Spanning Tree Protocol :

The IEEE 802.1D Spanning Tree protocol is used to prevent loops in the network. Usually, these
loops occur when the design includes redundant connections from the edge to the core, or
when multiple wiring closets are inadvertently interconnected. A loop in the network causes
severe congestion and eventually renders the network inoperable.
Although there are newer versions of Spanning Tree protocols, such as 802.1w Rapid Spanning
Tree (RSTP) and 802.1s Multiple Spanning Tree Groups (MSTP), these protocols are still based on
the legacy 802.1D STP fundamental architecture and therefore have limitations. Although RSTP
offers faster failover than normal 802.1D Spanning Tree, it still has the same problem as that of
802.1D: all redundant or looped paths are blocked.
MSTP does allow load balancing of VLANs over redundant paths; however, this requires
configuration of every switch to assign cost or weight to all available paths for each VLAN,
which can lead to administrative difficulties when there are a large number of switches and/or
subnets in the network.
Other issues to be considered in Spanning Tree environments include the need to set a root
bridge for the network. The root should be configured on one of the core switches in the
network.
When using VRRP for default gateway redundancy in conjunction with Spanning Tree, the VRRP
Master should be configured on the same switch as the Spanning Tree root (for optimal link
performance). Utilizing the Backup Master feature on the Avaya switches will also aide in the
optimal link usage with VRRP both VRRP and VRRP Backup Master are discussed in more detail
in the Layer 3 section of this document. If PIM-SM is configured on the network, the Designated
Router (DR) needs to also be configured on the switch that is the Spanning Tree root.
Avaya does recommend using the Spanning Tree protocol on all end station connections in
order to safeguard the network from hubs or other devices that could be inserted into the
network at the end station. A modification to the normal learning of spanning tree is available in
all Avaya edge switches. This feature is known as Fast Start or Fast Learning, and is the
recommended setting for all end station ports.

The BPDU filtering feature also adds a level of protection against inadvertent loops in the
network. This feature was originally developed to prevent an unwanted root selection process
when a new device was added to a Spanning Tree network and/or to prevent unknown
devices from influencing an existing spanning tree topology. A more detailed discussion on BPDU
filtering :

follows in the next section.

Enable Spanning Tree Fast Start/Fast Learning on all end station ports.
Enable BPDU filtering on all end station ports.
Never enable Fast Start/Learning on any uplink ports; this could cause unexpected
behaviors on the entire network.

When using Spanning Tree, pay attention to the root bridge. Ensure the root bridge is one
of the core switches by configuring the Spanning Tree priority.
When using SMLT to connect the edge to the distribution/core, always disable Spanning
Tree on the uplink ports/MLT of the edge switch.

Avaya recommends using Split MultiLink Trunking (SMLT) to interconnect closets to the core of
the network, thus eliminating the need for the Spanning Tree protocol on uplinks. When using
SMLT between the edge switch and the core or distribution switch, two or more redundant paths
to two separate core/distribution switches are utilized in an active-active fashion without the
need for Spanning Tree to prevent loops. Traffic is distributed over all available paths using either
MLT, 802.3ad, or any other form of link aggregation. If one or more of the paths fail, including link
and/or switch failures, SMLT provides sub-second failover to the remaining path(s).

Spanning Tree Terms

Root bridge The root bridge is the bridge with the best bridge ID. With STP, the key is for all the
switches in the network to elect a root bridge that becomes the focal point in the network. All
other decisions in the networksuch as which port is to be blocked and which port is to be put
in forwarding modeare made from the perspective of this root bridge. Once a root bridge is
elected on the network, all other bridges must make a single path to this root bridge. The port
with the best path to the root bridge is called the root port.
BPDU All the switches exchange information to use in the selection of the root switch as well as in
subsequent configuration of the network. Each switch compares the parameters in the Bridge
Protocol Data Unit (BPDU) that it sends to one neighbor with the ones that it receives
from other neighbors.
Bridge ID The bridge ID is how STP keeps track of all the switches in the network. It is determined
by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base
MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network.
Nonroot bridges These are all bridges that are not the root bridge. Nonroot bridges exchange
BPDUs with all bridges and update the STP topology database on all switches, preventing loops
and providing a measure of defense against link failures.
Port cost Port cost determines the best path when multiple links are used between two switches.
The cost of a link is determined by the bandwidth of a link.
Root port The root port is always the link directly connected to the root bridge, or the lowest path
cost to the root bridge. If more than one link connects to the root bridge, then a port cost is
determined by checking the bandwidth of each link. The lowest-cost port becomes the root
port. If multiple upstream switches have the same cost, the bridge with the lower advertising
bridge ID is used. When multiple links connect to the same device, the port connected to the
lowest port number on the upstream switch will be used.
Designated port A designated port is one that has been determined as having the best (lowest)
cost to the root bridge via its root port. A designated port will be marked as a forwarding port.

Nondesignated port A nondesignated port is one with a higher cost than the designated port.
They are whats left over after the root ports and designated ports have been determined.
Nondesignated ports are put in blocking modethey are not forwarding ports.
Forwarding port A forwarding port forwards frames and can be a root port or a designated port.
Blocked port A blocked port is the port that, in order to prevent loops, will not forward frames.
However, a blocked port will always listen to BPDU frames but drop any and all other frames.
Spanning Tree Operations:

step 1: select a root bridge/root switch:

Root switch is a switch which has the lowest priority. if all the switches has the same priority then
the switch with least/lowest mac(i.e., oldest switch) becomes the root switch.
This election process occurs with the help of BPDU( bridge protocol data unit) packets.

step 2:selecting a root port:

Every Non-Root bridge should select a port which provides the lowest path to the root switch.
This path is measured with the help of standard values provided by IEEE.
For the fastethernet links the spanning-tree path cost value is 19.
step 3:selecting Designated Port:
For each segment a port is selected which is nearest to the root switch.
If more than one port provides least path to the root switch , the switch with the lowest bridge id
is selected .
Finally Rootports and Designated ports goes to forwarding mode
The port which is neither root port nor designated port goes in blocking state.

Spanning-Tree Port States :

The ports on a bridge or switch running IEEE 802.1d STP can transition through five different states:
Blocking A blocked port wont forward frames; it just listens to BPDUs. The purpose of the
blocking state is to prevent the use of looped paths. All ports are in blocking state by default
when the switch is powered up.
Listening The port listens to BPDUs to make sure no loops occur on the network before passing
data frames. A port in listening state prepares to forward data frames without populating the
MAC address table.

Learning The switch port listens to BPDUs and learns all the paths in the switched network. A port
in learning state populates the MAC address table but still doesnt forward data frames. Forward
delay means the time it takes to transition a port from listening to learning mode (or from
learning to forwarding mode), which is set to 15 seconds by default and can be seen in the
show spanning-tree output.
Forwarding The port sends and receives all data frames on the bridged port. If the port is still a
designated or root port at the end of the learning state, it enters the forwarding state.
Disabled (technically not a transition state) A port in the disabled state (administratively) does
not participate in the frame forwarding or STP. A port in the disabled state is virtually
nonoperational.
Convergence
Convergence occurs when all ports on bridges and switches have transitioned to either
forwarding or blocking modes. No data will be forwarded until convergence is complete. Yes
you read that right: When STP is converging, all host data stops transmitting! So if you want to
remain on speaking terms with your networks users (or remain employed for any length of time),
you positively must make sure that your switched network is physically designed really well so
that STP can converge quickly.
Convergence is truly important because it ensures that all devices have a coherent database.

It usually takes 50 seconds to go from blocking to forwarding mode, and I dont recommend
changing the default STP timers. (But you can adjust those timers if necessary and have a large
network.) By creating your physical switch design in a hierarchical manner, you can make your
Core switch the STP root, which will then make STP convergence time nice and quick.
Because the typical spanning-tree topologys time to convergence from blocking to forwarding
on a switch port is 50 seconds, this could create time-out problems on your servers or hostsfor
example, when you reboot them. To address this hitch, you can disable spanning tree on
individual ports using PortFast.
RSTP:
RSTP was not designed to be a brand-new protocol, but more of an evolution of the 802.1d
standard, with faster convergence time when a topology change occurs. Backward
compatibility was a must when 802.1w was created. The 802.1w is defined in these different port
states:
Disabled = Discarding
Blocking = Discarding
Listening = Discarding
Learning = Learning
Forwarding = Forwarding
Figuring out what your root bridge, root ports, and designated ports are has not changed;
however, you need to understand the cost of each link to make this determination

RSTP Configuration Example:

In this configuration example, we will accomplish the following:

Configure the bridge priority as shown in Figure 3. This will result in 8600-1 becoming the
RSTP Root Bridge. If 8600-1 should fail, then 8600-2 should become the Root Bridge based
on priority settings.

Two VLANs will be configured, a management VLAN (VLAN 200) and a end user VLAN
(VLAN 1000)

For the management VLAN 200, we will configure a management IP address as shown in
the diagram above for this example, no routes are configured for the management as
it is a simple Layer 2 network

As an option, we can set the RSTP port priority on 8600-1 to influence the link taken
between 8600-1 and 8600-2. The default port priority simply has to be changed to a
lower value on 8600-1 from the default setting of 128 the port priority setting is configured
in increments of 16 from 0 to 240 .

After all the switches have been configured using the above settings, traffic should flow as that
shown in the following diagram.

Set Spanning Tree Mode to RSTP

ERS8600-1: Step 1 Set the bootconfig Spanning Tree mode to RSTP
ERS-8610:5(config)# boot config flags spanning-tree-mode rstp
ERS-8610:5(config)# save bootconfig
ERS-8610:5(config)# boot y
|
ERS-8610:5(config)#sys name ERS8600-1

ERS8600-2: Step 1 Set the bootconfig Spanning Tree mode to RSTP

ERS-8610:5# config bootconfig flags spanning-tree-mode rstp
ERS-8610:5# save bootconfig
ERS-8610:5# boot y
|
ERS-8610:5# config sys set name ERS8600-2

ERS4550T-1: Step 1 Set Spanning Tree Operation mode to RSTP

4550T(config)# spanning-tree op-mode rstp
4550T(config)# write memory
4550T(config)# boot
Reboot the unit(s) (y/n) ? y
|
4550T(config)# snmp-server name 4550T-1
4550T-1(config)# banner disabled

ERS4528GT-2: Step 1 Set Spanning Tree Operation

4548GT#(config)# spanning-tree op-mode rstp
4548GT#(config)# write memory
4548GT#(config)# boot
Reboot the unit(s) (y/n) ? y
|
4548GT(config)# snmp-server name 4548GT-2
4548GT(config)# banner disabled
ERS8600-1: Step 1 Create VLANs 200 and 1000 and add port members
ERS8600-1:5(config)# vlan create 200 name mgmt type port-mstprstp 0
ERS8600-1:5(config)# vlan create 1000 type port-mstprstp 0
ERS8600-1:5(config)# vlan ports 4/23,4/24,1/33,1/35 tagging tagAll
ERS8600-1:5(config)# vlan members remove 1 1/5,4/23,4/24,1/33,1/35
ERS8600-1:5(config)# vlan members add 200 4/23,4/24,1/33,1/35
ERS8600-1:5(config)# vlan members add 1000 1/5,4/23,4/24,1/33,1/35

ERS8600-2: Step 1 Create VLANs 200 and 1000 and add port members
ERS8600-2:5# config vlan 200 create byport-mstprstp 0 name mgmt
ERS8600-2:5# config vlan 1000 create byport-mstprstp 0
ERS8600-2:5# config ethernet 1/23,1/24,1/34,1/36 perform-tagging enable
ERS8600-2:5# config vlan 1 ports remove 1/5,1/23,1/24,1/34,1/36
ERS8600-2:5# config vlan 200 ports add 1/23,1/24,1/34,1/36
ERS8600-2:5# config vlan 1000 ports add 1/5,1/23,1/24,1/34,1/36

ERS4550T-1: Step 1 Create VLANs 200 and 1000 and add port members
4550T-1(config)# vlan create 200 name mgmt type port
4550T-1(config)# vlan create 1000 type port
4550T-1(config)# vlan configcontrol automatic
4550T-1(config)# vlan ports 33,34 tagging tagall
4550T-1(config)# vlan members add 200 33,34
4550T-1(config)# vlan members add 1000 5,33,34
4550T-1(config)# vlan members remove 1 5,33,34

ERS4528GT-2: Step 1 Create VLANs 200 and 1000 and add port members
4548GT-2(config)# vlan create 200 name mgmt type port
4548GT-2(config)# vlan create 1000 type port

4548GT-2(config)# vlan configcontrol automatic

4548GT-2(config)# vlan ports 35,36 tagging tagall
4548GT-2(config)# vlan members add 200 35,36
4548GT-2(config)# vlan members add 1000 5,35,36
4548GT-2(config)# vlan members remove 1 5,35,36

ERS8600-1: Step 2 Add management IP address and add port members

ERS8600-1:5(config)# interface vlan 200
ERS8600-1:5(config-if)# ip address 10.12.200.12 255.255.255.0
ERS8600-1:5(config-if)# exit

ERS8600-2: Step 2 Add management IP address

ERS8600-2:5# config vlan 200 ip create 10.12.200.13/24
ERS4550T-1: Step 2 Add management IP address
4550T-1(config)# vlan mgmt 200
4550T-1(config)# ip address 10.12.200.14 netmask 255.255.255.0
ERS4528GT-2: Step 2 Add management IP address
4548GT-2(config)# vlan mgmt 200
4548GT-2(config)# ip address 10.12.200.15 netmask 255.255.255.0
NOTE: On the ERS4500, if a port is removed from the default VLAN (VLAN 1) prior to adding the
port as a port member to a different VLAN, STP participation is disabled for this port. Hence, at
an interface level, Spanning Tree Port must be re-enabled for each removed port. This
inconvenience can be avoided if the port or ports are removed from the default VLAN after the
port or ports are added to a different VLAN.

RSTP Configuration
For this example, we will change the RSTP priority to make 8600-1 the root bridge and 8600-2 the
backup root bridge. We will leave both 4550T-1 and 4548GT-2 with the default bridge priority
setting of 32768.

ERS8600-1: Step 1 Change RSTP priority to make this switch root

ERS8600-1:5(config)# spanning-tree rstp priority 4096

ERS8600-2: Step 1 Change RSTP priority to make this switch backup root
ERS8600-2:5# config rstp priority 8192
ERS8600-1: Step 2 Configure RSTP Edge Ports
ERS8600-1:5(config)# interface fastEthernet 1/5
ERS8600-1:5(config-if)# spanning-tree rstp edge-port true
ERS8600-1:5(config-if)# exit

ERS8600-2: Step 2 Configure RSTP Edge Ports

ERS8600-2:5# config ethernet 1/5 rstp edge-port true
ERS4550T-1: Step 2 Configure RSTP Edge Ports
4550T-1(config)# interface fastEthernet 5
4550T-1(config-if)# spanning-tree rstp edge-port true
4550T-1(config-if)# exit
ERS4528GT-2: Step 2 Configure RSTP Edge Ports
4548GT-2(config)# interface fastEthernet 5
4548GT-2(config-if)# spanning-tree rstp edge-port true
4548GT-2(config-if)# exit ERS8600-1:5# show spanning-tree rstp status
Show commands:

ERS8600-1:5# show spanning-tree rstp config

ERS8600-2:5# show rstp config
4550T-1# show spanning-tree rstp config
4548GT-2# show spanning-tree rstp config
4550T-1# show spanning-tree rstp status
4548GT-2# show spanning-tree rstp status
ERS8600-1:5# show spanning-tree rstp port role <PORT LIST>
ERS8600-2:5# show port info rstp role port <PORT LIST>
4550T-1# show spanning-tree rstp port role <PORT LIST>