Editing Spanning Tree Protocol (section)

== Configuration ==
Before configuring STP, the network topology should be carefully planned.<ref name=CCNPCSG>{{Cite book|title= CCNP Complete Study Guide: Exams 642-801, 642-811, 642-821, 642-831|author =Wade Edwards, Terry Jack, Todd Lammle, Toby Skandier, Robert Padjen, Arthur Pfund & Carl Timm |publisher= John Wiley & Sons|year=2006 |isbn= 9780782150667}}</ref>{{Rp|pp=506,511}} Basic configuration requires that STP be enabled on all switches in the LAN and the same version of STP chosen on each. The administrator may determine which switch will be the root bridge and configure the switches appropriately. If the root bridge goes down, the protocol will automatically assign a new root bridge based on bridge ID. If all switches have the same bridge ID, such as the default ID, and the root bridge goes down, a tie situation arises and the protocol will assign one switch as root bridge based on the switch MAC addresses. Once the switches have been assigned a bridge ID and the protocol has chosen the root bridge switch, the best path to the root bridge is calculated based on port cost, path cost and port priority.{{r|CCNPCSG|p=506}} Ultimately STP calculates the path cost on the basis of the bandwidth of a link, however links between switches may have the same bandwidth. Administrators can influence the protocol's choice of the preferred path by configuring the port cost; the lower the port cost the more likely it is that the protocol will choose the connected link as root port for the preferred path.{{r|CCNPCSG|p=511}} The selection of how other switches in the topology choose their root port, or the least cost path to the root bridge, can be influenced by the port priority. The highest priority will mean the path will ultimately be less preferred. If all ports of a switch have the same priority, the port with the lowest number is chosen to forward frames.{{r|CCNPCSG|p=513}}

===Root bridge and the bridge ID===
[[Image:Spanning tree protocol at work 2.svg|thumb|right|250px|An example network. The numbered boxes represent bridges, that is switches in a LAN. The number is the bridge ID. The lettered clouds represent [[network segment]]s. The smallest bridge ID is 3. Therefore, bridge 3 is the root bridge.]]

The ''root bridge'' of the spanning tree is the bridge with the smallest (lowest) bridge ID. Each bridge has a configurable priority number and a MAC address; the bridge ID is the [[concatenation]] of the bridge priority and the MAC address. For example, the ID of a bridge with priority 32,768 and MAC {{MACaddr|0200.0000.1111}} is {{MACaddr|32768.0200.0000.1111}}. The bridge priority default is 32,768 and can be configured only in multiples of 4096.{{efn|Spanning tree incorporated 802.1t, and per 802.1t, uses the 4 most-significant bits of the 802.1d two-octet priority field as priority, and the least-significant 12 bits of that field as the extended system ID.}} When comparing two bridge IDs, the priority portions are compared first and the MAC addresses are compared only if the priorities are equal. The switch with the lowest priority of all the switches will be the root; if there is a tie, then the switch with the lowest priority and lowest MAC address will be the root. For example, if switches ''A'' (MAC = {{MACaddr|0200.0000.1111}}) and ''B'' (MAC = {{MACaddr|0200.0000.2222}}) both have a priority of 32,768 then switch ''A'' will be selected as the root bridge.{{efn|The original 802.1d envisioned the possibility of the root bridge having more than one port on the same [[network segment]], and in that case, the port with the lowest port ID would become the designated port for that network segment, and put into forwarding mode, while its other ports on that same network segment became non-designated ports put into blocking mode. Not all bridge manufacturers follow that rule, some making all ports designated ports and putting them all into forwarding mode.}} If the network administrators would like switch ''B'' to become the root bridge, they must set its priority to be less than 32,768.{{efn|Alternatively the network administrator can configure the switch as a spanning tree root primary or secondary. When configuring the root primary and root secondary the switch will automatically change the priority accordingly, 24,576 and 28,672 respectively with the default configuration.<ref>{{cite web |url=https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/l2/spanning-tree-vlan.html |title=spanning-tree vlan |publisher=[[Cisco Systems]] |access-date=2020-05-04}}</ref>}}

=== Path to the root bridge ===
The sequence of events to determine the best received BPDU (which is the best path to the root) is:

# Lowest root bridge ID (BID){{dash}}Determines the root bridge.
# Lowest cost to the root bridge{{dash}}Favors the upstream switch with the least cost to root
# Lowest sender bridge ID{{dash}}Serves as a tiebreaker if multiple upstream switches have equal cost to root
# Lowest sender port ID{{dash}}Serves as a tiebreaker if a switch has multiple (non-[[EtherChannel]]) links to a single upstream switch, where:
#*Bridge ID = priority (4 bits) + locally assigned system ID extension (12 bits) + ID [MAC address] (48 bits); the default bridge priority is 32,768, and
#*Port ID = priority (4 bits) + ID (Interface number) (12 bits); the default port priority is 128.

=== Tiebreakers ===
[[Image:Spanning tree protocol at work 4.svg|thumb|right|250px|Path tie: The least-cost path to the root from network segment ''e'' goes through bridge 92. Therefore, the designated port for network segment ''e'' is the port that connects bridge 92 to network segment ''e''.]]

;Root ports
:When multiple paths from a bridge are least-cost paths, the chosen path uses the neighbor bridge with the lower bridge ID. The root port is thus the one connecting to the bridge with the lowest bridge ID. For example, in the figures, if switch 4 were connected to [[network segment]] d instead of segment f, there would be two paths of length 2 to the root, one path going through bridge 24 and the other through bridge 92. Because there are two least-cost paths, the lower bridge ID (24) would be used as the tiebreaker in choosing which path to use.
;Paths
:When more than one bridge on a segment leads to a least-cost path to the root, the bridge with the lower bridge ID is used to forward messages to the root. The port attaching that bridge to the network segment is the ''designated port'' for the segment. In the figures, there are two least-cost paths from network segment d to the root, one going through bridge 24 and the other through bridge 92. The lower bridge ID is 24, so the tiebreaker dictates that the designated port is the port through which network segment d is connected to bridge 24. If bridge IDs were equal, then the bridge with the lowest MAC address would have the designated port. In either case, the loser sets the port as being blocked.
;Designated ports
:When the root bridge has more than one port on a single network segment, the bridge ID is effectively tied, as are all root path costs (all equal zero). The port on that network segment with the lowest port ID becomes the designated port. It is put into forwarding mode while all other ports on the root bridge on that same network segment become non-designated ports and are put into blocking mode.<ref>802.1d-1998 section 8.3.1: The designated port for each LAN is the bridge port for which the value of the root path cost is the lowest: if two or more ports have the same value of root path cost, then first the bridge identifier of their bridges, and their port identifiers are used as tie breakers.</ref> Not all bridge manufacturers follow this rule, instead making all root bridge ports designated ports, and putting them all in forwarding mode.{{citation needed|date=September 2020}}
;Final tiebreaker
:In some cases, there may still be a tie, as when the root bridge has multiple active ports on the same network segment (see above) with equally low root path costs and bridge IDs, or, in other cases, multiple bridges are connected by multiple cables and multiple ports. In each case, a single bridge may have multiple candidates for its root port. In these cases, candidates for the root port have already received BPDUs offering equally-low (i.e. the "best") root path costs and equally-low (i.e. the "best") bridge IDs, and the final tiebreaker goes to the port that received the lowest (i.e. the "best") port priority ID, or port ID.<ref>802.1d-1998 section 8.3.2 b) A Bridge that receives a Configuration BPDU on what it decides is its Root Port conveying better information (i.e. highest priority Root Identifier, lowest Root Path Cost, highest priority transmitting Bridge and Port), passes that information on to all the LANs for which it believes itself to be the Designated Bridge.</ref>