CCNA 200-301 Chapter 2 Network Access Lab 021 Configure and Verify Rapid PVST+
Watch Full Demo on YouTube:
Lab Objective:
The objective of this lab is to understand, configure, and verify the Rapid Per-VLAN Spanning Tree Plus (Rapid PVST+) protocol in a network environment.
Rapid PVST+ is an enhancement of the original PVST protocol, providing faster convergence and improved network performance.
By the end of this lab, you will be able to configure Rapid PVST+, verify its operation, and understand its benefits in managing network loops and optimizing network performance.
Lab Topology:
Equipment Required:
- 3 x Layer3 Cisco switch (e.g., WS-C3650-24PS)
- 4 x PCs or laptops with Ethernet ports
- 2 x Servers with Ethernet ports
- Console Cable
- Ethernet Cable for connections between devices
- Computer with Terminal emulation software e.g. PuTTY
IPv4 Address Table:
A. Switch VLAN Table:
| Device Name | Interface ID | Interface Mode | Allowed VLANs |
| Switch1 | FastEthernet0/1 | Access | 10 |
| Switch1 | FastEthernet0/2 | Access | 20 |
| Switch1 | GigabitEthernet0/1 | Trunk | 10, 20 |
| Switch1 | FastEthernet0/1 | Trunk | 10, 20 |
| Switch1 | FastEthernet0/2 | Trunk | 10, 20 |
| Switch2 | FastEthernet0/1 | Access | 10 |
| Switch2 | FastEthernet0/2 | Access | 20 |
| Switch2 | GigabitEthernet0/1 | Trunk | 10, 20 |
| Switch2 | GigabitEthernet0/2 | Trunk | 10, 20 |
| Switch3 | FastEthernet0/1 | Access | 10 |
| Switch3 | FastEthernet0/2 | Access | 20 |
| Switch3 | GigabitEthernet0/2 | Trunk | 10, 20 |
| Switch3 | FastEthernet0/1 | Trunk | 10, 20 |
| Switch3 | FastEthernet0/2 | Trunk | 10, 20 |
B. Hosts IP Address Table:
| Device Name | Interface ID | IPv4 Address | Subnet-Mask | VLAN |
| PC1 | Fa0 | 192.168.10.100 | 255.255.255.0 | 10 |
| PC2 | Fa0 | 192.168.20.100 | 255.255.255.0 | 20 |
| PC3 | Fa0 | 192.168.10.101 | 255.255.255.0 | 10 |
| PC4 | Fa0 | 192.168.20.101 | 255.255.255.0 | 20 |
| Server1 | Fa0 | 192.168.10.200 | 255.255.255.0 | 10 |
| Server2 | Fa0 | 192.168.20.200 | 255.255.255.0 | 20 |
List of Command Summary:
| Command | Command Description |
| enable | enters privileged EXEC mode. |
| configure terminal | enters global configuration mode from privileged EXEC mode. |
| hostname [hostname] | assign a device name to router. |
| show interfaces status | provides a summary of the current status of all interfaces on a Cisco switch. This command displays important information about each interface, including: Port: The interface identifier (e.g., Gi1/0/1). Name: The name or description assigned to the interface, if any. Status: The operational status of the interface (e.g., connected, notconnect, err-disabled). Vlan: The VLAN that the interface is assigned to. Duplex: The duplex mode of the interface (e.g., full, half, auto). Speed: The speed of the interface (e.g., 10, 100, 1000 Mbps, auto). Type: The type of interface (e.g., 10/100/1000BaseTX, SFP). This command is useful for quickly assessing the operational state and configuration details of all interfaces on the switch. |
| show spanning-tree summary | provides a summary of the Spanning Tree Protocol (STP) status and configuration on a Cisco switch. This command displays key information including: Switch STP Mode: The mode of STP running on the switch (e.g., PVST, RPVST+). Total Number of VLANs: The number of VLANs for which STP is active. Root Bridge Information: Indicates whether the switch is the root bridge for any VLAN. PortFast: Number of ports configured for PortFast. UplinkFast and BackboneFast: Status and configuration of UplinkFast and BackboneFast. BPDU Guard, BPDU Filter, Loop Guard: The number of ports configured with BPDU Guard, BPDU Filter, and Loop Guard. PVST Instances: Number of Per-VLAN spanning tree instances running. This command is useful for obtaining a high-level overview of the spanning tree configuration and status on the switch, helping network administrators quickly assess STP settings and potential issues. |
| show spanning-tree | provides detailed information about the Spanning Tree Protocol (STP) configuration and status for each VLAN on a Cisco switch. This command displays comprehensive data including: VLAN ID: The VLAN for which STP information is being displayed. Root Bridge Information: The bridge ID, priority, and MAC address of the root bridge. Local Bridge Information: The bridge ID, priority, and MAC address of the local switch. Timers: The hello time, max age, and forward delay timers. Port Information: For each interface, it shows: Port ID: The port identifier. Role: The port’s role in the spanning tree (e.g., root, designated, alternate). Status: The current state of the port (e.g., forwarding, blocking, learning). Cost: The path cost to the root bridge via this port. Port Priority: The priority assigned to the port. Type: The type of connection (e.g., point-to-point, edge). This command is essential for diagnosing and troubleshooting STP-related issues, as it provides a detailed view of the spanning tree topology, including root bridge selection, port roles, and states across the network. |
| show spanning-tree vlan [VLAN ID] | provides detailed information about the Spanning Tree Protocol (STP) status and configuration specifically for the specified VLAN on a Cisco switch. This command displays detailed data including: VLAN ID: The VLAN for which the STP information is being displayed. Root Bridge Information: The bridge ID, priority, and MAC address of the root bridge, including the root port and the root path cost. Local Bridge Information: The bridge ID, priority, and MAC address of the local switch, along with timers (hello time, max age, and forward delay). Port Information: For each interface in the specified VLAN, it shows: Port ID: The port identifier. Role: The port’s role in the spanning tree (e.g., root, designated, alternate). Status: The current state of the port (e.g., forwarding, blocking, learning). Cost: The path cost to the root bridge via this port. Port Priority: The priority assigned to the port. Type: The type of connection (e.g., point-to-point, edge). This command is useful for obtaining a focused view of the STP status for a specific VLAN, aiding in detailed troubleshooting and verification of STP operations within that VLAN. |
| show spanning-tree active | provides information about the active Spanning Tree Protocol (STP) instances on a Cisco switch. This command displays data specifically for VLANs where STP is actively running and provides key details including: VLAN ID: The VLANs for which STP is active. Root Bridge Information: The bridge ID, priority, and MAC address of the root bridge for each active VLAN. Local Bridge Information: The bridge ID, priority, and MAC address of the local switch for each active VLAN. Port Information: For each interface involved in the active STP instances, it shows: Port ID: The port identifier. Role: The port’s role in the spanning tree (e.g., root, designated, alternate) for each active VLAN. Status: The current state of the port (e.g., forwarding, blocking, learning) for each active VLAN. Cost: The path cost to the root bridge via this port for each active VLAN. This command is useful for quickly identifying and examining the STP status for VLANs where STP is actively managing the network topology, helping network administrators to diagnose and resolve potential issues more efficiently. |
| show spanning-tree interface [interface_id] | provides detailed Spanning Tree Protocol (STP) information for a specific interface on a Cisco switch. This command displays comprehensive data for the specified interface, including: Interface ID: The identifier of the interface for which STP information is being displayed. Port ID: The port identifier within the STP topology. Role: The port’s role in the spanning tree (e.g., root, designated, alternate). Status: The current state of the port (e.g., forwarding, blocking, learning). Cost: The path cost associated with the port to reach the root bridge. Priority: The priority assigned to the port. Type: The type of connection (e.g., point-to-point, edge). Designated Bridge and Port: The bridge ID and port ID of the designated bridge for the segment connected to this port. Timers: STP timers such as forward delay, max age, and hello time relevant to the interface. This command is particularly useful for troubleshooting and verifying STP behaviour and configuration on a specific interface, allowing network administrators to pinpoint issues related to STP on that port. |
| show spanning-tree detail | provides comprehensive and detailed information about the Spanning Tree Protocol (STP) configuration and status for all VLANs on a Cisco switch. This command displays extensive data including: VLAN Information: Detailed STP information for each VLAN, including the VLAN ID. Root Bridge Information: The bridge ID, priority, and MAC address of the root bridge for each VLAN. Local Bridge Information: The bridge ID, priority, and MAC address of the local switch for each VLAN, including STP timers (hello time, max age, forward delay). Port Information: For each port involved in the STP topology, it shows: Port ID: The port identifier. Role: The port’s role in the spanning tree (e.g., root, designated, alternate). Status: The current state of the port (e.g., forwarding, blocking, learning). Cost: The path cost to the root bridge via this port. Priority: The priority assigned to the port. Type: The type of connection (e.g., point-to-point, edge). Designated Bridge and Port: The bridge ID and port ID of the designated bridge for the segment connected to this port. Port Timers: Specific STP timers for each port. BPDU Information: Details about the BPDUs (Bridge Protocol Data Units) sent and received on each port. This command is extremely useful for in-depth troubleshooting and verification of STP configurations and operations, as it provides exhaustive details about the STP topology and behaviour across the entire switch. |
| show spanning-tree inconsistentports | provides information about ports on a Cisco switch that have been placed in an inconsistent state by the Spanning Tree Protocol (STP). This can occur due to various STP inconsistencies, such as those detected by the Root Guard feature. The command displays the following key details: Port ID: The identifier of the port that is in an inconsistent state. VLAN: The VLAN(s) associated with the inconsistent port. Inconsistent State Reason: The reason why the port is considered inconsistent (e.g., Root Inconsistent, Loop Inconsistent). Inconsistent Ports: A list of ports that are currently blocked or placed in an inconsistent state due to spanning tree protection mechanisms. This command is useful for identifying and troubleshooting ports that have been disabled by STP features like Root Guard or Loop Guard, helping network administrators to correct issues that could lead to network loops or topology changes. |
| show spanning-tree root | displays detailed information about the Spanning Tree Protocol (STP) root bridge configuration on a Cisco switch. This command provides essential details including: Root ID: The bridge ID (BID) of the current root bridge. Priority: The bridge priority value configured for the root bridge. Address: The MAC address of the root bridge. Root Path Cost: The cumulative cost to reach the root bridge from the local switch. Bridge ID: The bridge ID (BID) of the local switch. Priority: The bridge priority value configured for the local switch. Address: The MAC address of the local switch. Bridge Address: The MAC address of the local switch. Root Port: The interface that provides the least cost path to the root bridge. Root Cost: The cost of the path to the root bridge via the root port. Root Port Type: The type of the root port (e.g., P2p for point-to-point). This command is useful for verifying the current root bridge status and configuration on a switch, allowing network administrators to ensure that the STP root bridge is correctly designated and configured to provide optimal network connectivity and redundancy |
| spanning-tree vlan [vlan_id] priority [value] | used in Cisco IOS to manually set the priority value for a specific VLAN in Spanning Tree Protocol (STP) configuration. Here’s the command description: Command Description: spanning-tree vlan [vlan_id] priority [value] vlan_id: Specifies the VLAN ID for which you want to configure the STP priority. This can range from 1 to 4094, depending on the switch platform and configuration. value: Specifies the STP priority value for the specified VLAN. The priority value ranges from 0 to 61440 in increments of 4096. Lower priority values indicate a higher priority. For example, a priority value of 4096 is higher than 8192. Purpose: This command allows network administrators to manually adjust the STP priority for a specific VLAN. Setting a lower priority value for a VLAN increases the likelihood that a switch within that VLAN will be selected as the root bridge. This can be useful in network design scenarios where control over the STP root bridge placement is desired to optimize network performance or traffic paths. |
| spanning-tree mode rapid-pvst | used in Cisco IOS to configure the Spanning Tree Protocol (STP) mode to Rapid PVST+ (Per-VLAN Spanning Tree Plus). Here’s the command description: Command Description: spanning-tree mode rapid-pvst rapid-pvst: Rapid PVST+ is an enhancement of the original PVST+ (Per-VLAN Spanning Tree Plus) protocol, which supports rapid convergence of spanning tree instances on a per-VLAN basis. Purpose: This command enables Rapid PVST+ mode on a Cisco switch, which offers the following benefits over traditional STP: Rapid Convergence: Rapid PVST+ uses Rapid Spanning Tree Protocol (RSTP) enhancements to achieve faster convergence times compared to the older STP variants. Per-VLAN Configuration: Each VLAN has its own spanning tree instance, allowing for independent spanning tree topologies and faster convergence in case of topology changes within a specific VLAN. |
| show vlan brief | used on Cisco switches to display a summary of VLAN information. When you enter this command in the CLI interface of a Cisco switch, it provides a concise overview of the VLAN configuration on the switch. This includes details such as the VLAN ID, name, and interface membership status. The output of this command is often used to quickly verify the VLAN configuration and interface assignments on the switch. |
| ipconfig /all | used in Windows operating systems to display detailed information about all network interfaces and their configurations. |
| no shutdown | enables an interface. |
| show running-config | save the running configuration to the startup-configuration file. |
| show running-config | section interface GigabitEthernet0/* | used to display the configuration details of a specific GigabitEthernet interface (interface GigabitEthernet0/) within the running configuration of a Cisco device. This command allows you to view the configuration settings related to the specified interface only, filtering out other configuration sections. It provides a focused view of the configuration parameters associated with the specified interface, including its IP address, VLAN membership, trunking settings, and any other relevant configuration details. The asterisk (*) is a wildcard character that matches any character or sequence of characters. In this context, it is used to match any subinterface under GigabitEthernet0. |
| show running-config | section interface FastEthernet0/1$ | The “show running-config | section interface FastEthernet0/1$” command is similar to the previous one, but it focuses specifically on the FastEthernet0/1 interface. The “$” symbol at the end of the interface name indicates that the command will match only the interface that ends with “FastEthernet0/1”. This command is helpful when you want to view the configuration details of a specific FastEthernet interface without displaying configurations for other interfaces. |
| copy running-config startup-config | used to save the currently running configuration (stored in the RAM) to the startup configuration (stored in the NVRAM) |
| end | exit configuration mode. |
| exit | exits one level in the menu structure command. |
Lab Task:
- Verify current configuration
- Check the VLAN database matches the Switch VLAN Table
- Check connectivity between each PC from the same VLAN
- Determine the type of Spanning Tree that is used by the Switch by default.
- Discover and verify the Root Bridge for both VLANs 10 and 20:
- Issue the appropriate command to display STP parameters for all VLANs. Which Switch has been elected as the Root Bridge for VLAN10 and VLAN20? Explain the reason behind the Root Bridge election?
- What is the Priority of the Root Bridge?
- What is the BID of the Root Bridge?
- What is the MAC address of the Root Bridge?
- Define the Port Role across all Switches. On Switch2 why port GigabitEthernet0/1 is the Root port? On Switch3 why port GigabitEthernet0/2 is the Root port even though it is one Switch away to reach to the Root Bridge, why not any of these ports Fa0/10 or Fa0/11?
- Define the Port Priority for each port? How did the Switch create the value?
- Define the Port Status across all Switches.
- Define the cost for each interface across all Switches. How the Switch determined the cost of each interface?
- What is the Port Type based on the output you see from the Switch? What are other Types that STP uses?
- Force Switch3 to become the Root Bridge for VLAN20:
- Issue the appropriate command to force Switch3 to become the Root Bridger, please use a priority value of 8,192. What other command you can use to enforce Switch3 become the Root Bridge without using the priority value option?
- Wait for the network to converge and then verify your configuration by determining Switch3 is the Root Bridge.
- Configure PVST+ mode:
- Verify that PC1 is still able to ping PC3 and PC2 is able to ping PC4. In addition, verify that PC1 and PC3 are able to reach Server1. Similarly with PC2 and PC4 are able to reach Server2.
- Save your configuration
- If the ping is successful then go ahead and save the configuration. Else, use the troubleshoot steps below:
- Check VLAN configuration on each Switch
- Verify each port assignments to the VLAN in question
- Ensure Trunk links are properly configured
- Verify IP addressing and routing if applicable
- Verify Physical Connectivity
- Check Interface Configuration
- Verify EtherChannel Configuration
- Check Spanning Tree Protocol (STP):
- Verify STP Status
- Identify the Root Bridge
- Check Port Roles and States
- Analyse Path Cost
- Check BPDU Flow, you can use this command “debug spanning-tree bpdu”
- Inspect PortFast and BPDU Guard Configuration
- Verify Load Balancing, you can use this command “show spanning-tree active”
- Recalculate Spanning Tree. If necessary, force a recalculation of the spanning tree.
- Examine EtherChannel Status
- Perform Basic Connectivity Tests
- Review Log Messages
Lab Solution:
1- Verify current configuration
a. Check the VLAN database matches the Switch VLAN Table
We can issue the following command to verify the VLANs mapping:
“show vlan brief”
In addition you can issue the following command to verify Interface Mode as per Switch VLAN Table
“show interfaces status”
b. Check connectivity between each PC from the same VLAN
Initiate ping from PC1 to PC3 and Server1:
Initiate a ping from PC2 to PC4 and Server2:
2- Determine the type of Spanning Tree that is used by the Switch by default.
You can determine the STP type by issuing the following command:
“show spanning-tree summary”
From the output shown above across all Switches we can determine that the default STP Type is PVST across all Switches.
PVST enhances the traditional Spanning Tree Protocol by allowing multiple spanning tree instances, one for each VLAN. This enables better load balancing, improved network performance, and greater fault tolerance, making it a preferred choice in Cisco-based networks.
3- Discover and verify the Root Bridge for both VLANs 10 and 20:
a. Issue the appropriate command to display STP parameters for all VLANs. Which Switch has been elected as the Root Bridge for VLAN10 and VLAN20? Explain the reason behind the Root Bridge election?
We can use this command to display STP parameters for all VLANs
“show spanning-tree” however this command will list all Spanning Tree Instances Per VLAN which can be overwhelming to the administrator as there will be so much output depending on the number of VLANs configured on the device.
On the other hand we can use the same command but we will need to add the VLAN ID to display only the spanning tree instance we after. As shown below:
“show spanning-tree vlan 10”
From the output above we can determine that Switch1 is the Root Bridge for VLAN10 and VLAN20.
If we examine the output from the command above, we can see the following on Switch1:
By default, Spanning Tree elects a Root Bridge for the Spanning Tree through a process that involves comparing Bridge IDs. The Bridge ID is a combination of the Bridge Priority and the MAC Address of the Switch. Below is the step-by-step process of how STP elects the Root Bridge:
1) Bridge ID Composition:
Each switch in the network has a unique bridge ID, which consists of two components:
- Bridge Priority: A configurable value (default is 32768).
- MAC Address: The MAC address of the switch.
2) Initial Announcements:
When STP starts, each switch initially assumes it is the root bridge and sends out Bridge Protocol Data Units (BPDUs) containing its own bridge ID as the root bridge ID.
3) BPDU Comparison:
Switches receive BPDUs from their neighbors and compare the root bridge ID in the received BPDU with their own root bridge ID.
The BPDU with the lowest root bridge ID is considered superior.
4) Updating Root Bridge Information:
If a switch receives a BPDU with a lower root bridge ID than its own, it updates its root bridge ID to the one in the received BPDU and forwards this BPDU out of its ports.
If a switch’s own root bridge ID is lower, it continues to advertise its own root bridge ID.
5) Convergence:
This process continues until all switches in the network agree on the switch with the lowest bridge ID as the root bridge.
The switch with the lowest bridge ID becomes the root bridge.
6) Example of the Election Process:
Initial Configuration: - Switch A: Bridge Priority = 32768, MAC Address = 00:11:22:33:44:55
- Switch B: Bridge Priority = 32768, MAC Address = 00:11:22:33:44:66
- Switch C: Bridge Priority = 32768, MAC Address = 00:11:22:33:44:77
Bridge IDs: - Switch A: 32768.00:11:22:33:44:55
- Switch B: 32768.00:11:22:33:44:66
- Switch C: 32768.00:11:22:33:44:77
BPDU Exchange: - All switches send BPDUs with their own bridge ID as the root bridge ID.
- Switch A receives BPDUs from Switch B and Switch C.
- Switch B receives BPDUs from Switch A and Switch C.
- Switch C receives BPDUs from Switch A and Switch B.
Comparison: - Switch A compares its bridge ID with BPDUs from Switch B and Switch C. Since Switch A’s bridge ID is lower than both, it continues to advertise itself as the root bridge.
- Switch B and Switch C compare their bridge IDs with the BPDU from Switch A. They both find that Switch A has a lower bridge ID and update their root bridge ID to that of Switch A.
Convergence: - After a few exchanges, all switches agree that Switch A is the root bridge because it has the lowest bridge ID.
7) Factors Influencing the Election:
Bridge Priority: The default priority is 32768, but it can be manually configured. A lower priority value increases the likelihood of becoming the root bridge.
MAC Address: If two switches have the same priority, the switch with the lower MAC address becomes the root bridge.
b. What is the Priority of the Root Bridge?
Switch1 Priority: 32778
c. What is the BID of the Root Bridge?
Switch1 BID: 32778.000A.F3A2.435A
d. What is the MAC address of the Root Bridge?
Switch1 MAC: 000A.F3A2.435A
e. Define the Port Role across all Switches. On Switch2 why port GigabitEthernet0/1 is the Root port? On Switch3 why port GigabitEthernet0/2 is the Root port even though it is one Switch away to reach to the Root Bridge, why not any of these ports Fa0/10 or Fa0/11?
On Switch1:
All ports are Designated Ports as shown below:
The Designated Port (DP) is the port on a network segment that has the lowest cost path to the root bridge. It is responsible for forwarding traffic toward the root bridge from that segment. Each network segment has one designated port. If two switches have the same path cost to the root bridge, the switch with the lower bridge ID is chosen. If both switches have the same bridge ID, the port with the lower port ID is chosen as the designated port.
On Switch2:
We can see Switch2 has a couple of ports that are Designated Ports those are Fa0/1 and Fa0/2. We can also see that Gig0/1 is the Root Port.
The Root Port (RP) is the port on a network segment that has the lowest cost path to the Root Bridge. It serves as the primary path to the root bridge for the switch and forwards traffic toward the root bridge. Each non-root bridge has one root port. The root bridge does not have a root port.
On Switch3:
We can see that Fa0/1 is a designated port. Gig0/2 is the Root Port
Where these interfaces Fa0/10 and Fa0/11 are Alternate Ports.
The Alternate Port is a port that has an alternative path to the root bridge, different from the path used by the root port. It provides a backup path in case the primary (root) path fails. It does not forward traffic in normal operation. This role is typically found in Rapid Spanning Tree Protocol (RSTP) rather than PVSTP.
On Switch2 why port GigabitEthernet0/1 is the Root port?
Because there are two possible roots to Root Bridge:
- Via Gig0/2: the total cost to get to the Root Bridge is 4 + 19 = 23 (Switch3 to Switch1)
- Via Gig0/1: the total cost to get to the Root Bridge is 4 (Directly connected to the Root Bridge)
The Switch will select port that has the lowest cost which is Gig0/1 in this case.
On Switch3 why port GigabitEthernet0/2 is the Root port even though it is one Switch away to reach to the Root Bridge, why not any of these ports Fa0/10 or Fa0/11?
If we look at the cost of each interface, we will determine why Switch3 has set the role for Gig0/2 as Root Port.
Here is the cost for each port:
- Fa0/10: 19
- Fa0/11: 19
- Gig0/2: 4 + 4 = 8
Based on the cost above we can see that Gig0/2 is the quickest root to the Root Bridge.
f. Define the Port Priority for each port? How did the Switch create the value?
On Switch1:
The ”Prio.Nbr” (Priority.Number) field in the output of the “show spanning-tree vlan 10” command combines two pieces of information: the port priority and the port number. This combination is used in the Spanning Tree Protocol (STP) to make decisions about which ports to select as root ports and designated ports. Let’s break down this field in more detail.
1) Port Priority:
Default Value: The default port priority for STP is 128.
Range: The port priority can range from 0 to 240, in increments of 16.
Function: Port priority is used in the election process to break ties when multiple ports have the same path cost to the root bridge. A lower port priority value is preferred.
2) Port Number:
Description: The port number is simply the identifier of the physical or logical interface on the switch.
Function: The port number is used along with the port priority to create a unique identifier for each port.
3) Port Role Determination
Root Port Selection: Among multiple paths to the root bridge, the path with the lowest cumulative cost is preferred. If there is a tie in path cost, the port priority and port number (Prio.Nbr) are used to determine the root port. The port with the lowest Prio.Nbr value will be chosen.
Designated Port Selection: For each network segment, the port with the lowest cumulative path cost to the root bridge becomes the designated port. If there is a tie, the Prio.Nbr is used to break the tie, with the lower value being preferred.
g. Define the Port Status across all Switches.
Port States in PVSTP:
In addition to the roles, each port in PVSTP can be in one of several states that dictate how the port handles traffic and participates in the spanning tree process:
1) Blocking:
- Function: The port does not forward frames or learn MAC addresses. It only listens for BPDUs to determine the root bridge and topology.
- Purpose: Prevents loops by ensuring there is no forwarding until the port’s role is determined.
2) Listening: - Function: The port listens for BPDUs to ensure there are no loops but does not forward frames or learn MAC addresses.
- Purpose: Ensures the network topology is stable and consistent before moving to the next state.
3) Learning: - Function: The port begins to learn MAC addresses but still does not forward frames.
- Purpose: Prepares to forward frames while continuing to ensure there are no loops.
4) Forwarding: - Function: The port forwards frames and continues to learn MAC addresses.
- Purpose: Normal operation state for active forwarding ports.
5) Disabled: - Function: The port is administratively shut down and does not participate in the spanning tree process.
h. Define the cost for each interface across all Switches. How the Switch determined the cost of each interface?
In the Spanning Tree Protocol (STP), the cost of a path to the root bridge is used to determine the best path that each switch should use to reach the root bridge. The cost is cumulative, meaning that each switch calculates the total cost to the root bridge by summing the costs of each individual link along the path. This cost helps STP decide which ports to block and which to keep forwarding, in order to prevent loops in the network.
Determination of Cost in STP
Default Path Cost Values:
The path cost in STP is determined by the bandwidth of the links between switches. Higher bandwidth links have lower costs, indicating that they are preferred paths. The original IEEE 802.1D standard specified the following default path costs based on link speeds:
- 10 Mbps (Ethernet): Cost = 100
- 100 Mbps (Fast Ethernet): Cost = 19
- 1 Gbps (Gigabit Ethernet): Cost = 4
- 10 Gbps (10 Gigabit Ethernet): Cost = 2
- 100 Gbps: Cost = 1
- 1 Tbps: Cost = 1
These default values were designed to reflect the relative speeds of different types of network links, with faster links having lower costs.
Revised Cost Values (IEEE 802.1t)
The IEEE 802.1t standard introduced a revised set of cost values to better accommodate higher-speed links:
- 10 Mbps (Ethernet): Cost = 2,000,000
- 100 Mbps (Fast Ethernet): Cost = 200,000
- 1 Gbps (Gigabit Ethernet): Cost = 20,000
- 10 Gbps (10 Gigabit Ethernet): Cost = 2,000
- 100 Gbps: Cost = 200
- 1 Tbps: Cost = 20
These revised values are more granular and provide better differentiation for very high-speed links.
How Cost is Calculated
- Individual Link Cost: Each switch port has an associated cost based on its link speed. This is either the default cost or a manually configured cost.
- Cumulative Path Cost: Each switch calculates the cumulative cost to the root bridge by adding the link costs of all links along the path to the root bridge.
i. What is the Port Type based on the output you see from the Switch? What are other Types that STP uses?
STP Port Types:
1) Root Port (RP):
- Description: The root port is the port on a non-root switch that has the lowest path cost to the root bridge. There is only one root port per switch.
- Role: Forwards traffic towards the root bridge.
2) Designated Port (DP): - Description: The designated port is the port on a network segment that has the lowest path cost to the root bridge. There is one designated port per network segment.
- Role: Forwards traffic away from the root bridge and is responsible for forwarding frames onto the segment it is connected to.
3) Alternate Port (AP): - Description: The alternate port is a backup port to the root port. It provides an alternate path to the root bridge if the root port fails.
- Role: In a blocking state under normal conditions to prevent loops but can quickly transition to forwarding if the primary path fails.
4) Backup Port (BP): - Description: The backup port is a backup to the designated port on a network segment where two or more ports are connected to the same segment. It is less commonly used because of the typical star topology of modern networks.
- Role: In a blocking state under normal conditions to prevent loops but can take over if the designated port fails.
5) Disabled Port: - Description: A port that is administratively disabled by the network administrator or is not participating in the spanning tree.
- Role: Does not participate in STP and does not forward traffic
4- Force Switch3 to become the Root Bridge for VLAN20:
a. Issue the appropriate command to force Switch3 to become the Root Bridger, please use a priority value of 8,192. What other command you can use to enforce Switch3 become the Root Bridge without using the priority value option?
We can issue this command to enforce Switch3 to become the Root Bridge for VLAN20
“spanning-tree vlan 20 priority 8192”
On Switch3:
Switch3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch3(config)#
Switch3(config)#spanning-tree vlan 20 priority 8192
Switch3(config)#
On the other hand you can use this command to force Switch3 to be the Root Bridge without using a priority value:
“spanning-tree vlan 20 root primary”
b. Wait for the network to converge and then verify your configuration by determining Switch3 is the Root Bridge.
We need to issue this command to verify that Switch3 is the Root Bridge for VLAN20
“show spanning-tree vlan 20”
As you can see from the output above, Switch3 is the Root Bridge for VLAN 20. However, Switch1 that has this MAC address(000A.F3A2.435A) is the Root Bridge for VLAN20 as shown below:
5- Configure PVST+ mode:
a. Across all Switches use Rapid Per-VLAN Spanning Tree Protocol (RPVST+)
We can change the default Spanning Tree Type from PVST to RPVST+ by using the following command:
“spanning-tree mode rapid-pvst”
On Switch1:
Switch1#configure terminal
Switch1(config)#spanning-tree mode rapid-pvst
On Switch2:
Switch2#configure terminal
Switch2(config)#spanning-tree mode rapid-pvst
On Switch3:
Switch3#configure terminal
Switch3(config)#spanning-tree mode rapid-pvst
b. Verify your configuration
We need to wait until the network is converged and then we should be able to execute the following command:
“show spanning-tree summary”
6- Verify that PC1 is still able to ping PC3 and PC2 is able to ping PC4. In addition, verify that PC1 and PC3 are able to reach Server1. Similarly, with PC2 and PC4 are able to reach Server2.
PC1 is able to ping PC3 and Server1 as shown below:
PC2 is also able to ping PC4 and Server2:
PC3 is able ping Server1:
Finally, PC4 is able to ping Server2:
7- Save your configuration
Save the config by issuing one of the following commands:
a. “write memory” or “wr” for short
b. “copy running-config startup-config” or “cop run sta”
8- If the ping is successful then go ahead and save the configuration. Else, use the troubleshoot mentioned above.
Troubleshooting Steps:
Troubleshooting Spanning Tree Protocol (STP) involves a systematic approach to identify and resolve network issues related to STP. Here is a step-by-step guide to help you troubleshoot STP effectively:
1- Verify STP Status
Check the current STP status on your switch.
Switch# show spanning-tree
Look for inconsistencies or unexpected states.
Verify that the following settings are consistent across all member interfaces:
- Speed
- Duplex
- Trunk mode (if applicable)
- Allowed VLANs (if applicable)
2- Identify the Root Bridge
Ensure you know which switch is the root bridge for each VLAN.
Switch# show spanning-tree vlan [vlan_id]
Verify the root bridge ID and ensure it is the intended switch.
3- Check Port Roles and States
Verify the roles (Root, Designated, Alternate, Backup) and states (Blocking, Listening, Learning, Forwarding) of the ports.
Switch# show spanning-tree interface [interface_id]
Ensure ports are in expected roles and states.
4- Analyse Path Cost
Review the path cost to ensure the shortest path to the root bridge.
Switch# show spanning-tree detail
Check for any misconfigurations in path costs.
5- Check BPDU Flow
Verify that BPDUs are being sent and received correctly.
Switch# debug spanning-tree bpdu
Look for any anomalies in BPDU transmission.
6- Inspect PortFast and BPDU Guard Configuration
Ensure PortFast is enabled only on edge ports and BPDU Guard is configured to protect against misconfigurations.
Switch# show running-config | include spanning-tree portfast
Switch# show running-config | include spanning-tree bpduguard
7- Review VLAN Configuration
Verify VLAN assignments and ensure VLANs are properly configured on all switches.
Switch# show vlan brief
Switch# show vlan id [vlan_id]
8- Check for Physical Layer Issues
Ensure there are no physical connectivity problems, such as faulty cables or interfaces.
9- Review Logs for Errors
Check the logs for any STP-related errors or events.
Switch#show log
Switch#show spanning-tree inconsistentports
Identify any issues that might indicate loops or misconfigurations.
10- Use the show Commands for Specific Details
Root Bridge Verification:
Switch#show spanning-tree root
Interface Status:
Switch#show spanning-tree interface [interface_id] detail
VLAN Details:
Switch#show spanning-tree vlan [vlan_id] detail
11- Recalculate Spanning Tree
If necessary, force a recalculation of the spanning tree.
Switch#clear spanning-tree detected-protocols
Recalculate spanning tree and check if issues are resolved.
12- Common STP Issues and Solutions:
a. Unstable Network: Frequent topology changes can indicate flapping links.
Solution: Check for physical issues and stabilize the network.
b. Unexpected Root Bridge: Incorrect switch becomes the root bridge.
Solution: Manually set the root bridge priority.
Command: “spanning-tree vlan [vlan_id] priority [value]”
c. Loops in the Network: Multiple active paths causing loops.
Solution: Verify port roles and ensure blocking ports are in place.
d. Blocked Ports: Ports that should be forwarding are blocked.
Solution: Check the path cost and adjust if necessary.
e. BPDU Guard Issues: Edge ports receiving BPDUs and shutting down.
Solution: Verify PortFast and BPDU Guard configurations.
By systematically following these steps, you can effectively troubleshoot and resolve STP-related issues in your network.
Note:
Per VLAN Spanning Tree Protocol (PVST)
PVST is a Cisco proprietary enhancement of the Spanning Tree Protocol (STP) that runs a separate instance of STP for each VLAN in the network. This allows for more granular control and optimization of the network by treating each VLAN independently.
How PVST Works:
- Multiple Instances: PVST maintains a separate spanning tree instance for each VLAN, ensuring that each VLAN has its own root bridge and topology.
- Bridge Protocol Data Units (BPDUs): Each VLAN sends out its own BPDUs, which are used to establish the spanning tree topology for that specific VLAN.
- Root Bridge Election: For each VLAN, switches elect a root bridge based on the lowest bridge ID. The root bridge acts as a central point for spanning tree calculations.
- Path Cost Calculation: Each switch determines the best path to the root bridge by calculating the path cost. The path with the lowest cost is preferred.
- Port Roles: Ports are assigned roles such as root port, designated port, or non-designated port based on their path cost to the root bridge. Non-designated ports are put into a blocking state to prevent loops.
- Convergence: PVST converges independently for each VLAN. This means that changes in one VLAN’s topology do not affect the others, allowing for greater stability and performance optimization.
Rapid Per VLAN Spanning Tree Protocol (Rapid PVST+)
Rapid PVST+ is an enhancement of PVST that incorporates the rapid convergence benefits of Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w). It also runs a separate instance of RSTP for each VLAN, providing faster convergence and improved network stability.
How Rapid PVST+ Works:
- Rapid Convergence: Rapid PVST+ adopts the rapid convergence mechanisms of RSTP, such as immediate transition to the forwarding state for edge ports and rapid failure detection.
- Multiple Instances: Similar to PVST, Rapid PVST+ maintains a separate spanning tree instance for each VLAN.
- BPDUs and Roles: Uses enhanced BPDU handling and port roles (such as alternate and backup ports) to quickly reconfigure the spanning tree topology when changes occur.
- Root Bridge Election: For each VLAN, Rapid PVST+ performs root bridge election similarly to PVST, but with faster convergence due to rapid BPDU processing.
- Port States and Roles: Ports quickly transition between states (discarding, learning, forwarding) and roles (root, designated, alternate, backup) to maintain loop-free topologies.
- Backward Compatibility: Rapid PVST+ is backward compatible with PVST, allowing for mixed environments where some switches run PVST and others run Rapid PVST+.
Differences between PVST and Rapid PVST+
- Convergence Speed:
- PVST: Uses standard STP convergence, which can be slow (30-50 seconds) due to the use of timers like forward delay and max age.
- Rapid PVST+: Uses RSTP mechanisms for rapid convergence, significantly reducing convergence time to a few seconds.
- Port Roles and States:
- PVST: Uses traditional STP port roles (root, designated, blocking) and states (blocking, listening, learning, forwarding).
- Rapid PVST+: Introduces new port roles (alternate, backup) and faster state transitions (discarding, learning, forwarding).
- Efficiency:
- PVST: Each VLAN instance can slow down overall network convergence due to independent spanning tree calculations.
- Rapid PVST+: More efficient convergence and failure recovery mechanisms enhance overall network performance and stability.
- Compatibility:
- PVST: Proprietary to Cisco and may not interoperate seamlessly with non-Cisco devices.
- Rapid PVST+: Also proprietary to Cisco but includes rapid convergence features, making it a preferred choice for modern, dynamic networks.
Summary
- PVST: Provides per-VLAN spanning tree instances, allowing for granular control but with slower convergence.
- Rapid PVST+: Enhances PVST with rapid convergence features from RSTP, offering faster and more efficient network recovery while maintaining per-VLAN topology control.
Both protocols are essential in managing network loops and ensuring efficient traffic flow in VLAN-segmented networks, with Rapid PVST+ being the preferred choice for environments requiring fast convergence and robust network stability.
Conclusion:
In this lab, we explored the Per VLAN Spanning Tree (PVST) protocol, forced Switch3 to become the root bridge for VLAN 20, and configured Rapid Per VLAN Spanning Tree Plus (RPVST+). By completing these tasks, we gained a better understanding of how PVST and RPVST+ work and how they can be used to optimize network performance and stability. These skills are essential for managing complex network environments and ensuring efficient data traffic flow.
Packet Tracer Lab (Pre/Post configuration):
Download the file below and open the word document to access the Packet Tracer labs.
