STP blocking port location in square topology

Answered Question
Feb 25th, 2008
User Badges:

Hi,


Can someone explain me in detail how the STP decides on the location of the blocking port in a square/circle of switches?


I have attached a real life example. Why is it blocking on the indicated port on that segment and not on the segment between the top left switches for example?


Many thanks,

Pascal Coyles

Correct Answer by lamav about 9 years 2 months ago

Pascal, you are not stupid...you are asking excellent questions.


Each switch has to make a decision regarding which port to block. It will block the port that is receiving inferior BPDUs.


A BPDU is superior than another if it has:


A lower Root Bridge ID.

A lower path cost to the Root.

A lower Sending Bridge ID.

A lower Sending Port ID.


Using that algorithm, each switch will want to block the port that receives the inferior BPDU. However, its the switch that converges first that will block one of its ports accordingly and break the loop.


Clearer?


Victor



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (5 ratings)
Loading.
lamav Mon, 02/25/2008 - 08:19
User Badges:
  • Blue, 1500 points or more

Pascal:


In a square looped topology -- meaning, L2 connection exist for each side of the square, one of the inter switch links will have to be blocked to prevent a loop.


Now, as BJ rightly pointed out, the bridge with th elowest bridge ID will be elected as the root bridge for that VLAN, assuming you are running the ubiquitous pvst+. You can also rig that election and force any switch to be the root bridge, if you wanted.


Now, once the root bridge for a particular vlan is (s)elected, the root bridge will designate all the ports that face the other switches as designated ports, which SEND BPDUs to the root ports of the other switches. Root ports RECEIVE BPDUs.


Did I answer your question?


Victor

lamav Mon, 02/25/2008 - 08:31
User Badges:
  • Blue, 1500 points or more

Pascal, now that I see the diagram, which you posted on the other thread, I can tell you that the port was chosen as the blocking port based on the cost advertised by the root bridge's BPDUs. If the port you are asking about (top-left) were to be blocked, the switch in the top-middle would have a cost of 12 to get to the root bridge, instead of only 8, as it is now.


Remember that BPDUs, which origniate at the root bridge, advertise cost to the root as they traverse the network and the cost is additive. The root bridge BPDU that is received on port 0/1 of the top-middle switch is inferior (has a higher cost to the root) as compared to the BPDU it receives on port 0/2. The port that receives that BPDU then becomes a candidate for blocking.


Lastly, remember that blocking does not mean blocking BPDUs, just traffic. BPDUs are still sent and received to maintain the topology and act as indicators of the network's health.


Did this clarify it for you?


If so, please rate this post.


Thank you



Victor

pascal.coyles Mon, 02/25/2008 - 09:01
User Badges:

Hi Victor,


The top middle switch and the top right switch have both a cummulative cost of 8 to the root (the highest of all switches). To decide on the port that is blocked on the segment between the top middle switch and the the right switch the MAC address is used. Because the top middle switch has a lower MAC address his port isn't blocked. Isn't it like that?


Pascal


lamav Mon, 02/25/2008 - 09:45
User Badges:
  • Blue, 1500 points or more

"The top middle switch and the top right switch have both a cummulative cost of 8 to the root (the highest of all switches)."


No, they dont. The top right switch has a cost of 8, the middle switch would have a cost of 12 (8 plus the cost of the link between itself and the top-right switch) were it to take the blocked path to the root at the bottom left.


Victor

pascal.coyles Mon, 02/25/2008 - 10:27
User Badges:

Okay, I must be really stupid. But I still don't undertsand why the blocking is on the to right switch.


So far I understand this:

I understand that all ports pointing to the root and having the lowest cummulative path cost are Root Ports and thus forwarding.


BPDUs are sent from the root bridge only. Then the other switches relay those BPDUs but add their Root Port path cost.


How does the top left switch now he doesn't need to block his non-root port?


And how does the top right switch now that he has to block his non-root port?


Pascal


By the way, how do I delete a post?


Correct Answer
lamav Mon, 02/25/2008 - 11:12
User Badges:
  • Blue, 1500 points or more

Pascal, you are not stupid...you are asking excellent questions.


Each switch has to make a decision regarding which port to block. It will block the port that is receiving inferior BPDUs.


A BPDU is superior than another if it has:


A lower Root Bridge ID.

A lower path cost to the Root.

A lower Sending Bridge ID.

A lower Sending Port ID.


Using that algorithm, each switch will want to block the port that receives the inferior BPDU. However, its the switch that converges first that will block one of its ports accordingly and break the loop.


Clearer?


Victor



pascal.coyles Mon, 02/25/2008 - 11:23
User Badges:

Hi,


If it is really like:


"its the switch that converges first that will block one of its ports accordingly and break the loop"


then my question is answered :)


Thanks!

Pascal

Jon Marshall Mon, 02/25/2008 - 11:23
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Pascal


For a port to become a designated port the switch must send a hello with the lowest advertised cost onto the segment. So


"How does the top left switch know he doesn't need to block his non-root port?"


Top left switch receives a hello from root bridge with cost 0, adds 4 because that is the cost of the interface the hello was received on and then sends this out onto the segment connecting it to top middle switch.


Top middle switch receives a hello from top right with a cost of 8, adds 4 for the outgoing port cost and sends this out onto the segment connecting it to the top left switch. Clearly top left switch has lower cost so it's port becomes the DP for that segment. So that is why top left switch does not block.


"And how does the top right switch now that he has to block his non-root port?"


Remember top left switch has sent a hello with cost of 4 onto segment connecting top left to top middle.


Top middle now sends out a hello onto segment connecting it to top right with a cost of 8 ie. cost of 4 received from top left + cost of 4 for interface on which it was received.


So top right receives a hello with cost of 8 from top middle. It also has a hello with the same cost 8 received from the other way ie.


hello from backup root with cost of 4. Add to that the cost of the incoming interface on top right 4 and that = 8 also.


So both hello's on the segment connecting top middle to top right are 8. With a tie the next decider is the lower bridge id which in this case is top middle so top middle's ports is the DP and top right blocks it's port.


One last thing. In future might be a good idea to name your switches, there was an awful lot of top left, top middle, top right going on :)


Hope that makes sense


Jon



lamav Mon, 02/25/2008 - 11:47
User Badges:
  • Blue, 1500 points or more

Jon:


Now Im confused. :-)


"So top right receives a hello with cost of 8 from top middle. It also has a hello with the same cost 8 received from the other way ie."


The top right switch will receive a BPDU with a cost of 8 from the middle, but it would also add the cost of its own port (the link between it and the middle) and that would equal 12, not 8.


What I am saying is, how could the top right switch have the same cost to the root in both directions when the traffic has to take 3 hops to the root in one direction and only 2 hops in the other direction. Each hop has a cost of 4.


The top middle switch advertises a cost of 8 to the top right, but the backup root advertises a cost of only 4 to the root. Adding the cost of the top rights interfaces for either direction, one path yields a cost of 12 (facing the middle) and the other yields 8 (facing the backup).


What am I missing?


Victor

lamav Mon, 02/25/2008 - 12:10
User Badges:
  • Blue, 1500 points or more

Jon:


One other thing regarding the top left switch....


You wrote "Top middle switch receives a hello from top right with a cost of 8, adds 4 for the outgoing port cost and sends this out onto the segment connecting it to the top left switch. Clearly top left switch has lower cost so it's port becomes the DP for that segment. So that is why top left switch does not block."


Couldnt the top right switch have drawn the same conclusion and considered itself the designated port for the segment, and therefore not blocked its port either? I am asking that because it, too, has a lower cost to the root than what is advertised by the top middle switch, so it, too, could behave the same way the top left did...no?


Victor

Jon Marshall Mon, 02/25/2008 - 12:27
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Victor


Again, i think this is to do with cost to root as opposed to cost advertised onto sgement ie. before the receiving switch has added the cost of the port on which the hello was received.


Also with we may be talking at cross purposes about segments.


The connection between top left and top middle is one segment (S1). The connection between top middle and top right is another segment (S2). So top middle sends a hello with cost of 12 onto S1. Top left sends a hello onto S1 with cost of 4.


Top middle sends hello onto S2 with cost of 8, hello from top left with cost of 4 + 4 for the interface it received it on.


Top right sends hello onto S2 also with cost of 8, hello from Backup root of 4 + 4 for the interface it was received on.


Jon

Jon Marshall Mon, 02/25/2008 - 12:28
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

And now i'm going to have a quick reread of STP DP election just to be sure :-)



Jon Marshall Mon, 02/25/2008 - 12:12
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Victor


Congrats on the star, nice to have you in this forum, and about time after all your questions :-)


You are spot on about the cost to root but with a designated port it is about the hello with the lowest advertised cost onto the segment ie.


top middle advertise hello with cost of 8 onto segment connecting top middle to top right. Top right advertises cost of 8 onto same segment. And that's it. There are 2 hellos on that segment both with a cost of 8. It is not about the hops to root, it is about the cost of the hellos on that particular segment and in this case they are both 8 ie.


Root to top left = hello cost 0

Top left receives hello on interface with cost 4.

Top left to top middle = hello cost 4

Top middle receives hello from top left with cost of 4 on interface with cost 4.

Top middle advertises hello onto segment between top middle and top right with cost of 8.


Root to backup root - hello cost 0

Backup root receives hello on interface with cost 4.

Backup root to top right = hello cost 4.

Top right receives hello from Backup root with cost of 4 on interface with cost of 4.

Top right advertises hello onto segment connecting top right with top middle with cost of 8.


Of course i might have made a really big mistake but that is the way i understand it.


Jon


PS - just seen your other post i'll have a look.


lamav Mon, 02/25/2008 - 12:49
User Badges:
  • Blue, 1500 points or more

Jon:


I think I understand where I was going wrong. Its a bit tedious to explain it on here, but, in short, I was forgetting that each switch can see the Hellos and BPDUs from ALL the other switches, not just its neighbor....


Of course, this is fundamental, but I brain farted in the process of formulating answers for Pascal.


So, yes, I see it now...


Since all switches can see everyone's Hellos, they will all be able to know that the top-left switch has the lowest cost to the root. He will be the one advertising a cost of 4 to the root, which no one else can beat. Therefore, Mr. top-left knows that he has to keep his port unblocked as the DP for the segment, since traffic must go through him to get to the root.


Did I get it right?



Jon Marshall Mon, 02/25/2008 - 13:00
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Victor


Still reading :)


"Since all switches can see everyone's Hellos, they will all be able to know that the top-left switch has the lowest cost to the root"


Not as far as i can see. Top right does not see top left hello as is because top middle adds it's cost before top right sees it.


As i say you are spot on with the root port election. I think the key point is this - quote from CCIE R&S Exam cert guide


"To win the right to be the DP, a switch must send the Hello with the lowest advertised cost onto the segment"


And the way i read that is that switch that receives that Hello does not add the cost of the interface it was received on before it evaluates it in the DP election unlike with the RP election.


As i say need to double check.


Pascal - apologies for confusing the issue :)


Jon

Francois Tallet Mon, 02/25/2008 - 13:18
User Badges:
  • Gold, 750 points or more

I'm amazed by the activity on this topic;-)

Yes you are right, the cost is only added for root port election. And the R&S Exam certification guide is not really exact in saying that the "lowest advertised cost" determines who is designated on a segment. As you and Victor mentioned earlier, the whole "information" conveyed in the BPDU is considered, not only the cost. In this regard, you can consider a BPDU as a long integer formed by the concatenation of Root ID, Cost, Sender BID, Sender PortID. The bridge sending the best integer on a segment is designated (no need to differentiate between the fields!).

In fact, there is a fifth tie breaker for the designated port election: the receiver port ID. Supposed that two ports of the same switch are connected to the same shared segment as the root bridge. They both receive the exact same BPDU! Their (receiver) port ID will be used to determine who is designated and who is alternate.

Regards,

Francois


Jon Marshall Mon, 02/25/2008 - 13:23
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Francois


About time you showed up :-)


Could you just clarify something then. Are you saying that when all the books talk about the tie breakers ie. bridge ID, port priority etc. that these are not actually considered in isolation but rather they are considered as a whole in the decision making process ?


Thanks


Jon

Francois Tallet Mon, 02/25/2008 - 14:17
User Badges:
  • Gold, 750 points or more

Well, they are not always considered as a whole because for the root election, we clearly identify the cost and add something to it.

But when it's a matter of determining between designated/alternate or backup ports, it's exactly as if they were considered as a whole. Practically, in every implementation, we are going to look first at the root ID and then only use the cost and so on. This is for optimization purpose: what's the point of wasting CPU cycle comparing everything down to the port ID when we already know that a BPDU is better than another based on the root ID?

But the main point I wanted to make about the book is that the cost is not what determines the role on a given segment, it's the whole content of the BPDU. What this thread is all about is an example why the cost is not enough.

Regards,

Francois

lamav Mon, 02/25/2008 - 15:02
User Badges:
  • Blue, 1500 points or more

Wow...poor Pascal, hes probably cursing the moment he posted his message LOL


On that note, I'll conclude my invoolvement in this most exhausting activity by helping myself to the arsenic in my medicine cabinet's top-left shelf...or is it top-right? LOL


Victor

Francois Tallet Mon, 02/25/2008 - 15:15
User Badges:
  • Gold, 750 points or more

Finding out whether the arsenic is in the top-left or top-right part of the shelf is just a matter of checking the first letter on the label of the concerned products. Of course, if both first letters are "A", you'll have to use the second letter as a tie breaker and so on;-)


pascal.coyles Tue, 02/26/2008 - 00:53
User Badges:

LOL


I hope everybody got a good night sleep :)


As I understand it so far (and I keep the top, middle and left naming to not get confused even more):


1. All ports on the Root Bridge must be in forwarding state.

2. Ports with lowest Root Path Cost must be in Forwarding state.


This leaves us with the following ports candidate for Blocking status:


top left port 0/2

top middle port 0/1

top right port 0/2

backup root port 3/3


3. Now on every segment a switch can place additional ports in forward status based on BPDUs sent by the 2 switches onto the segment


A lower Root Bridge ID --> obviously is irrelevant now (x in short)

A lower path cost to the Root

A lower sending Bridge ID

A lower Sending Port ID


Segment between top left and top middle:

Top middle has a higher path cost to the root, hence the top left can place his blocking port to forwarding


Segment between top middle and top right:

Both ports in this segment are blocking. Both switches have a path cost of 8, so the tie breaker is now the sending bridge ID. Top middle has the lowest bridge ID so can put port 0/1 on this segment in forwarding.


Segment between top right and backup root:

Backup root has the lowest path cost to the root, thus can put interface 3/3 in forwarding.


At least that works with the example I have sent ...


Anyway, thank you all for your input!


Best regards,

Pascal



Jon Marshall Tue, 02/26/2008 - 01:15
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Pascal


Yes, slept well and off we go again :)


The key is as discussed that the DP (Designated Port) is elected before the switch that receives the Hello adds the cost of the interface on which it received the hello. Note i use the term cost loosely, see Francios's post for more detail.


This differs from the RP (Root port) election in that the cost of the receiving interface is added on before the calculation is made.


And you have summed up correctly how each switch works out which ports to block and which to forward on.


I'm still learing about STP all the time and just when i think i know something Francois corrects me :)


Jon

lamav Tue, 02/26/2008 - 08:15
User Badges:
  • Blue, 1500 points or more

Jon:


Yer gonna kill me....but just whaen I think I have tied all loose ends, another pops up. :-)


Here goes...


I am in total agreement with you on how the DP is elected. No biggie.


For example..


Top left switch has a cost of 4 to root

Top middle switch advertises a higher cost

So, top left wins the DP election on that segment and so the top left port remains forwarding.


But here is my question: If the top middle's port lost the DP election to the top left, why didnt it block its port? In the top right and top middle DP election, the top right lost the DP election, and consequently, blocked its port that lost. The top middle did not block its port, though, when it lost to the top left switch. Why?


Isnt it a rule of thumb that if a port is not a root or a DP, it should be blocking?


Victor

lamav Tue, 02/26/2008 - 08:34
User Badges:
  • Blue, 1500 points or more

Ok, wait a minute. I think I just answered my own question...the top middle switch did not block its port after it lost the DP election with the top left because the top middle port was already designated as the ROOT port. As a root port, it is not eligble for blocking.


First, there was the root bridge election, then each switch discovers its root port by examining cost to the elected bridge, and then the DP election takes place.


So, when the election for DP took place, the top middle switch port was never eligible for blocking.


Agree?


Victor

pascal.coyles Tue, 02/26/2008 - 09:39
User Badges:

Hi,


I haven't found confirmation in any books. But yes, that's how I see it also. So I agree!


Case closed!


Unless somebody has another idea of course :)


Best regards,

Pascal

Jon Marshall Tue, 02/26/2008 - 09:41
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Victor


Totally agree. RP first then DP.


Jon

lamav Tue, 02/26/2008 - 10:32
User Badges:
  • Blue, 1500 points or more

Case closed.

Actions

This Discussion