06-16-2009 04:45 AM - edited 03-06-2019 06:17 AM
Hello,
I'm trying to track down the physical switch that is acting as the Root Bridge for VLAN 2. From the output below I have found that 0221.5a6b.XXXX is the root bridge for VLAN 2. But this is a Learned/propagated address. So far I have looked at 14 switches in our Network but none have MAC Address: 0221.5a6b.XXXX
Any Ideas?
Thanks,
Pat
From Switch: hostname SWITCHAAA
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/2 Root FWD 4 128.2 P2p
VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address 0221.5a6b.XXXX
Cost 26
Port 1 (GigabitEthernet1/0/1)
Hello Time 2 sec Max Age 8 sec Forward Delay 5 sec
Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 000a.b880.bab2
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
******************************************************
From Switch: hostname SWITCHBBB
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Root FWD 3 128.616 P2p
Po2 Altn BLK 3 128.624 P2p
VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address 0221.5a6b.XXXX
Cost 25
Port 624 (Port-channel2)
Hello Time 2 sec Max Age 8 sec Forward Delay 5 sec
Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0017.59a7.bab1
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
******************************************************
From Switch: hostname SWITCHCCC
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Root FWD 3 128.616 P2p
Po2 Altn BLK 3 128.624 P2p
VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address 0221.5a6b.XXXX
Cost 19
Port 167 (FastEthernet4/0/9)
Hello Time 2 sec Max Age 8 sec Forward Delay 5 sec
Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0016.c8e4.babe
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
Solved! Go to Solution.
06-16-2009 05:43 AM
As the other two posts are saying, when you run "show spanning-tree vlan 2" it tells you which interface faces toward the root bridge. You will see Root/Forwarding, Designated/Forwarding, or Alternate/Blocked as your choices.
Keep going from switch to switch, following the Root/Forwarding path until you reach a switch that has no Root/Forwarding interface, only Designated/Forwarding ones. That's your root bridge.
Any switch that is NOT the root bridge will have one and only one Root/Forwarding interface; 0 or more Designated/Forwarding interfaces; and 0 or more Alternate/Blocked interfaces.
The switch that IS the root bridge will not have a Root/Forwarding interface, because IT is the root. And it will also not have any Alternate/Blocked interfaces, because all active, direct connections to the root bridge have to be Forwarding, not Blocked. So if all the connections are Forwarding, and none can be Root, then all will be Designated/Forwarding. That is unique to the root bridge.
Of course, it's a lot easier to find if IOS just tells you "This is the root". But this approach is generic, and will help you find the root bridge no matter who manufactured the switch.
06-16-2009 04:52 AM
You could follow the least cost path back to root.
Address 0221.5a6b.XXXX
Cost 19
Port 167 (FastEthernet4/0/9)
Start at any switch and follow the lowest cost port to the next switch upstream.
You could also try performing:
"show mac-address-table dynamic address xxxx.xxxx.xxxx" to see what port that mac is learned on. Keep doing that until you find your switch.
06-16-2009 05:01 AM
Hi,
if you enter "show spanning-tree" you should see a statement similar to "This bridge is the root". This means that you have found the root bridge for that VLAN.
You can also try following the root ports on the switches. The Root port points you to the root bridge, or shows you the least cost path, as bretjaquish@hotmail.com already said.
06-16-2009 05:43 AM
As the other two posts are saying, when you run "show spanning-tree vlan 2" it tells you which interface faces toward the root bridge. You will see Root/Forwarding, Designated/Forwarding, or Alternate/Blocked as your choices.
Keep going from switch to switch, following the Root/Forwarding path until you reach a switch that has no Root/Forwarding interface, only Designated/Forwarding ones. That's your root bridge.
Any switch that is NOT the root bridge will have one and only one Root/Forwarding interface; 0 or more Designated/Forwarding interfaces; and 0 or more Alternate/Blocked interfaces.
The switch that IS the root bridge will not have a Root/Forwarding interface, because IT is the root. And it will also not have any Alternate/Blocked interfaces, because all active, direct connections to the root bridge have to be Forwarding, not Blocked. So if all the connections are Forwarding, and none can be Root, then all will be Designated/Forwarding. That is unique to the root bridge.
Of course, it's a lot easier to find if IOS just tells you "This is the root". But this approach is generic, and will help you find the root bridge no matter who manufactured the switch.
06-16-2009 06:58 AM
Some other things to look for:
The root bridge is not one of your Cisco stackable switches, which create their actual bridge priority by adding the VLAN number (2) to the default bridge priority (32768). The switch acting as a root bridge is using the default bridge priority (32768) as the root bridge priority, and is not modifying it by adding the VLAN number to it. Is your core network switch a Catalyst 6500 or a non-Cisco switch? Because I have seen the 4500, 4000, 3750, 3560, 3550, and 2950 series switches add the VLAN number to the bridge priority, but not the 6500.
Also, when you find the root bridge, check out the Spanning Tree timers that have been set on that switch and are being propagated by the root bridge throughout your network. MaxAge = 8 seconds and ForwardingDelay = 5 seconds with a HelloTime = 2 seconds are pretty aggressive settings. Maybe appropriate for a Network Diameter of 1 (!) but not 14 interconnected switches that you mentioned searching through while looking for your root bridge.
Check out the following reference for more details:
Understanding and Tuning Spanning Tree Protocol Timers
https://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094954.shtml
06-17-2009 01:32 AM
Hello Konigl,
Thanks a lot for this. I'm having a to go through a number of Show Techs. This is actually part of a bigger problem whereby the customer is undergoing intermittent HSRP failovers over their their WAN links that are managed by a 3rd party. During which time their apps fail. Our thinking is that the HSRP Hellos are getting lost somewhere. It doesn't help that I dont have direct access to their Network.
Regards,
Pat
06-18-2009 04:21 AM
Hi Pat,
a) STP bridge MAC addresses are never shown in the the mac-address table (it's created from user-data frame addresses only). See
for some details.
b) If HSRP Hellos are being lost somewhere in WAN, don't forget those are multicasts.
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic5
might help you.
BR,
Milan
06-25-2009 06:26 AM
Hello,
Problem solved. Root bridge traced to an XP Workstation!!!. Made the Core swicthes the Root bridges of various VLANs. This fixed the HSRP Failover situation that was being experienced.
06-25-2009 06:44 AM
You might consider implementing spanning tree hardening features (such as Loopguard, Rootguard, and BPDUGuard) to prevent future such occurrences.
Rootguard: https://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml
BPDUGuard: https://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: