Home > STP Questions

STP Questions

April 25th, 2015 in SWITCH 300-115 Go to comments

Question 1

Explanation

If we want to view the spanning-tree status of a specific VLAN, use the “spanning-tree vlan ” command. An example of the output of this command is shown below:

show_spanning-tree_vlan_30.jpg

Question 2

Explanation

SW3 needs to block one of its ports to SW2 to avoid a bridging loop between the two switches. But how does SW3 select its blocked port? Well, the answer is based on the BPDUs it receives from SW2. A BPDU is superior than another if it has:
1. A lower Root Bridge ID
2. A lower path cost to the Root
3. A lower Sending Bridge ID
4. A lower Sending Port ID

These four parameters are examined in order. In this specific case, all the BPDUs sent by SW2 have the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). The lower value of port priority, the higher priority that port has. Therefore we must change the port-priority on F1/1 to a lower value than that of Fa1/0. Zero is the lowest value we can assign to a port so we can assign this value to SW2 F1/1 and configure a higher value on Fa1/0. This is the command to complete this task:

SW2(config)#interface f1/1
SW2(config-if)#spanning-tree vlan port-priority 0

Note: If we don’t change the port priority, SW3 will compare port index values, which are unique to each port on the switch, and because Fa1/0 is inferior to Fa1/1, SW3 will select Fa1/0 as its root port and block the other port.

Question 3

Explanation

After powered on, the switches start sending BPDUs to elect a root bridge. A BPDU is superior than another if it has:

1. A lower Root Bridge ID
2. A lower path cost to the Root
3. A lower Sending Bridge ID
4. A lower Sending Port ID

From the output above, we learn that SW1 is the root bridge for VLAN 1 (from “this bridge is the root” line). SW1 has the “Bridge ID Priority” of 1 because SW1 has been configured with switch priority value of 0, which is also the lowest priority value (highest priority). This value is then added with the VLAN ID (VLAN 1 in this case) so the final value is 1.

Question 4

Explanation

After receiving BPDUs from upstream bridges, the switch add the STP cost of that port and choose the lowest value as its root port -> the STP cost of Fa0/21 is smallest so it is chosen as root port.

Question 5

Explanation

Portfast is often configured on switch ports that connect to hosts. Interfaces with Portfast enabled will go to forwarding state immediately without passing the listening and learning state. Therefore it can save about 30 to 45 seconds to transition through these states. To enable this feature, configure this command under interface mode:

Switch(config-if)#spanning-tree portfast

Question 6

Explanation

The “spanning-tree portfast bpdufilter default” command enables BPDU filtering on Portfast-enabled interfaces. This command prevents interfaces that are in a Portfast-operational state from sending BPDUs. If a BPDU is received on a Port Fast-enabled interface, the interface loses its Portfast-operational status, and BPDU filtering is disabled.

In conclusion, above command only affects ports that were configured with Portfast. It prevents these ports from sending BPDUs (notice that Portfast interfaces still send BPDUs) but the funny thing is that if it receives a BPDU, it will disable BPDU filtering and Portfast features.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html#wp1046220

Question 7

Explanation

Root guard does not allow the port to become a STP root port, so the port is always STP-designated. If a better BPDU arrives on this port, root guard does not take the BPDU into account and elect a new STP root. Instead, root guard puts the port into the root-inconsistent STP state which is equal to a listening state. No traffic is forwarded across this port.

Below is an example of where to configure Root Guard on the ports. Notice that Root Guard is always configure on designated ports.

Root_Guard_Location.jpg

To configure Root Guard use this command:

Switch(config-if)# spanning-tree guard root

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10588-74.html

Question 8

Explanation

Although RSTP was configured on all ports but only edge-ports allow to run RSTP. RSTP cannot work on a trunk port. If we try to configure RSTP on a trunk port (support Fa0/24) we will receive this message:

%Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc… to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION

%Portfast has been configured on FastEthernet0/24 but will only have effect when the interface is in a non-trunking mode.

Question 9

Explanation

UplinkFast is a Cisco specific feature that improves the convergence time of the Spanning-Tree Protocol (STP) in the event of the failure of an uplink. The UplinkFast feature is designed to run in a switched environment when the switch has at least one alternate/backup root port (port in blocking state), that is why Cisco recommends that UplinkFast be enabled only for switches with blocked ports, typically at the access-layer.

For example in the topology below:

STP_simple.jpg

Suppose S1 is the root bridge in the topology above. S3 is connected to S1 via two paths: one direct path and another goes through S2. Suppose the port directly connected to S1 is root port -> port connected to S2 will be in Blocking state. If the primary link goes down, the blocked port will need about 50 seconds to move from Blocking -> Listening -> Learning -> Forwarding to be used.

To shorten the downtime, a feature called Uplink Fast can be used. When the primary (root) link fails, another blocked link can be brought up immediately for use. When UplinkFast is enabled, it is enabled for the entire switch and all VLANs. It cannot be enabled for individual VLANs.

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10575-51.html

Question 10

Explanation

Every non-root bridge needs to elect a root port. The election of root port is as follows:

1) Based on lowest cost path to the root bridge
2) Then based on lowest upstream Bridge ID (Bridge ID = Bridge Priority + MAC)
3) Then based on lowest upstream Port ID (Port ID = Port Priority + Port Index)

Therefore we can use STP cost and port-priority to select the root port.

Question 11

Explanation

Portfast is often configured on switch ports that connect to hosts. Interfaces with Portfast enabled will go to forwarding state immediately without passing the listening and learning state. Therefore it can save about 30 to 45 seconds to transition through these states. To enable this feature, configure this command under interface mode:

Switch(config-if)#spanning-tree portfast

Question 12

Explanation

BPDUFilter is designed to suppress the sending and receiving of BPDUs on an interface. There are two ways of configuring BPDUFilter: under global configuration mode or under interface mode but they have subtle difference.

If BPDUFilter is configured globally via this command:

Switch(config)#spanning-tree portfast bpdufilter default

BPDUFilter will be enabled on all PortFast-enabled interfaces and will suppress the interface from sending or receiving BPDUs. This is good if that port is connected to a host because we can enable PortFast on this port to save some start-up time while not allowing BPDU being sent out to that host. Hosts do not participate in STP and hence drop the received BPDUs. As a result, BPDU filtering prevents unnecessary BPDUs from being transmitted to host devices.

If BPDUFilter is configured under interface mode like this:

Switch(config-if)#spanning-tree bpdufilter enable

It will suppress the sending and receiving of BPDUs. This is the same as disabling spanning tree on the interface. This choice is risky and should only be used when you are sure that port only connects to host devices.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html

Question 13

Explanation

The “spanning-tree portfast bpdufilter default” command is configured under global configuration mode. To stop receiving unwanted BPDUs (for easier troubleshooting), he can issue the “spanning-tree portfast bpdufilter default” under global configuration mode. This will enable BPDUFilter on all PortFast-enabled interfaces and will suppress the interface from sending or receiving BPDUs. This is good if that port is connected to a host because we can enable PortFast on this port to save some start-up time while not allowing BPDU being sent out to that host. Hosts do not participate in STP and hence drop the received BPDUs. As a result, BPDU filtering prevents unnecessary BPDUs from being transmitted to host devices.

Question 14

Question 15

Explanation

If there are more than one connection between two switches, STP will automatically block one of them to prevent a loop. In particular, STP will block the link with higher priority value. Therefore if we want to force traffic to the secondary link we can lower the priority of the secondary link. For example:

Switch(config-if)#spanning-tree port-priority 48

Remember for switch (Layer 2 device), lower value is preferred over higher value. For router (Layer 3 device), higher value is preferred over lower value.

Question 16

Explanation

Spanning Tree Protocol elects a root bridge based on the Bridge IDs. The root bridge is the bridge with the lowest bridge ID. And Bridge ID = Bridge Priority + MAC Address. Therefore to prevent a switch from becoming the root bridge we can adjust STP priority to the maximum value.

Comments
Comment pages
1 2 782
  1. HunterX
    March 15th, 2017

    does anyone have latest VCE player on hand?
    really appreciate if you share.

Comment pages
1 2 782
  1. No trackbacks yet.