Awesome, thank you!!!
Pat
1 Like
Hey Rene,
As per my understanding, F0/1 should be blocked since it has the lower port no in the below case.
Please suggest.
Hello Aamir
When selecting which port to block on a switch, the following four parameters that are found within received BPDUs. Specifically, one BPDU is considered superior to another if it has:
- The lower root bridge ID
- The lower path cost to the Root
- The lower sending Bridge ID
- The lower sending port ID
These parameters are checked in order, and the next is only checked if the previous is a tie. So in this case, SW2 will receive BPDUs from the ROOT on both links. Both root bridge IDs are the same, both path costs are the same, and both sending Bridge IDs are the same. The last thing to check is the sending port ID.
Fa0/1 on SW2 receives a BPDU with the port ID of Fa0/1 from SW1. Similarly, Fa0/2 on SW2 receives a BPDU with the port ID of Fa0/2 from SW1. The port that receives a BPDU with the lowest port ID is the one chosen to forward traffic. Therefore Fa0/2 on SW2 becomes blocked. Does that make sense?
I hope this has been helpful!
Laz
hello Lazaros,
Thanks for the explanation. I appreciate that.
Amir
1 Like
Hi Rene,
Somebody maybe already ask this question. I just curious about this statement below,
âSW1 will forward this broadcast frame on all it interfaces, except the interface where it received the frame onâ
is that means SW2 will received two ARP packets at the same time on its fa0/0 and fa0/1 interfaces, or is that only one packet at a time?
Thank You
Hello Christevand
This statement simply indicates the fundamental operation of a switch. If we were to assume that Spanning Tree Protocol (STP) is not functioning at all, then the answer to your question is that yes, SW2 will receive ARP requests on both Fa0/0 and Fa0/1.
This however, as further described in the lesson, would cause problems, because SW2 would then take the ARP request it got on Fa0/0 and it would send it out of Fa0/1, and it would take the ARP request it got on Fa0/1 and send it out of Fa0/0. This results in a layer 2 loop, and a broadcast storm will take place, causing both switches to be overwhelmed, resulting in massive network slowdowns.
This example shows why STP is necessary. If STP is enabled, as it should be, this will not happen. STP will cause one of the two links between the two switches to be in a blocking state, thus only one of the two interfaces (Fa0/0 or Fa0/1) on SW2 will receive the ARP request. Which port that will be depends on the STP configuration. This resolves the layer 2 loop problem. Does that make sense?
I hope this has been helpful!
Laz
Hi Laz,
This is now make sense. Thank you for answering, much appreciate it!
Evand
1 Like
Hi Rene
I am not understanding how this topology would cause a switching loop. When H1 sends and arp request, SW1 will broadcast the frame out of all its ports except the source port. When Sw2 gets the broadcasts from both the gig1 and gig2 interfaces, the switch would check its MAC address table against the destination MAC address of the ETH Frame and send both frames to H2. Im not understanding how the frame would again be broadcasted out of SW2. Please help me understand where my thinking is wrong here.
Hello Pancratius
ARP requests use a destination MAC address of FF:FF:FF:FF:FF:FF. This is a broadcast address. When a frame with this address as a destination is received on a switch, it will be sent out of all of the switchâs ports except the one it received it on. So the MAC address table does not play any role when such a frame is received.
So if such a frame is received on Fa0/0 of SW2 it will be sent out of all ports including Fa0/1, and will be sent back to SW1. Similarly, it is also received on Fa0/1 of SW2 and it will be sent back to SW1 via Fa0/0. SW1 will receive these broadcasts and will rebroadcast them to all ports including those going back to SW2, and so on, resulting in a broadcast storm due to a Layer 2 loop. Does that make sense?
For more information about ARP, take a look at this lesson:
I hope this has been helpful!
Laz
Hi Lazaros
This does help a lot. But I have one more question. When the broadcast of FF:FF:FF:FF:FF:FF arrives at SW2, it will eventually get to H2 and H2 would reply to the ARP request. The SW2 should then add H2s mac address to the table wouldnt it? I know this would not stop the broadcast storm but just wanted clarity on this regard.
Thanks
Hello Pancratius
Yes that is exactly correct. Because the ARP reply from H2 contains H2âs MAC address in the source MAC address field of the frame, the switch will place that MAC address into the MAC address table, and it will correspond with the port number on which H2 is connected to the switch.
This is true of any frame that arrives on a switchâs port, the source MAC address in the header will be added to the MAC address table.
I hope this has been helpful!
Laz
I would recommend explaining that the number next to Port on non Root Switches is the number of ports in a forwarding state/designated ports. I only found that out by labbing. An example is from my lab below Port 2 to the left of GigE0/1 Unless I missed is 
Entirely possible. Love this material it is the best I have found so thanks!
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 5254.000a.cd63
Cost 4
Port 2 (GigabitEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Hello Andrew!
Actually, the information that is displayed after the word âPortâ in the output in your post indicates which port on the switch is the root port for VLAN 1.
Notice it says GigabitEthernet0/1 in brackets. Thatâs the port using the typical designations we use to identify ports on a switch. However, STP uses an internal port reference number to identify ports, and that is what the number â2â here signifies. These STP port numbers are assigned in sequential order to all ports on a switch including management ports, fixed and modular physical ports, as well as virtual ports (SVIs) and tunnel ports.
How these numbers are assigned depends upon the platform and IOS version, and the configuration of any modular components of the switch.
These port numbers are an important part of STP as they also play a tie-breaking role in determining which port will be blocked. This is especially the case when two switches have multiple links between them, as shown at the end of this lesson. This number is the ultimate tiebreaker in such cases. Does that make sense?
I hope this has been helpful!
Laz
Hi Rene,
I am not sure if it was mentioned somewhere in this deep blog conversation topics, but I am happy to refresh this context to check my understanding.
My understanding is that STP follows this flow:
a) elects a root switch
b) selects the root ports on non-root switches
c) assign the designated ports
Next, when two designated ports on the same physical link are joined , STP decide which will be designated and which one must be clocked. STP or more precisely STA algorithm checks root cost for both designated ports and one with lower cost wins (it means stays designated). If costs are the same we have the next possible rules: Lower bridge ID, lower priority, or lower internal port number.
I think , Rene in this lesson took assumption that all ports have the same cost. Therefore, compared both designated ports by lower BID to select blocked port. Hope, it make a sense.
Guys , just thank you for your great work. This portal is great , from the last year I gained a lot of knowledge here , here the material is delivered in perfect way ! appreciated.
Hello Rafal
Youâve got a good grasp on how the Spanning Tree Protocol (STP) works. Youâre correct that the STP process involves electing a root switch, selecting root ports on non-root switches, and assigning designated ports.
When two designated ports on the same physical link are connected, STP does indeed decide which will remain designated and which one will be blocked. This decision is based on the root path cost, with the port having the lower cost winning. If the costs are the same, as you pointed out, the tie-breakers are lower bridge ID, lower priority, and lower internal port number, in that order.
Reneâs assumption that all ports have the same cost is a simplification for the sake of explanation. In a real network, port costs may vary depending on the speed of the link, with lower costs assigned to faster links.
Iâm glad to hear that you find NetworkLessons helpful and that it has contributed to your knowledge. Weâre here to help, so donât hesitate to reach out if you have any more questions!
I hope this has been helpful!
Laz
Thank you Laz !
thank you to build up my confidence with STP. Now your answer is purely clear for me. I greatly appreciate it. This is like private lesson. Amazing. 
thanks again for your time.
1 Like
I donât understand the use of a designated port on the segment that when the other end is a blocked port (only listen to BPDUs)?
Hello Kin
I assume youâre talking about this topology from the Intro to Spanning Tree lesson:
On SW2, we have a designated port Fa1/0 which is connected to Fa1/0 of SW3 which is blocked (or alternate, which is what the âAâ stands for). So the question is, how can you have a designated port connected to a blocked port on the other end?
It does sound somewhat strange, but thatâs the way that STP operates. For any physical loop created, it only takes the blocking of a single port to eliminate that loop. The other end of that link remains a designated port, but it simply doesnât send or receive any data. This design approach is necessary, because at any time, the topology may change, and that blocked port may become a designated port.
Letâs say the link between SW1 and SW2 goes down. STP will reconverge, and Fa1/0 on SW3 will become a designated port, and will start to send data. The Fa1/0 port on SW2 is already a designated port and will immediately be able to receive and send data to SW3. So that port remains designated to be prepared for any topology changes without the need for the time-consuming processes it to change its role.
Now as for the BPDUs, yes, that designated port will still send and receive BPDUs. But you know what? Blocked ports also receive BPDUs as well, and they process them.
So you see, this is the setup in order to ensure that reconvergence will take place quickly without the need for additional processing and altering of port roles. Does that make sense?
I hope this has been helpful!
Laz
1 Like
Hi @lagapidis,
I just got a question my mind with the below scenario. Since we have only one switch(root bridge), how STP will block a port (all ports in root bridge are DP). Anyway I marked port role based on STP operation. Please correct me if I am wrong. Below steps I followed.
For Single switch:
- Switch themself thinks as Root bridge since there is no other switches to receive BPDUs
- No Root port concept here
- DP selected based on low port number
- Non DP port is blocked.
Hello Premkumar
In a single-switch scenario, STP doesnât really come into play as itâs primarily used to prevent loops in a network topology with multiple switches. However, strictly speaking, yes, STP will consider the single switch to be the root switch, and all of its ports will become designated ports.
Now the case you are stating here is a special case, where a cable is connected from port 0/2 to 0/3 of the same switch. This is the only case where you would have a blocked port on a root bridge. The tie-breaking criteria will be used to determine which port should become blocked, and it will come down to the lowest port number because all of the other criteria are the same.
Note that this would be the case regardless of whether or not SW1 is the only switch in the topology. Even if there were more switches, and SW1 was the root bridge, the behavior would be the same.
However, you should never do this in a real-world scenario. The only reason this functions this way is to prevent the switch from succumbing to a Layer 2 loop in case such a connection was made by accident.
I hope this has been helpful!
Laz