What is STP (Spanning Tree Protocol)? | An Introduction to Loop Prevention

Creating a tree structure on the network topology using STP protocol prevents loops. It ensures that there is only one path, thus preventing data packets from entering an infinite loop and improving network performance.

By making the network topology look like a tree, STP can ensure that there is only one path through the network and stop loops, which can happen in Ethernet networks. This protocol lets switches talk to each other and improves how well the network functions work.

To determine which path to use when there are multiple paths in the network, STP uses the “root bridge” with the lowest root ID in the network. All other devices in the network connect directly or indirectly to the root bridge.

STP also notices network topology changes and automatically responds to them. Whenever a device breaks, for example, it detects the change in network topology and creates a new one. It lets the network keep running as usual.

The History of Spanning Tree Protocol (STP)

Radia Perlman developed the Spanning Tree Protocol (STP) in 1985 as a network protocol to prevent loops in Ethernet networks. STP functions at the data link layer (2nd layer) of the OSI (Open Systems Interconnection) protocol stack and primarily serves LAN (Local Area Network) environments.

Previously, network loops were a significant problem for Ethernet networks. Loops could cause an increase in network traffic and even lead to network collapses. The issue of loops in Ethernet networks prompted the development of STP. STP monitors the status of all connection points on the web and, if necessary, closes connection points to prevent loops and create a tree-shaped network topology (spanning tree).

The 802.1d IEEE standard officially adopted STP in 1990. The 802.1d standard remained the basic protocol standard for Ethernet networks until 2004. However, in 2004, the IEEE 802.1w standard (Rapid STP) was introduced. The designers created Rapid STP to accelerate the network reconstruction process and provide faster total reconstruction times.

The protocol of STP has undergone many changes over time to enhance its performance. For example, the 802.1s (Multiple Spanning Tree Protocol – MSTP) standards allow network administrators to create multiple trees to better control network topology. Other alternative protocols, such as 802.1aq (Shortest Path Bridging – SPB), have also emerged. SPB offers network administrators easier management of network topology in vast networks.

How does STP work?

STP works actively on switching devices, allowing them to communicate with each other and improve the efficiency of your network. However, if there are multiple paths, it turns off one or more connections to prevent loop formation.

STP’s operation aims to create a hierarchy among all switching devices in your network. Each device calculates the cost of its connections, determined by their speed, with faster connections receiving lower values. The switch then selects a rooted device that shows the most downward cost path to it.

At the top of the network hierarchy, the root device determines the connections enabling the network to run without loops. Once identified, the root device broadcasts this information to all devices in the network, turning off redundant links and ensuring all devices use the same connections.

To ensure proper network operation, STP uses several protocols: Bridge Protocol Data Units (BPDU), Topology Change Notification (TCN), and Topology Change Acknowledgement (TCA). BPDU enables determining the root device and path and turns off redundant connections. TCN notifies other devices of changes in the network topology, while TCA confirms that different devices have received and accepted changes.

To prevent loops and improve network performance, STP checks the connectivity of all bridges in the network and turns off redundant connections. BPDU messages help determine the root bridge among the bridges in the network. If two bridges have the same priority, their MAC addresses determine which bridge has the lowest root priority for the root bridge.

After selecting the root bridge, STP assigns a root path to each bridge in the network, which is the shortest path between the root bridge and each bridge in the network. STP performs port selection to prevent loops in the network by turning off redundant connections. A bridge selects one of the redundant connections in the network to disable as part of the port selection process.

TCN and TCA protocols speed up the process of informing other devices of changes in the network topology. TCN notifies other devices of changes, turning off redundant connections, while TCA announces that redundant connections have been disabled, improving network stability.

What are the types of STP?

In some cases, the standard configuration of STP can negatively impact network performance. Hence, developers have created various types of STP to address the issue.

1. IEEE 802.1D STP (Classic STP): This is the original STP standard. IEEE 802.1D STP selects a root bridge among all switches in the network and shuts down unnecessary connections to prevent a loop in the network. This protocol tracks changes in the network through Bridge Protocol Data Units (BPDU) messages and contains unnecessary references to optimize the network topology.
2. Rapid STP (RSTP): This protocol is an enhanced version of classic STP. RSTP enables switches to communicate with each other faster and detects network changes more quickly. It helps to prevent interruptions in the network and improve performance.
3. Multiple STP (MSTP): The network can create multiple instances of STP due to this protocol. Network administrators can create different STP instances for other VLANs. It provides better flexibility in the network and helps to achieve better performance.
4. PVST+ (Per VLAN Spanning Tree Plus): This protocol helps to optimize the network by creating a separate STP instance for each VLAN. Individual STP instances detect changes in VLANs more quickly and improve network performance. Cisco switches customize this protocol for their use.
5. RPVST+ (Rapid Per VLAN Spanning Tree Plus): This protocol is an accelerated version of PVST+. RPVST+ runs separately for each VLAN to provide faster performance in the network.

Cisco and STP

Cisco network switches, routers, and other network devices are the fundamental building blocks of enterprise networks. Spanning Tree Protocol (STP) is a protocol used in Cisco network devices designed to ensure the proper operation of bridge switches in the network.

Cisco network equipment offers several different models that support STP. For example, the Cisco Catalyst 2960X Series switches support many different versions of STP, including Standard STP, Fast STP, and Enhanced STP (Rapid PVST+). Additionally, Cisco’s Nexus series switches also support multiple versions of STP.

Cisco’s importance in the STP protocol has led to the developing of proprietary protocols. For instance, the Per VLAN Spanning Tree (PVST) protocol creates a separate STP instance for each VLAN to enable more efficient network management. Cisco has also developed Rapid PVST+, a faster and more reliable version of STP.

Cisco also supports other protocols that work in conjunction with STP. For example, the Bridge Assurance protocol is used with STP to ensure bridge devices are operating correctly. Additionally, Cisco provides features such as STP Topology Change Notifications (TCN) and Topology Change Acknowledgments (TCA) for network management and monitoring.

Cisco considers the STP protocol a critical element for network reliability and provides customers with the necessary tools to create a reliable network structure. Cisco network equipment uses high-performance processors to process Spanning Tree protocol messages between devices, ensuring the network operates smoothly.

Advantages of STP

STP (Spanning Tree Protocol) is a technology that allows all switching devices in a network to collaborate and boost network redundancy. There are many advantages to using STP.

• Network Redundancy

It is a protocol that increases network redundancy. In a network where switching devices come together, ensuring redundancy is crucial. It increases network redundancy by identifying and turning off redundant paths in a network.

• Better Performance

By controlling the flow of traffic in the network, it improves network performance. Identifying redundant paths ensures traffic flows through a single approach, which enhances the network’s performance.

• Improved Reliability

It provides redundancy in network connections, allowing the network to continue working using backup links in case of failures. It increases the reliability of the network.

• Easy Management

It manages the connections between switching devices in the network. It enables network administrators to manage devices on the web more easily.

• Scalability

In large networks, it increases scalability by allowing all devices in the network to work together.

• Easy Maintenance

It simplifies network maintenance tasks. With STP, redundant paths in the network are identified and disabled, making maintenance tasks easier and faster to perform.

Basic STP Commands

• Enabling STP Protocol:

We use the “spanning-tree mode” command to enable the STP protocol. The following example allows the rapid-pvst to mode:

Switch(config)# spanning-tree mode rapid-pvst

• Determining Root Bridge:

We connect all other switches to the root bridge by determining a root bridge in the network. We use the “spanning-tree vlan” and “root” commands to determine the root bridge. To designate the switch as the root bridge for VLAN 10, follow the example below:

• Port Configuration:

Port configuration determines how STP will process each port. The command “interface” enables the configuration of a particular interface. The following example enables the “Portfast” feature for gigabitEthernet 0/1:

• Configuring BPDU Guard and BPDU Filter:

“BPDU Guard” and “BPDU Filter” features prevent loops in the network. “BPDU Guard” blocks all incoming BPDU messages on a port and prevents a loop in the network by shutting down the port. “BPDU Filter” blocks incoming BPDU messages on a port but does not shut down the port. The following example enables the “BPDU Guard” feature for gigabitEthernet 0/1:

• Changing the Maximum Hop Count for a VLAN:

• Changing the Root Bridge Priority for a VLAN:

• Enabling STP Protocol for a Specific VLAN:

This command configures the STP priority for the specified VLAN.

• Disabling STP Protocol for a Specific Interface:

• Clearing the STP Protocol Cache:

These commands provide the essential features to configure the spanning tree settings on Cisco switches. However, the configuration becomes more complicated as the network topology becomes more complex. Therefore, network administrators usually work with protocols like Cisco’s proprietary applications Rapid-PVST+ and MST (Multiple Spanning Tree).

How to Configure Spanning Tree Between Three Cisco Switches?

Controlling multiple paths between Cisco switches and preventing non-linear topologies using the Spanning Tree protocol is vital in base network topologies. In this scenario, we will use three Cisco switches: Switch A, Switch B, and Switch C. This network topology has a loop between the three switches. Therefore, we need to configure the spanning tree protocol.

• Enabling STP Protocol

• Root Bridge Determination

These commands designate SwitchA as the root bridge for VLAN 1. The network administrator designated SwitchB and SwitchC as root bridge candidates.

• Port Configuration

The final step is to determine how STP will handle each port. The following commands enable the ports and set the mode for a specific VLAN:

Portfast enables a port to be quickly helped, thus reducing the number of timeouts in the network. BPDU guard and BPDU filter prevent loops caused by any misconfiguration in the network.

Guard root ensures that if a root bridge candidate becomes a root bridge, the port is disabled. It is necessary to prevent loops in the network.

Spanning Tree Security

STP security protects networks from attacks by design. These attacks can affect the operation of nodes on the web or even bring down the entire network.

However, some attackers can manipulate the configuration of the Spanning Tree protocol by incorrectly designating a root bridge or creating multiple root bridges. It can affect all nodes on the network and cause errors that bring down the network.

You can take some measures against Spanning Tree attacks, such as:

• Enabling protection features: In Cisco network devices, protection features can be activated by configuring port properties and global parameters.
• Enabling security features: Cisco network devices can prevent attacks by providing security features. These features include BPDU Guard, BPDU Filter, and Root Guard.
• BPDU Guard: When BPDU Guard detects a BPDU on a port configured as a user node, it automatically shuts down the port. It prevents attackers from manipulating the working protocol on the network.
• BPDU Filter: BPDU Filter can block a node’s BPDU messages. It prevents attackers from manipulating the working protocol on the network.
• Root Guard: Root Guard is used to prevent the device that designates the root bridge on the network from being changed. Root Guard prevents a port from receiving root bridge messages and prevents it from being marked as the root bridge.

Adjusting the STP parameters according to the network topology and designating only one root bridge on the network is essential to optimize the protocol’s performance.

Additionally, it is essential to turn off all unused ports in the network that do not use a spanning tree.