Per-VLAN Spanning Tree and STP over Trunks
If only one instance of STP was used for a switched network with redundant links but with
multiple VLANs, several ports would be in a blocking state, unused under stable conditions. The
redundant links would essentially be used for backup purposes.
The Cisco Per VLAN Spanning Tree Plus (PVST+) feature creates an STP instance for each
VLAN. By tuning STP configuration per VLAN, each STP instance can use a different root
switch and have different interfaces block. As a result, the traffic load can be balanced across the
available links. For instance, in the common building design with distribution and access links in
Figure 3-4, focus on the left side of the figure. In this case, the access layer switches block on
different ports on VLANs 1 and 2, with different root switches.
Figure 3-4 Operation of PVST+ for Better Load Balancing
With different root switches and with default port costs, the access layer switches end up sending
VLAN1 traffic over one uplink and VLAN2 traffic over another uplink.
Root
VLAN1
ISL
.1Q .1Q
FWD
VLAN1
FWD
VLAN2
Root
VLAN2
FWD
VLAN2
FWD
VLAN1
802.1d Spanning Tree Protocol 69
Using 802.1Q with STP requires some extra thought as to how it works. 802.1Q does not support
PVST+ natively; however, Cisco switches do support PVST+ over 802.1Q trunks. So, with all
Cisco switches, and PVST+ (which is enabled by default), PVST+ works fine.
When using 802.1Q with non-Cisco switches, the switches must follow the IEEE standard
completely, so the trunks support only a Common Spanning Tree (CST). With standard 802.1Q,
only one instance of STP runs only over the native VLAN, and that one STP topology is used
for all VLANs. Although using only one STP instance reduces the STP messaging overhead, it
does not allow load balancing by using multiple STP instances, as was shown with PVST+ in
Figure 3-4.
When building networks using a mix of Cisco and non-Cisco switches, along with 802.1Q
trunking, you can still take advantage of multiple STP instances in the Cisco portion of the
network. Figure 3-5 shows two general options in which two CST regions of non-Cisco switches
connect to two regions of Cisco PVST+ supporting switches.
Figure 3-5 Combining Standard IEEE 802.1Q and CST with PVST+
The left side of Figure 3-5 shows an example in which the CST region is not used for transit
between multiple PVST+ regions. In this case, none of the PVST+ per-VLAN STP information
needs to pass over the CST region. The PVST+ region maps the single CST instance to each of
the PVST+ STP instances.
3550 ISL
Non-native VLAN STP
BPDUs trunked, sent to
0100.0CCC.CCCD
PVST+ Region
.1Q .1Q
.1Q
.1Q
.1Q
STP Only Over
Native VLAN
CST Region 1
CST Region 2
.1Q
2950
3550
Non-Cisco Non-Cisco
Non-Cisco
Non-Cisco
Non-Cisco
2950
3550 ISL
PVST+ Region
.1Q .1Q
.1Q .1Q
2950
3550
2950
Non-Cisco
70 Chapter 3: Spanning Tree Protocol
The rest of Figure 3-5 shows two PVST+ regions, separated by a single CST region (CST
Region 2). In this case, the PVST+ per-VLAN STP information needs to pass through the CST
region. To do so, PVST+ treats the CST region as a single link and tunnels the PVST+ BPDUs
across the CST region. The tunnel is created by sending the BPDUs using a multicast destination
MAC of 0100.0CCC.CCCD, with the BPDUs being VLAN tagged with the correct VLAN ID. As
a result, the non-Cisco switches forward the BPDUs as a multicast, and do not interpret the frames
as BPDUs. When a forwarded BPDU reaches the first Cisco PVST+ switch in the other PVST+
region, the switch, listening for multicasts to 0100.0CCC.CCCD, reads and interprets the BPDU.
STP Configuration and Analysis
Example 3-1, based on Figure 3-6, shows some of the basic STP configuration and show commands.
Take care to note that many of the upcoming commands allow the parameters to be set for all
VLANs by omitting the VLAN parameter, or set per VLAN by including a VLAN parameter.
Example 3-1 begins with SW1 coincidentally becoming the root switch. After that, SW2 is configured
to become root, and SW3 changes its Root Port as a result of a configured port cost in VLAN 1.
Figure 3-6 Network Used with Example 3-1
NOTE 802.1Q, along with 802.1s Multiple-instance Spanning Tree (MST), allows 802.1Q
trunks for support multiple STP instances. MST is covered later in this chapter.
Example 3-1 STP Basic Configuration and show Commands
! First, note the Root ID column lists the root’s bridge ID as two parts,
! first the priority, followed by the MAC address of the root. The root cost of
! 0 implies that SW1 (where the command is executed) is the root.
SW1#sh spanning-tree root
Root Hello Max Fwd
Vlan Root ID Cost Time Age Dly Root Port
---------------- -------------------- --------- ----- --- --- ------------
VLAN0001 32769 000a.b7dc.b780 0 2 20 15
VLAN0011 32779 000a.b7dc.b780 0 2 20 15
VLAN0012 32780 000a.b7dc.b780 0 2 20 15
VLAN0021 32789 000a.b7dc.b780 0 2 20 15
VLAN0022 32790 000a.b7dc.b780 0 2 20 15
SW1
Fa0/4 Fa0/3
Fa0/4
Fa0/2
Fa0/3
Fa0/2 Fa0/1
Fa0/1
Fa0/2
Fa0/4
Fa0/1
Fa0/3
SW3
SW2
SW4
Core Design
802.1d Spanning Tree Protocol 71
! The next command confirms that SW1 believes that it is the root of VLAN 1.
SW1#sh spanning-tree vlan 1 root detail
Root ID Priority 32769
Address 000a.b7dc.b780
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
! Next, SW2 is configured with a lower (better) priority than SW1,
! so it becomes the root. Note that because SW2 is defaulting to use
! the system ID extension, the actual priority must be configured as a
! multiple of 4096.
SW2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#spanning-tree vlan 1 priority ?
<0-61440> bridge priority in increments of 4096
SW2(config)#spanning-tree vlan 1 priority 28672
SW2(config)#^Z
SW2#sh spanning-tree vlan 1 root detail
VLAN0001
Root ID Priority 28673
Address 0011.92b0.f500
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
! The System ID Extension field of the bridge ID is implied next. The output
! does not separate the 4-bit Priority field from the System ID field. The output
! actually shows the first 2 bytes of the bridge ID, in decimal. For VLAN1,
! the priority is 28,763, which is the configured 28,672 plus the VLAN ID,
! because the VLAN ID value is used in the System ID field in order to implement
! the MAC address reduction feature. The other VLANs have a base priority
! of 32768, plus the VLAN ID - for example, VLAN11 has priority 32779,
! (priority 32,768 plus VLAN 11), VLAN12 has 32780, and so on.
SW2#sh spanning-tree root priority
VLAN0001 28673
VLAN0011 32779
VLAN0012 32780
VLAN0021 32789
VLAN0022 32790
! Below, SW3 shows a Root Port of Fa 0/2, with cost 19. SW3 gets Hellos
! directly from the root (SW2) with cost 0, and adds its default cost (19).
! This next command also details the breakdown of the priority and system ID.
SW3#sh spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 28673
Address 0011.92b0.f500
Cost 19
continues
Example 3-1 STP Basic Configuration and show Commands (Continued)
72 Chapter 3: Spanning Tree Protocol
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000e.837b.3100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Altn BLK 19 128.1 P2p
Fa0/2 Root FWD 19 128.2 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/13 Desg FWD 100 128.13 Shr
! Above, the port state of BLK and FWD for each port is shown, as well as the
! Root port and the Designated Ports.
! Below, Switch3’s VLAN 1 port cost is changed on its Root Port (fa0/2),
! causing SW3 to reconverge, and pick a new RP.
SW3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#int fa 0/2
SW3(config-if)#spanning-tree vlan 1 cost 100
SW3(config-if)#^Z
! The next command was done immediately after changing the port cost on
! SW3. Note the state listed as “LIS,” meaning listen. STP has already
! chosen fa 0/1 as the new RP, but it must now transition through listening
! and learning states.
SW3#sh spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 28673
Address 0011.92b0.f500
Cost 38
Port 1 (FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000e.837b.3100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Root LIS 19 128.1 P2p
Fa0/2 Altn BLK 100 128.2 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/13 Desg FWD 100 128.13 Shr
Example 3-1 STP Basic Configuration and show Commands (Continued)
The preceding example shows one way to configure the priority to a lower value to become
the root. Optionally, the spanning-tree vlan vlan-id root {primary | secondary} [diameter
diameter] command could be used. This command causes the switch to set the priority lower. The
optional diameter parameter causes this command to lower the Hello, Forward Delay, and
Maxage timers. (This command does not get placed into the configuration, but rather it acts as a
macro, being expanded into the commands to set priority and the timers.)
NOTE When using the primary option, the spanning-tree vlan command sets the priority
to 24,576 if the current root has a priority larger than 24,576. If the current root’s priority is
24,576 or less, this command sets this switch’s priority to 4096 less than the current root. With
the secondary keyword, this switch’s priority is set to 28,672. Also note that this logic applies
to when the configuration command is executed; it does not dynamically change the priority if
another switch later advertises a better priority.