A virtual router is a method to prevent a single point of failure at the default gateway. To implement virtual router redundancy, several routers are configured to work jointly as a single router to the hosts on the LAN. The routers share an IP address and a MAC address and act as a single virtual router.
The IP address of the virtual router is used as the default gateway for the local network on a particular IP segment. When hosts on the local network sending data to the internet using the default gateway, the sending host resolve the MAC address of the default gateway using ARP.
The ARP returns the MAC address of the virtual router and the data that are sent to the MAC address of the virtual router can then be physically processed by the currently forwarding (active) router within the virtual router group.
The redundancy protocol is used to recognize two or more routers as the devices that are responsible for processing data frames for the MAC or IP address of a single virtual router.
The Host devices on the local network send traffic to the address of the virtual router but the physical router process and forwards this traffic is transparent to the host devices.
The redundancy protocol decides which router should take the active role in forwarding traffic. The protocol also decides when the forwarding role must be taken over by a standby router. The switch from one forwarding router to another is transparent to the end devices.
The end devices don’t know about the change of the physical router. Thus the network dynamically recovers from the failure using router redundancy. The device acting as the default gateway in the router redundancy protocol known as the first hop redundancy.
Hosts at the access layer of a hierarchical network take advantage of the alternate default gateways. If a gateway (router interface) fails, the hosts configured with that gateway are cut off from outside networks. A method is needed to provide alternate default gateways in switched networks where two or more routers are connected to the same VLANs.
The function of the router and multilayer switch is not different at the distribution layer. So, the multilayer switch mainly acts as the default gateway for each VLAN in a switched network. Each client receives only one gateway in a switched network. There is no method to configure a secondary gateway, even if a second path is available to carry packets off the local segment. Look at the figure below:-
In the figure, Switch4 is the default gateway for routing packets from PC0. It is a layer 3 switch. If Switch4 becomes unavailable, the spanning-tree protocols can dynamically converge the network.
Switch3 will now route packets from outside networks that would have gone through switch2. But, traffic from the inside network associated with switch4, including traffic from hosts configured with switch4 as their default gateway, is still sent to switch3 and dropped.
End devices are usually configured with a single gateway; the gateway address does not change when the network topology changes. If that gateway is unreachable for any reason, the host of this gateway cannot send packets except to the local network segment.
Still, if a redundant path exists that could serve as a default gateway for that segment, there is no dynamic way for these devices to connect to a new gateway.
In most networks, the best Spanning-Tree Protocol topology is determined as part of the network blueprint. The Spanning-Tree Protocol is implemented by configuring Spanning-Tree Protocol priority and cost values. Several things could go wrong.
You can expect something, but your switches can give you something different. Situations also occur when the Spanning-Tree Protocol was not measured in the network planning and implementation or was measured or implemented before the network’s growth and change.
In these situations, it is important to analyze the actual Spanning-Tree Protocol topology in the operational network to troubleshoot the Spanning-Tree Protocol. The steps for analyzing a spanning tree are the following:-
In the first step, find the layer 2 topology. If it was prepared previously, consult the network documentation for the topology.
Use the “show cdp neighbors” command to help find the layer 2 topology.
When Layer 2 topology is discovered, use spanning-tree protocol knowledge to resolve the predictable Layer 2 path.
It is also important to know the root bridge. Use the“show spanning-tree vlan <vlan_id >” command to resolve which switch is the root bridge.
Use the show spanning-tree vlan <vlan_id > command on all switches to find the port state and confirm your expected Layer 2 path.
Expected Topology vs Actual Topology
Comparing the network’s actual state against its expected state and spotting the differences can help troubleshoot the problem. A network administrator can examine the switches, resolve the actual topology, and recognize the superior spanning-tree topology.
Overview of Spanning Tree Status
The overview of the spanning tree plays an important role in troubleshooting. For an overview, we can use the “show spanning-tree” command without specifying any additional options to provide a quick overview of the status of STP for all VLANs.
We can limit the command’s output by specifying a particular VLAN. The command syntax for specifying a VLAN is “show spanning-tree vlan vlan_id.” The command output will display information about the role and status of each port on the switch.
The port role and state can be Root, Designated, alternate, etc. The command’s output also provides information about the bridge ID of the local switch, including the bridge ID of the root bridge.
Spanning Tree Failure Consequences
Two types of failure can occur with STP. In the first problem, the STP may block the wrong port planned in the forwarding state. This problem might be caused by lost traffic that would normally pass through this switch, but other networks remain unaffected.
The second type of failure is much more troublemaking, as shown in the Figure below. It happens when the Spanning Tree Protocol wrongly moves one or more ports into the forwarding state.
Master the art of troubleshooting Spanning Tree Protocol (STP) for a seamless network experience.
Recall that an Ethernet frame header does not contain a TTL field, so any frame that enters a bridging loop remains continuous, forwarding from switch to switch indefinitely.
The frames that have their destination address recorded in the MAC address table of the switches are simply forwarded to the port associated with the MAC address and do not enter a loop. But, any frame flooded by a switch enters the loop. The flooded traffic may include broadcasts, multicasts, and unicasts with a globally unknown destination MAC address.
What is the sign of STP failure? The load on all links starts increasing as more frames enter the loop. The frames also affect other links in the switched network because they flood them. Only the corresponding VLAN is affected if the failure is on a single VLAN. Switches and trunks that are not related to this VLAN operate normally.
The spanning-tree failure can create bridging loops. In this case, traffic is increasing exponentially, and the switches will flood the broadcasts out multiple ports. This creates copies of the frames each time the switches forward them.
When traffic like OSPF or EIGRP hello packets enters the loops, the devices running these protocols quickly become overloaded. Their CPUs quickly reach 100 percent utilization.
The network switches to change the MAC address table frequently. If a loop exists, a switch may see a frame with a particular source MAC address received on one port and another with the same source MAC address on a different port.
So, the switch will update the MAC address table twice for the same MAC address. Due to the high load and maximum CPU utilization, these devices become unreachable, making troubleshooting difficult.
Repairing a Spanning Tree Problem
The first method of resolving the problem is to remove redundant links in the switched network. The redundant link can be removed both physically and through configuration.
When the loops are removed and broken, traffic and CPU loads should quickly return to normal levels, and device connectivity should also be restored.
This restores the network troubleshooting, but this is not the end of the troubleshooting process. Because all redundant paths have been removed from the network, it needs to restore the redundant links.
If the problem of the spanning tree failure has not been fixed, there is a chance that a new broadcast storm will be triggered again during the restoration of the redundant links. So, before restoring the redundant links, find out and correct the original fault.
FAQs
What is the Spanning Tree Protocol (STP)?
Spanning Tree Protocol (STP) is designed to prevent network loops by creating a loop-free logical topology in Ethernet networks.
What are common issues with STP?
Common issues with STP include incorrect root port selection, spanning tree disabled, blocked VLANs, and topology changes causing network instability.
How can I troubleshoot STP issues?
To troubleshoot STP issues, verify physical connections, check configuration settings, use diagnostic commands like show spanning-tree, and ensure proper STP features are enabled.
What diagnostic commands are useful for STP troubleshooting?
Useful diagnostic commands include show spanning-tree, show spanning-tree vlan, and show interface to view the state of STP and root port elections.
How can I prevent STP issues?
Prevent STP issues by enabling features like Unidirectional Link Detection (UDLD), Loop Guard, PortFast, and BPDU Guard and by minimizing the number of blocked ports.
I hope this meets your needs. Let me know if there’s anything else you’d like to discuss!
The default configuration of the spanning-tree protocol (STP) on a Catalyst 2960 Series switch is PVST+. A Catalyst 2960 series switches support PVST+, Rapid PVST+, and MST, but only one version can be active for all VLANs. Rapid PVST+ is the Cisco execution of RSTP supporting RSTP on a per-VLAN basis.
We can control the configuration of the VLAN spanning-tree instance using the Rapid PVST+ commands. A spanning-tree instance is created while an interface is assigned to a VLAN.
When all the interfaces are removed from the VLAN or moved to any other VLAN, the instance is removed. The STP switches and port parameters can be configured before a spanning-tree instance is created. These configured parameters are applied when a spanning tree instance is created.
Spanning-Tree Mode Configuration
The command for configuring the Rapid PVST+ on a Cisco switch is “spanning-tree mode rapid-pvst” The command can be used in global configuration mode. We can use the same command to change the spanning-tree mode, i.e., PVST, MST, etc.
We can The show spanning-tree vlan <vlan_number> command to show the spanning tree configuration for a specific VLAN. We can also use the show running-config command to verify the Rapid PVST+ configuration.
The point-to-point link-type parameter for Rapid PVST+ is not necessary because it is abnormal to have a shared link-type. The difference between configuring PVST+ and Rapid PVST+ is the spanning-tree mode rapid-pvst command. The command for the link-type parameter is “spanning-tree link-type point-to-point”
FAQs
What is Rapid Per-VLAN Spanning Tree (Rapid PVST)?
Rapid PVST is an updated Spanning Tree Protocol (STP) implementation that provides a separate spanning tree for each VLAN, ensuring loop-free network topology and faster convergence.
How does Rapid PVST improve network performance?
Rapid PVST improves network performance by quickly adapting to topology changes, minimizing downtime, and ensuring efficient traffic flow across multiple VLANs.
What are the key components of Rapid PVST?
The key components include determining the root bridge, electing root ports, and assigning port roles such as designated, non-designated, alternate, and backup ports.
How do you configure Rapid PVST on a network switch?
Configuration involves setting the root bridge ID, configuring port priorities, and adjusting the path cost method to ensure optimal spanning tree topology for each VLAN.
I hope this meets your requirements! If there’s anything else you need, just let me know.
Network load balancing is the technique to manage traffic across a network without the use of complex routing protocols such as BGP.
Network Load Balancing divide load across multiple links, which use the network resources more efficiently and avoid network overload. Load balancing may be accomplished through software or hardware.
Now, look at the topology in the Figure below. There are three switches with 802.1Q trunks connecting them. Two VLANs are configured in the network, VLAN 100 and 200.
The purpose is to configure Switch-1 as the primary root bridge for VLAN 100 and the secondary root bridge for VLAN 200 and Switch-2 as the primary root bridge for VLAN 200 and secondary root bridge for VLAN 100.
Port F0/0 on Switch-3 is the forwarding port for VLAN 100 and blocking the port for VLAN 200. Port F0/1 on Switch-3 is the forwarding port for VLAN 200 and the blocking port for VLAN 100.
We have also planned the secondary root bridge for both VLANs in case of fault of the primary VLAN. A secondary root bridge becomes the root bridge for a VLAN if the primary root bridge going fails.
If other bridges in the VLAN keep their default STP priority, this switch configured as a secondary root bridge becomes the primary root bridge if the primary root bridge fails. In the topology, Switch-1 is the primary bridge for VLAN 100 and the secondary root bridge for VLAN 200. So, the configurations of the switch-1 are as under:-
After configuring the switch-1, configure the switch-2. The switch-2 is the primary root bridge of the VLAN-200 and secondary root bridge for VLAN-100. The configurations of the switch-2 are is under.
We can also configure the root bridge using the bridge priority specifying the root bridge is to set the spanning-tree priority on each switch to the lowest value so that the switch is selected as the primary bridge for its associated VLAN.
We can set switch priority for any spanning-tree instance. A lower value increases the chances that the switch is selected. The range is 0 to 61,440 in increments of 4,096. The configuration of root bridge priority we have done in the method of bridge priority ID configuration.
Now examine the topology, the Switch 1 is configured as the primary root bridge for the VLAN-100 and secondary root bridge for VLAN-200, and Switch-2 is configured as the primary root bridge for VLAN-200 and secondary root bridge for VLAN 100.
We can verify the configuration using show spanning-tree activecommand which displays spanning tree configuration details for the active interfaces only. Another command we can use the show spanning-treecommand.
The switch port directly connected to an end station cannot create bridging loops. So, the port can rapidly enter the forwarding state by skipping the listening and learning state. Portfast is a Cisco proprietary solution that allows the switch port to skip the listening and learning state and immediately enter the forwarding state. It is working in PVST+ environments.
We can use PortFast on access ports to allow the immediate connection of the attached devices to the network rather than waiting for IEEE 802.1D STP to converge on each VLAN. Access ports are usually connected to a single workstation or a server. A switch-enabled port fast cannot generate a topology change and notification for an interface with Port Fast enabled.
In a Port Fast configuration, BPDUs should never be received because receiving BPDUs indicates that another bridge or switch is connected to the port. Receiving BPDUs causes a spanning tree loop. The BPDU guard is a feature called BPDU guard. BPDU guard is Cisco proprietary, and it puts the port in an error-disabled state on receipt of a BPDU.
Port Fast is functional for Dynamic Host Configuration Protocol (DHCP). If Port Fast is not enabled on the switch, the host can send a DHCP request before the port is in the forwarding state, which prevents the host from receiving an IP address and related information from the DHCP server. If PortFast is enabled, the port state changes immediately to the forwarding state, and the host can get a usable IP address.
We can enable Port Fast on a switch port using the command spanning-tree portfast in interface configuration mode. If we want to configure Port Fast for all router interfaces, we can use the command spanning-tree portfast default in global configuration mode.
The command enables Port Fast on all non-trunking interfaces. The figure below illustrates the Port Fast configuration on the switch-3 interface fa0/2.
To configure BPDU guard on an access port, use thespanning-tree bpduguard enablecommand in interface configuration mode. If we want to configure the BPDU guard on all interface use the command spanning-tree portfast bpduguard defaultin global configuration mode. The command enables BPDU guard on all PortFast-enabled ports.
We can verify the PortFast and BPDU guard enabled for the switch port using the show running-config command. By default, PortFast and BPDU guard are disabled on all interfaces.
When configuring a specific switch as a Root Bridge, the bridge ID priority value must be adjusted to be lower than the bridge priority values of all the other switches on the network. There are two different methods for configuring the bridge priority value on a Cisco Catalyst switch.
Method 1
To ensure the switch has the lowest bridge priority value, use the spanning-tree vlan vlan-id root primary command in global configuration mode. The command set the priority for the switch to the predefined value of 24,576 or the highest multiple of 4,096, less than the lowest bridge priority detected on the network.
We can also configure the alternate root bridge to use the “spanning-tree vlan vlan-id root secondary” command in global configuration mode. The predefined bridge priority value for the secondary root bridge is 28,673.
This value ensures the alternate switch becomes the root bridge if the primary root bridge fails. This configuration assumes that the rest of the network switches have defined the default 32,768 priority value.
Bridge ID Configuration
Now, look at the figure above. Switch-1 is elected as the Root Bridge in the spanning tree process. The bridge ID priority is the same in all switches, 32769. The switch-1 MAC address is the lowest among all switches.
So, the spanning tree was elected switch-1 as a Root Bridge based on the lowest MAC address. However, we want to configure switch-3 as the root bridge and switch-2 as the secondary root bridge. The configuration of switch-3 for the root bridge is as follows:-
Now, we will configure switch-2 as the secondary root bridge. If the primary root bridge becomes faulty, the switch will act as the root bridge immediately, and the network should not need to elect the root bridge. The configuration of switch-2 is as under:-
Now we can verify the configuration all switches. The output of the “show spanning-tree” command on all switches is as under:
Method 2
Another method for root bridge configuration is the configuration bridge priority value. The command configuring the bridge priority value is “spanning-tree vlan vlan-id priority value” in global configuration mode. The priority value is configured in the increase of 4,096, and the range is between 0 and 61,440.
Now I will cancel the previous command in switch-3 and switch2 and want to configure the bridge priority values. The switch-3 configuration is as under:-
We can do the same for the secondary root bridge. To verify the bridge priority of a switch, we can use the same “show spanning-tree” command. After configuring the root bridge priority of the switch-3, the output of the show spanning-tree command is the following:-
The switch’s priority has been set to 24,576. Also, notice that the switch is designated as the root bridge for the spanning-tree instance. The Bridge ID priority is set to 24577 because it is 24576 +1 = 24577. The 1 is the value of the VLAN, which is added to the bridge priority to construct the extended system ID.
RSTP- IEEE 802.1w is the advanced version of STP, providing faster convergence than CST but holding with the same single root bridge in the topology. Most parameters in RSTP are the same as STP, so users who understand STP can effortlessly configure the RSTP. Rapid PVST+ is the Cisco proprietary of RSTP on a per-VLAN basis. In Rapid PVST+, an independent instance of RSTP runs for each VLAN. So, we will discuss the RSTP in detail to better understand the Rapid PVST+.
The figure below shows a network running RSTP. The topology is the same as that used in the PVST+. Switch 1 is the root bridge with two designated ports. Port F0/0 on Switch2 and Port F0/0 are both root ports. Port F0/1 is an alternate port that discards traffic. The topology has no blocking port because RSTP has no blocking state. The port states in RSTP are discarding, learning, or forwarding.
Explore the benefits of RSTP and Rapid PVST in modern network environments
RSTP speeds up the convergence in the properly configured network. It also increases the recalculation of the spanning tree when the changes occur in the network topology. It also redefines the type of ports and their state. If a port is configured as an alternate or backup port, it can change to a forwarding state without delay.
Rapid Spanning-Tree Protocol is preferred for avoiding loops in a switched network environment. The Cisco-proprietary improvement includes many differences from the original 802.1D, such as improvements in BPDUs.
The improved BPDU only carries and sends information about port roles to neighboring switches and requires no additional configuration. It performs better than the earlier Cisco-proprietary versions. The enhancements to the original 802.1D, such as Uplink Fast and Backbone Fast, are incompatible with Rapid Spanning-Tree Protocol.
Rapid Spanning-Tree Protocol (802.1w) replaces the original 802.1D while accommodating compatibility with old protocols. Much of the original 802.1D terminologies are unchanged. 802.1w is also proficient in interoperating with legacy switches per port. Because the RSTP elects a root bridge like the original 802.1D, it can safely transit the port to the forwarding state without further delay to rely on a timer configuration.
RSTP BPDUs
RSTP uses the same BPDU format as the original IEEE 802.1D, except that the version field is set to 2, which indicates RSTP and the flags field uses all 8 bits. The original 802.1D Spanning-Tree Protocol uses type 0, version 0 BPDUs. However, RSTP can communicate directly with the original 802.1D STP. RSTP sends BPDUs and settles the flag byte differently. The flag byte information is as follows.
Bits 0 and 7 are for topology changes in the topology and also for acknowledgment. Bit 0 and 7 also used in the original 802.1D.
Bits 1 and 6 are used for rapid convergence.
Bits 2 to 5 encode the port’s role and state. Bits 4 and 5 also encode the port role using a 2-bit code.
BPDUs are the mechanism that keeps the connection between switches with a Root Bridge alive. Three successively missed BPDUs indicate lost connectivity between a Root Bridge and its neighboring root or designated bridge. So, fast aging detects failures quickly. Protocol information immediately becomes aged on a port if hello packets are not received for three consecutive Hello times or if the max-age timer expires.
RSTP Edge Ports
An RSTP edge port is never proposed to be connected to another switch. When enabled, it immediately transitions to the forwarding state. The edge port concept is related to the PVST+ PortFast feature. An edge port is directly connected to an end station, and no switching device is assumed to be connected.
The edge port escapes the listening and learning state, so port transit will be made to the forwarding state immediately. The edge port functions similarly to a port configured with the Cisco Port Fast command.
Non-edge ports
Ports connected to other switch devices on the network should not be configured as edge ports.
Link Types
The link type defines the category for each port joining RSTP. The link type depends on what is attached to each port. The link type also determines whether the port can immediately transit to a forwarding state. The immediate transition assumes certain conditions.
The conditions are different for both edge and non-edge ports. Non-edge ports are categorized into two types of links: point-to-point links and shared links. The link type is dynamically determined; however, we can override the link type with an explicit port configuration using the spanning-tree link-type parameter command. Characteristics of port roles regarding link type are:
Edge ports and point-to-point connections are the successors for a rapid transition to a forwarding state. However, RSTP must determine the port role before considering the link-type parameter.
Root ports do not use the link-type parameter and can rapidly transition to the forwarding state when the port is in sync.
Alternate and backup ports mainly do not use the link-type parameter.
Designated ports mostly used the link-type parameter. Only when the link-type parameter is set to point-to-point does the designated port rapidly transition to the forwarding state.
The original IEEE 802.1D standard spanning tree protocol assumes only one spanning-tree instance for the entire switched network, regardless of the number of VLANs. A network running cannot ensure load balancing because one uplink must block for all VLANs but the CPU is free because there is only one instance of spanning tree working.
The PVST+ is the improved version of CST providing an independent instance of the Cisco implementation of IEEE 802.1D for each VLAN in the network. With PVST+, it is possible for one trunk port on a switch to forward the traffic for one VLAN while blocking the traffic of other VLAN.
PVST+ can be used for Layer 2 load balancing. It requires a larger CPU process in the switches. It also consumes more bandwidth for BPDU than a traditional CST implementation of STP because all VLAN runs a separate instance of STP.
In a PVST+ it is possible that half of the VLANs forward traffic on each uplink trunk which makes possible best load balancing. One spanning-tree instance for each VLAN means that each instance of the PVST + sends its own BPDU which consumes the CPU of the switch as well as the bandwidth. These drawbacks are problematic in case of a large number of VLANs in the network.
The figure below illustrates the PVST+. Port F0/0 on Switch-3 is the forwarding port for VLAN 100 and F0/1 on Switch-3 is the forwarding port for VLAN 200. This is done by configuring one switch-1 to be elected as the root bridge for VLAN-100 and switch-2 to be elected as the root bridge for VLAN-200. Multiple STP root bridges per VLAN increases redundancy in the network.
PVST+ Port States
Spanning tree protocol provides a logical loop-free path to the switched network. This is possible by using an exchange of information to determine the best path and block the alternate loop to avoid layer 2 loops. This is possible through the exchange of the BPDU frames between the interconnected switches. To make possible the learning of the spanning tree, each switch port transitions different five possible port states including three BPDU timers.
The spanning tree is starting automatically when a switch is complete boot process. The switch port goes through five different states to get information about full topology. If a switch port transitions directly from the blocking state to the forwarding state without getting information about the topology, the port can momentarily create a data loop. The five different port states are the following:-
Blocking
The port remains in the blocking state for 20 seconds during the election process. During the blocking state, the port cannot participate in frame forwarding. The port receives BPDU frames to decide the root bridge, the best path to the root bridge and port roles for each switch port in the final active STP topology.
During the blocking state, the port cannot receive and send frame forwarding. It discards the frame received from adjacent network switches. During the blocking state, the port only listening and check for BPDU frames.
Listening
The root port and designated port change states from blocking to listening. In the listening state, the port discards frames switched from other ports of the switch including a frame from the attached network for forwarding.
The switch port receives BPDU from other switches, transmits its own BPDU, and informs adjacent switches that the switch port is preparing to contribute in the active topology. The ports remain 15 seconds in the listening state and then move to learning state.
Learning
After the listening state, the switch moves to the learning state where the port prepares to participate in frame forwarding and begins to populate the MAC address table. In the state the port listening for and processing the BPDU frames.
The port receives the user frames, learns the frames and updates the MAC address table from the frame but cannot forward the frames to destination. The port remains 15 seconds in the learning state and moves to the forwarding state.
Forwarding
When the port status reached to forwarding state then it can send and receive traffic. The port is considered the part of the active network. It is the normal working state of the switch port.
Disabled
When the network administrator is down the switch port administratively, the switch port is disabled. The port does not participate in spanning tree and does not forward frames.
PVST+ operation for VLAN
The PVST+ performs the following four steps for each VLAN in a switched network. The steps for PVST+ operation are identical to CST
Elects one root bridge
The PVST+ elects the root bridge for the given VLAN. The root bridge selection criteria are the same as CST. The switch with the lowest bridge ID on the VLAN is selected as Root Bridge. All the ports of the root bridge are designated ports.
Selects the root port on each non-root bridge
Similarly to other spanning-tree protocol, the PVST+ also establishes one root port on each non-root bridge for each VLAN. The root port selection is based on the cost of the path. The port with the lowest-cost path from the non-root bridge to the root bridge is selected as the root port. Root ports are generally in the forwarding state.
Selects the designated port on each segment
PVST+ also establishes one designated port for each link on the VLAN. The designated port is elected on the switch with the lowest-cost path to the root bridge. Designated ports are in the forwarding state.
The remaining ports in the switched network are alternate ports
The alternate ports remain in the blocking state, to break logically the layer 2 loops. When a port is in the blocking state, it does not forward traffic, it only processes received BPDU messages in this status.
Verifying Different State
We can verify the different port state by using eh “show spanning-tree” command. We can also enter the “show spanning-tree summary” command
Spanning-Tree Protocol (STP) ensures network availability with redundant paths without a loop. Several types of spanning-tree protocols have appeared since the original IEEE 802.1D. The default spanning-tree mode for Cisco Catalyst switches is PVST+, which is enabled on all switch ports. The different types of spanning-tree protocols are:-
Spanning-Tree Protocol (STP)
The STP is the original IEEE 802.1D version, providing redundant network connectivity without a loop. It is also known as the CST (Common Spanning Tree). Despite the number of VLANs, it assumes one spanning tree instance for the entire bridged network.
The whole network has only one Root Bridge, so all the traffic flows over the same path. The STP is very slow and takes a long time for convergence. The time of convergence for STP is 32 seconds. The updated version of the standard spanning-tree protocol is 802.1D-2004
Because of using only one Root Bridge, the CPU and memory requirements for CST are lower than for the other protocols. However, because there are only one Root Bridge and one tree, traffic for all VLANs flows over the same path, leading to suboptimal traffic flows.
Per VLAN Spanning Tree + (PVST+)
PVST+ is the improved version of STP, which provides a dedicated 802.1D spanning-tree root bridge for every VLAN configured in the network. It is the default version of STP. It provides compatibility with the Common Spanning Tree (CST). It is slower than Common Spanning Tree (CST). PVST+ consumes less bandwidth than CST and provides more network performance optimization than CST. PVST+ also required more CPU and memory.
The speed of convergence is comparable to the original STP. Still, the difference is the separate instance and Root Bridge, which support Port Fast, Uplink Fast, Backbone Fast, BPDU filter, BPDU guard, loop guard, and root guard.
Port roles are the same as those in RSTP. Separate instance and separate root bridge for each VLAN increases the CPU and memory requirements. PVST+ allows the spanning-tree optimization for the traffic of each VLAN. The convergence of this PVST+ is similar to 802.1D. Though, it provides per-VLAN convergence.
Rapid Spanning Tree Protocol (RSTP)
RSTP is also known as IEEE 802.1w. This advanced version of STP provides faster convergence than CST but holds with the same single root bridge in the topology. The bridge resources needed in RSTP are higher than CST but less than PVST+. RSTP resolve many convergence issues, except it still provides a single instance of STP, it does not address the suboptimal traffic flow issues. Due to faster convergence, more CPU and memory are required for this version than CST but less than Rapid PVST+.
Rapid Per VLAN Spanning Tree + (Rapid PVST+)
Rapid PVST+ is a Spanning Tree standard providing faster convergence than PVST+ and a separate instance of 802.1w per VLAN but with much more CPU and memory requirements than other STP standards. The separate instance supports Port Fast, BPDU guard, BPDU filter, root guard, and loop guard. It resolves the convergence issues and suboptimal traffic flow issues.
Multiple Spanning-Tree Protocols (MSTP)
MSTP is the IEEE 802.1s standard, inspired from the earlier Cisco proprietary MISTP implementation. It reduces the number of required STP instances using the mapping of multiple VLANs that have the same traffic flow requirements into the same spanning-tree instance.
Multiple Spanning Tree (MST)
MST is Cisco proprietary and equal to MSTP. It provides up to 16 instances of RSTP (802.1w) and combines many VLANs with the same physical and logical topology into a common RSTP instance. Each RSTP instance supports PortFast, BPDU guard, BPDU filter, root guard, and loop guard. This version’s CPU and memory requirements are less than Rapid PVST+ but more than RSTP.
Note: New Cisco switches, such as Catalyst 2960 with IOS 15.0, run PVST+ by default. They include several of IEEE 802.1D-2004’s specifications.