13. STP port roles selection
For port roles selection is important which switch is selected as root bridge. That mean after root bridge selection process (in fact during this process) are port roles determined. (we will discus 802.1d STP, difference in 802.1w rapid STP will be explicit marked in document).
In stable converged L2 topology with STP support are there these types of ports:
- Root ports - exist on non- root bridges and are switch ports with best cost path to root bridge.
- Designated ports - exist on root and non-root bridges. For root bridge all ports are designated ports!!! (quick examination but there can be confusion if root-bridge role is distributed among VLANs or when there is default VLAN root bridge selected with other mechanism as other VLANs). Please keep in mind that on segment is allowed only one designated port!!!. Designate ports also as root ports are capable populate mac-address-table (CAM table of switch).
- Non-designated ports - switchport that is blocked (in 802.1W rapid STP is used term alternate ports in discarding state).
- Disabled port - is administratively down (has no function or does not participate in STP).
STA (spanning tree algorithm) determines which port role is assigned to each switchport:
- switch port with lowest overall path cost to root bridge is root port
- in network topology all switches except root bridge have a single root port
- if 2 ports have same port cost - switches uses customizable port priority value or lowest port ID if both port priority value are same (if cost is same - > lowest port ID - > if equal port ID break the tie, that mean Fa0/1 < Fa0/2 < Fa0/3 .... As example port fa0/0 default priority is 128.1 configurable_priority.portID). As configurable priority can be used number from 0 to 240 with increment 16, and lower priority is better/ preferred.
Example of port priority configuration:
S(decision-if)#spanning-tree port-priority 112 (0 - 240 increment 16)
How is port role lowest made?
- Switch with lowest bridge priority (if equal lowest MAC address) is selected as root bridge.
- Root bridge set all its port as designated (in stable topology are in forwarding state).
- Other, non-root bridge switches set one port with lowest cost to root-bridge as root ports.
- In shared segment are determined port roles way that set one port as designated per shared segment and all other set as non-designated (prevent L2 loops and broadcast storm arisen). Keep in mind that lowest priority is first, only if equal then port priority or portID is used for tie breaking!!!
When we repeat basic theory, now we can prepare our PKT simulation lab. Preconfigured scenario in Cisco Packet Tracer 5.2 or above can be obtained from here.
Scenario consist of 4 switches. Root bridge role is determined by spanning-tree vlan 1, 10, 50 priority 4096 command for switch A. For VLAN information consistency is used proprietary VTP protocol with VTP domain: CCNA and password: stpprotocol. For redundancy of server roles in VTP two switches A and B are configured as VTP servers. Inter VLAN communication establish router on a stick Inter-VLAN.
Staff PCs are on VLAN 10 and office web and DNS server is on VLAN 50 and use IP address 10.5.0.254/24.
Host Staff PCs obtain address automatically by DHCP that exclude first nine IP address from address pool.
As it was mentioned earlier root bridge can be noticed by two way from show spanning-tree command - explicit marking themselves as root bridge: "This bridge is root bridge". Second way how to examine root bridge from output of show spanning-tree command is by fact that all port of root bride are set as designated. Next picture show output from switch A
Now we will take closer look on port role selection in training environment
Process that lead to convergence in L2 topology is:
- Root bridge was elected because their lowest spaning-tree vlan 1, 10, 50 priority 4096
- Root bridge mark all its port as designated for all VLAN for which is root bridge (for simplicity our lab set root bridge role for all VLAN the same)
- Election of root ports on all non root bridge switches select root ports. Root ports has lowest cost to rood bridge and only one root port per switch is selected. For switch marked with nr. 2 (green) is lowest cost port Gi1/1 because port cost is 4 (Gi1/1 cost), Gi1/2 has cost (4+19 Fa of orange switch B). For orange switch with nr. 3 is as root port selected port Gi1/2 because its cost to root bridge is 8 ( 4 Gi + 4second gigabit link from green to red switch) that is lower than 19 and 19 (costs of fa0/1 and fa0/2 ports). Blue switch with nr. 4 has two equal path cost (blue arrow in picture). If port cost are equal then port priority configured by user or port ID (128.11 and 128.12 - only port ID are different if configurable port priority is default 128 as in our case). Lower portID 11 (port 11 - 128.11) determine role of root port. Now we know which ports are designated on root bridge (all) and which are root ports on all non- root bridge.
- Elect designated and non-designated ports per segment. Each segment can have only one designated port, other is non-designated (prevent L2 loop creation). Next picture mark shared segment where must be selected designated and non designated role. Keep in mind that path from root ports with lowest cost to rood bridge must be open. Now we must examine only segment that does not participate in forwarding data from root ports to root-bridge (are not best path to root bridge). Final step that lead to converged L2 topology is on next picture