Root Bridge Election Results
What command can I use right now assuming both of these are Cisco switches to see what ports are connected which ports? Answer: show cdp neighbor
What else should I run here if I’m checking connectivity between these two switches over this crossover cable? Answer: That’s called a trunk. So we really should run show interface trunk as well.
And just for fun I’m running a couple of different modes. I’m running desirable on one of them and auto on the other.
Both of the connections are to SW2, (if you see the same ID here more than once, you can have more than one physical connection to a device and usually with our switches we like that)
The first connection is local interface 13 to remote interface 11, and then our local interface fast eithernet0/14 is connected to the remote switches 0/12 interface.
Now we want to start seeing what’s going on with this bridge election or in this case what has happened with the bridge election, and we’re going to do that was show spanning tree which is a legal command itself.
I’m just getting VLAN1 . But if I had lots of other non-default VLANs, it would be showing me all of those as well.
So you want to filter it a little bit. And this is the command you should get used to(show spanning tree vlan or just show spanning vlan) and then you have to put in a range, because you might have 50 VLANs and you don’t want to use shows spanning tree to see all 50 of them… that would be crazy.
So let me do that thing and there is one huge hit directly in front of us that this bridge is the root. Can you spot it?
Why we see two fields of information that are just about the same? Because right under spanning tree enabled protocol ieee, we see a field with priority and address and a bunch of timers listed, and we’re seeing them twice!
The thing is the information here at the top of the output, is about the root bridge(the priority of the route, the MAC address, and the timers that have been set on the root)
The next bunch of information here is the bridge ID. This is the information on the local switch. (you see a priority, a MAC address, and some timers)
Now notice here there are some similarities. That means that we are indeed on the root.
How many more ways do we have to figure this out? I would know three other ways to do those and if you’re looking at a bridge, or a switch that is the root, if you see the same MAC address under route ID and under bridge ID, you’re on the root switch.
Now here are the interfaces that are part of VLAN1 ( interfaces 13 and 14 ).
We see something under roll (Desg)… that stands for designated. Your root bridge will not have any root ports, because what we’re going to see when we look at our non-root is you’re going to see some ports here (or at least a port) that says root under role. But the root switch itself does not have root ports.
It does sound odd, but the thing is on a non-root, the root port is the one that’s being used to reach the root. Well the root bridge itself doesn’t need a root port. It doesn’t need to reach itself. It is itself. Get used to it and you won’t give it a second thought.
Again on the root you will not see any root ports.
Now also one more way:
All of these ports are in forwarding mode ( or both of them in this case )
Now going back to the diagram
And it might surprise you to find out so far that STP even though it’s trying to prevent switching loops, It has not put any ports on SW1 into blocking mode (all of them would be in forwarding mode).
So when we get to SW2 (which must be the non-root) then we better see something in blocking mode.
You really should know all four of these ways to do it.
What’s going on over on the non-root?
Root Bridge Election Results ( Non-Root Bridge)
Let’s head over to SW2 and run show spanning vlan21 first (and you might say hey there was no VLAN 21 ! That’s absolutely correct!
I wanted to show you the message we get when you run this, and it doesn’t mean anything horrible. It probably just means you mistyped a number. About this “spanning tree instance” message , we are running per VLAN spanning trees and each VLAN will have its own instance of spanning tree running and since there is no VLAN21 than the spanning tree instance for VLAN 21 cannot be created! it does not exist because the VLAN21 does not exist.
With that in mind let’s type the number “1” correctly this time and see what we get.
We get kind of the same fields, but there are some different information in there in different places. We also see some different values. so let’s take it from the top and also talk about the four ways you can tell that you are not on the root.
The first one: we don’t see the phrase ‘This bridge is the root’ (and there is no such thing as the phrase ‘This bridge is not the root’!!) The switch is going to make us figure that out.
But if you don’t see ‘this bridge is the root’, then you’re not on the root. That’s the easy one.
Let’s look at the information under root ID in this particular instance of ‘show spanning vlan 1’… We see a priority of 32769, then we see a MAC address, a cost, a port, and then some timers.
About the priority, the default is 32768 and the VLAN ID is going to be added to that. So you will see this change as we create some other VLANs… But all of this is 32 768 plus one. That’s it.
So what about this address? Here’s a MAC address under root ID and here’s a different one under bridge ID, which means we are not on the root.
Again this information next to root ID, all has to do with values on the root bridge, and we know we’re not on it, because the MAC address of the root bridge is 0017.9466.f780 and the MAC address of the local switch(That’s what we find under bridge ID) is 001c.0fbf.2f00… So we’re good to go there… we know again that we are not on the root.
(Before we get to the other two, notice we have a cost value here that we didn’t have over on SW 1… Remember that… We’re going to get to the port cost soon. We’ll see them in action live)
Now we need to talk about the two other ways we know, that we’re not on the root.
And the thing is our non routes will have root ports…
and you can see that out of the two ports that are in VLAN1 right now, (the only ports on the switch that are actually open) you can see that 0/11 is the root port, and 12 is Altn (for alternate)… So when you see a root port, you know you’re not on the root switch.
(We are going to talk about how that root port got chosen as well.)
Finally the fourth way that you can tell that you’re not on the root, is finally we have a port in blocking mode… The root port is always going to be in forwarding mode and our alternate ports are going to be in blocking mode.
So the interesting thing here is that out of the four involved ports, only one of them has been put into blocking mode…
( The first time I ever looked at STP and heard what it did and the whole thing, I thought that two of the ports here would be in blocking mode and actually it’s just one)
Both of the ports again on SW1 are in forwarding mode and only one of them on SW2 is in blocking mode.
STP Timer Changes
Here we are back on SW2 (our non-root of our two switches) and we’re going to look at these timers. (Hello time, Max age and Forward delay)
we see the values here and they have to be the defaults because we haven’t changed them.
Hello Time defines how often the root bridge originates Hello BPDUs (or configuration BPDUs). Default setting: 2 seconds.
(Note that it’s the root bridge that originates the BPT you and the non-roots are going to forward it. They’re going to receive it, accept it, look at it, and forward it)
Forward Delay is the length of the listening and learning port stages, (It’s built in to help avoid switching loops, with a default of 15 seconds for each individual stage.
Maximum Age (Max Age) is how long a switch will retain the superior BPDU’s contents before discarding it. Default setting: 20 seconds
Two important notes on changing STP timers:
These values are highly efficient, allowing STP to perform its job with minimal delay while preventing switching loop formation during port transitions. Don’t change them unless you have a really good reason for doing so.
For the change to take effect, the timers must be changed on the root. You can change them on a non-root, but those changes really won’t have any effect (unless the switch you’re on, becomes the root).
I also want to show you what the options are
I wouldn’t worry about memorizing them but there’s one very important point. we’ll start with forward delay.
Why it’s a minimum of four? you cannot set it for less than four seconds. That’s built in so you can’t just say “OK just disable those states”… A lot of times with Cisco commands if you set a value to zero, what you are doing really is disabling whatever it is you’re working with, but you can’t disable forward time… you can just move it down to four seconds.
Here We’ll go ahead with 22 seconds there… and we’ll go with Hello-time
and notice the value here is 1 through 10… number of seconds between generation of config BPDUs use which again is the official name for them. We call them Hello-BPDUs as well because they’re kind of serving as a keep alive… Here we’ll go with 3
For max age, notice this one is 6 to 40. The maximum number of seconds the information in a BPDU is valid.
The most important thing to note is she can’t set these to zero… You can’t disable them. So we’ll just go ahead and set that to 17… and I run ‘ show spanning vlan 1’
We see some changes but not maybe as many as we expect.
Nothing changed as far as the root port or forwarding or blocking or… But notice that the Hallo-time and the max age and the forward delay changed under Bridge ID, but not under Root ID… And that’s actually where you have to change them for them to be taking effect. you have to go over to the root and do it, and the switch will let you change them but they’re not going to take effect throughout the network. You have to go over to the root and do that.
so you’ll see here since we’re on the root, the root values and the bridge ID values both changed, and that makes perfect sense because the root is the local device. You’re going to see the same Hello, Max age, and forward delay times again.
(They’ll show up in CCNA exam)