployed technologies
(a) Changes to routing protocol parameters
(b) Migrate parts of a network to IPv6
(c) Routing Protocol migration
(d) Adding multicast support
(e) Migrate spanning tree protocol
(f) Evaluate impact of new traffic on existing QoS design
11.02 Determine operational impact of proposed changes to an existing network
(a) Downtime of network or portions of network
(b) Performance degradation
(c) Introducing security breaches
11.03 Suggest Alternative solutions when incompatible changes are proposed to an existing network
(a) Hardware/Software upgrades
(b) Topology shifts
(c) Reconfigurations