ROOT BRIDGE INDENTIFICATION

Answered Question
Jun 16th, 2009

Hello,

I'm trying to track down the physical switch that is acting as the Root Bridge for VLAN 2. From the output below I have found that 0221.5a6b.XXXX is the root bridge for VLAN 2. But this is a Learned/propagated address. So far I have looked at 14 switches in our Network but none have MAC Address: 0221.5a6b.XXXX

Any Ideas?

Thanks,

Pat

From Switch: hostname SWITCHAAA

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/2 Root FWD 4 128.2 P2p

VLAN0002

Spanning tree enabled protocol ieee

Root ID Priority 32768

Address 0221.5a6b.XXXX

Cost 26

Port 1 (GigabitEthernet1/0/1)

Hello Time 2 sec Max Age 8 sec Forward Delay 5 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)

Address 000a.b880.bab2

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

******************************************************

From Switch: hostname SWITCHBBB

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Po1 Root FWD 3 128.616 P2p

Po2 Altn BLK 3 128.624 P2p

VLAN0002

Spanning tree enabled protocol ieee

Root ID Priority 32768

Address 0221.5a6b.XXXX

Cost 25

Port 624 (Port-channel2)

Hello Time 2 sec Max Age 8 sec Forward Delay 5 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)

Address 0017.59a7.bab1

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

******************************************************

From Switch: hostname SWITCHCCC

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Po1 Root FWD 3 128.616 P2p

Po2 Altn BLK 3 128.624 P2p

VLAN0002

Spanning tree enabled protocol ieee

Root ID Priority 32768

Address 0221.5a6b.XXXX

Cost 19

Port 167 (FastEthernet4/0/9)

Hello Time 2 sec Max Age 8 sec Forward Delay 5 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)

Address 0016.c8e4.babe

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

I have this problem too.
0 votes
Correct Answer by konigl about 7 years 5 months ago

As the other two posts are saying, when you run "show spanning-tree vlan 2" it tells you which interface faces toward the root bridge. You will see Root/Forwarding, Designated/Forwarding, or Alternate/Blocked as your choices.

Keep going from switch to switch, following the Root/Forwarding path until you reach a switch that has no Root/Forwarding interface, only Designated/Forwarding ones. That's your root bridge.

Any switch that is NOT the root bridge will have one and only one Root/Forwarding interface; 0 or more Designated/Forwarding interfaces; and 0 or more Alternate/Blocked interfaces.

The switch that IS the root bridge will not have a Root/Forwarding interface, because IT is the root. And it will also not have any Alternate/Blocked interfaces, because all active, direct connections to the root bridge have to be Forwarding, not Blocked. So if all the connections are Forwarding, and none can be Root, then all will be Designated/Forwarding. That is unique to the root bridge.

Of course, it's a lot easier to find if IOS just tells you "This is the root". But this approach is generic, and will help you find the root bridge no matter who manufactured the switch.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

You could follow the least cost path back to root.

Address 0221.5a6b.XXXX

Cost 19

Port 167 (FastEthernet4/0/9)

Start at any switch and follow the lowest cost port to the next switch upstream.

You could also try performing:

"show mac-address-table dynamic address xxxx.xxxx.xxxx" to see what port that mac is learned on. Keep doing that until you find your switch.

Correct Answer
konigl Tue, 06/16/2009 - 05:43

As the other two posts are saying, when you run "show spanning-tree vlan 2" it tells you which interface faces toward the root bridge. You will see Root/Forwarding, Designated/Forwarding, or Alternate/Blocked as your choices.

Keep going from switch to switch, following the Root/Forwarding path until you reach a switch that has no Root/Forwarding interface, only Designated/Forwarding ones. That's your root bridge.

Any switch that is NOT the root bridge will have one and only one Root/Forwarding interface; 0 or more Designated/Forwarding interfaces; and 0 or more Alternate/Blocked interfaces.

The switch that IS the root bridge will not have a Root/Forwarding interface, because IT is the root. And it will also not have any Alternate/Blocked interfaces, because all active, direct connections to the root bridge have to be Forwarding, not Blocked. So if all the connections are Forwarding, and none can be Root, then all will be Designated/Forwarding. That is unique to the root bridge.

Of course, it's a lot easier to find if IOS just tells you "This is the root". But this approach is generic, and will help you find the root bridge no matter who manufactured the switch.

konigl Tue, 06/16/2009 - 06:58

Some other things to look for:

The root bridge is not one of your Cisco stackable switches, which create their actual bridge priority by adding the VLAN number (2) to the default bridge priority (32768). The switch acting as a root bridge is using the default bridge priority (32768) as the root bridge priority, and is not modifying it by adding the VLAN number to it. Is your core network switch a Catalyst 6500 or a non-Cisco switch? Because I have seen the 4500, 4000, 3750, 3560, 3550, and 2950 series switches add the VLAN number to the bridge priority, but not the 6500.

Also, when you find the root bridge, check out the Spanning Tree timers that have been set on that switch and are being propagated by the root bridge throughout your network. MaxAge = 8 seconds and ForwardingDelay = 5 seconds with a HelloTime = 2 seconds are pretty aggressive settings. Maybe appropriate for a Network Diameter of 1 (!) but not 14 interconnected switches that you mentioned searching through while looking for your root bridge.

Check out the following reference for more details:

Understanding and Tuning Spanning Tree Protocol Timers

https://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094954.shtml

patrick.roche Wed, 06/17/2009 - 01:32

Hello Konigl,

Thanks a lot for this. I'm having a to go through a number of Show Techs. This is actually part of a bigger problem whereby the customer is undergoing intermittent HSRP failovers over their their WAN links that are managed by a 3rd party. During which time their apps fail. Our thinking is that the HSRP Hellos are getting lost somewhere. It doesn't help that I dont have direct access to their Network.

Regards,

Pat

milan.kulik Thu, 06/18/2009 - 04:21

Hi Pat,

a) STP bridge MAC addresses are never shown in the the mac-address table (it's created from user-data frame addresses only). See

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/spantree.html#wp1038868

for some details.

b) If HSRP Hellos are being lost somewhere in WAN, don't forget those are multicasts.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic5

might help you.

BR,

Milan

patrick.roche Thu, 06/25/2009 - 06:26

Hello,

Problem solved. Root bridge traced to an XP Workstation!!!. Made the Core swicthes the Root bridges of various VLANs. This fixed the HSRP Failover situation that was being experienced.

Actions

This Discussion