Friday, December 19, 2014

The Spanning Tree Protocol - STP

I find that talking about and explaining how to prevent loops in a network is something I do an awful lot.  So I thought I'd post something up that helps explain how to prevent it, and what the Spanning Tree Protocol is.  The Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network.  Spanning Tree offers your network redundant and loop-free operation. Think of spanning tree as a tree that the bridge keeps in memory for optimized and fault-tolerant data forwarding.

What is Spanning Tree?

  • STP provides a means to prevent loops by blocking links in an Ethernet network. Blocked links can be brought in to service if active links fail.
  • The root bridge in a spanning tree is the logical center and sees all traffic on a network.
  • Spanning tree recalculations are performed automatically when the network changes but cause a temporary network outage.
  • Newer protocols, such as TRILL, prevent loops while keeping links that would be blocked by STP in service.
Eliminating loops with spanning tree
If your switches are connected in a loop without STP, each switch would infinitely duplicate the first broadcast packet heard because there's nothing at Layer 2 to prevent a loop.
STP prevents loops by blocking one or more of the links. If one of the links in use goes down, then it would fail over to a previously blocked link. How spanning tree chooses which link to use depends entirely on the topology that it can see.

The idea behind a spanning tree topology is that bridges can discover a subset of the topology that is loop-free: that's the tree. STP also makes certain there is enough connectivity to reach every portion of the network by spanning the entire LAN.

STP configuration

Bridges will perform the spanning tree algorithm when they are first connected to the network or whenever there is a topology change.

When a bridge hears a "configuration message," a special type of BPDU (bridge protocol data unit), it will begin its disruptive spanning tree algorithm. This starts with the election of a "root bridge" through which all data will flow.  The next step is for each bridge to determine the shortest path to the root bridge so that it knows how to get to the "center." A second election happens on each LAN, and it elects the designated bridge, or the bridge that's closest to the root bridge. The designated bridge will forward packets from the LAN toward the root bridge.  The final step for an individual bridge is to select a root port. This simply means "the port that I use to send data towards the root bridge."

Note: Every single port on a bridge, even ones connected to endpoints, will participate in the spanning tree unless a port is configured as "ignore."

A newly connected bridge will send a reconfiguration BPDU, and the other connected devices will comply. All traffic is stopped for 30-50 seconds while a spanning tree calculation takes place.

Rapid STP

In 2001, certain vendors started introducing rapid spanning tree, a modified version of the spanning tree algorithm that reduces outages. It's fully compatible with older devices that only know the old spanning tree algorithm and reduces the 30-50-second outage time to less than ten in most cases, so use it if you can.

Note: RSTP works by adding an alternative port and a backup port. These ports are allowed to immediately enter the forwarding state rather than passively wait for the network to converge.


STP can cause problems with VLANs if one of the physical links happens to be a VLAN trunk. That's because with only one spanning tree, it's possible the link with the VLAN trunk will need to be blocked. That could result in no connectivity for a particular VLAN to the rest of its LAN. To solve this, enable per-VLAN spanning trees (PVST).

With PVST enabled, a bridge will run one spanning tree instance per VLAN on the bridge. If a trunk link contains VLANs 1, 2, and 3, it can then decide that VLANs 1 and 2 should not take that path, but still allow VLAN 3 to use it.

Spanning tree drawbacks

One of the drawbacks of STP is that even though there may be many physical or equal-cost multiple paths through your network from one node to another, all your traffic will flow along a single path that has been defined by a spanning tree. The benefit of this is that traffic loops are avoided, but there is a cost. Restricting traffic to this unique path means blocking alternative, and sometimes more direct, paths.

That means that your full potential network capacity can never be realized. (It is possible to use multiple simultaneous spanning trees for separate VLANs, as mentioned above, but the traffic in any given VLAN will still not be able to use all your available network capacity.)

In the past this has been acceptable, but with the increasing use of virtualization technology in many data centers, there is a need for a more efficient and reliable routing infrastructure that can handle the very high I/O demands of virtualized environments.

Spanning tree alternatives: TRILL and NPB

Transparent Interconnection of Lots of Links (TRILL) is a routing protocol network standard which:
  • Uses shortest path routing protocols instead of STP.
  • Works at Layer 2, so protocols such as FCoE can make use of it.
  • Supports multihopping environments.
  • Works with any network topology, and uses links that would otherwise have been blocked.
  • Can be used at the same time as STP.
The main benefit of TRILL is that it frees up capacity on your network which can't be used (to prevent routing loops) if you use STP, allowing your Ethernet frames to take the shortest path to their destination. This in turns mean more efficient utilization of network infrastructure and a decreased cost-to-benefit ratio.

These benefits are particularly important in data centers running cloud computing infrastructure. TRILL is also more stable than STP because it provides faster recovery time in the event of hardware failure.

Bruce has worked in educational technology for over 18 years and has implemented several 1:1/BYOD programs.  He also has served as a classroom teacher in Computer Science, History and English classes.  Bruce is the author of five books: Sands of TimeTowering Pines Volume One:Room 509The Star of ChristmasPhiladelphia Story: A Lance Carter Detective Novel and The Insider's Story: A Lance Carter Detective Novel.  Follow Bruce's Novel releases by subscribing to his FREE newsletter!

Be sure to check out Bruce's Allentown Education Examiner Page, his Twitter and his Facebook!

No comments:

Post a Comment