Skip to main content

STP Interview Questions and Answers [CCNP]


What is STP & Redundant Links?
Spanning Tree Protocol (STP) is a protocol which prevents layer 2 loops. STP enables switches to become aware of each other so that they can negotiate a Loop-Free path through network. In practical Scenario, Redundant links are created to avoid complete network failure in an event of failure of one link.

How STP works?
STP chooses a Reference point (Root Bridge) in the network and calculates all the redundant paths to that reference point. Than it picks one path by which to forward frames and blocks other redundant paths.

What are the different port states?
1. Disabled - A port in the disabled state does not participate in the STP.
2. Blocking - A blocked port does not forward frames. It only listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths.
3. Listening - A port in listening state prepares to forward data frames without populating the MAC address table. The port also sends and listens to BPDUs to make sure no loops occur on the network.
4. Learning - A port in learning state populates the MAC address table but doesn’t forward data frames. The port still sends and receives BPDUs as before.
5. Forwarding - The port now can send and receive data frames, collect MAC addresses in its address table, send and receive BPDUs. The port is now a fully functioning switch port within the spanning-tree topology.

What is the default time a port takes to transition from the blocking state to the forwarding state?
The default time a port takes to transition from the blocking state to the forwarding state is 50 seconds: 20 seconds for Max Age, 15 seconds for listening, and 15 seconds for learning.

What are STP Timers and Explain different types of STP Timers?
STP uses three timers to make sure that a network converges properly before a bridging loop can form.
1. Hello - The time interval between Configuration BPDUs sent by the root bridge. It is 2 seconds by default.
2. Forward Delay - The time interval that a switch port spends in both the Listening and Learning states. The default value is 15 seconds.
3. Max Age - Maximum length of time, a BPDU can be stored without receiving an update. It can also be define as a time interval that a switch stores a BPDU before discarding it. It is 20 seconds by default.

Explain types of STP Port Roles?
1. Root port - The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. It is always on Non-Root Bridge.
2. Designated port - A designated port is one that has been determined as having the best (lowest) cost. A designated port will be marked as a forwarding port. It can be on both Root Bridge & Non Root Bridge. All ports of Root Bridge are Designated Port.
3. Forwarding port - A forwarding port forwards frames.
4. Blocked port - A blocked port is the port that is used to prevent loops. It only listens to frames. Any port other than Root port & Designated port is Block Port.

What is the STP blocking state?
When a switch starts, all ports are in the blocking state to prevent any loop in the network. If there is a better path to the root bridge, the port remains in the blocked state. Ports in the blocked state cannot send or receive traffic, but they can receive BPDUs.

What is BPDU?
All the switches exchange information to select Root Bridge as well as for configuration of the network. This is done through Bridge Protocol Data Unit (BPDU). Each switch compares the parameters in the BPDU that it sends to one neighbor with the one that it receives from another neighbor.

How often do Bridges send BPDUs on active ports?
The default time that bridges send BPDUs is 2 seconds.

What does STP do when it detects a topology change in the network due to a bridge or link failure?
 If spanning tree detects a change in the network due to a bridge or link failure, it send out TCN[topology change message] BPDU and at least one bridge interface changes from the blocking state to the forwarding state, or vice versa.

What is the Max Age timer?
The Max Age timer is how long a bridge stores a BPDU before discarding it. The default time is 20 seconds (ten missed hello intervals).

What is STP forward delay?
The forward delay is the time it takes for a port to move from the listening state to the learning state or from the learning state to the forwarding state. The default time is 30 seconds.

What is the destination MAC address used by Bridge Protocol Data Units (BPDUs)?
Bridge Protocol Data Units (BPDUs) frames are sent out as at multicast destination MAC address 01:80:c2:00:00:00.

What are Types of BPDU?
Two types of BPDU exist -
1. Configuration BPDU - Used for Spanning-Tree Computation.
2. Topology Change Notification (TCN) BPDU - Used to announce changes in the Network Topology.

How Root bridge is elected?
The Bridge ID is used to elect the root bridge in the STP domain. This ID is 8 bytes long and includes both the priority and the MAC address of the device. Switch with the lowest Bridge ID is elected as the Root bridge which means Switch with the lowest priority will become Root Bridge if two or more switches have same priority than switch with lowest mac address will become Root Bridge.

Explain Root path cost?
Root path cost is the Cumulative Cost of all links to the Root Bridge.

How Root Ports are elected?
Non Root Bridges use Root path cost to determine which port will be the Root port. The port with the lowest root path cost is elected as the root port and is placed in the forwarding state.

What is the difference between Path cost and Root Path cost?
Path cost is the value assigned to each port. It is added to BPDUs received on that port to calculate the root path cost. Root path cost is defined as the cumulative cost to reach the root bridge. This value is calculated by adding the receiving port's path cost to the value contained in the BPDU. In a BPDU, Root path cost is transmitted not the path cost.

What is Path Cost or Spanning Tree Path Cost value?
The Spanning Tree Cost Value is inversely proportional to the associated bandwidth of the link and therefore a path with a low cost value is more preferable than a path with high cost value.
Link Bandwidth               Cost Value
10 Gbps                                   2
1 Gbps                                     4
100 Mbps                                19
10 Mbps                                 100

What is Root Port?
Once the Root Switch is elected, every other Switch in the network must select a single port on itself to reach the Root Switch. The single selected port on a Switch with least Path Cost to reach the Root Bridge is called the Root Port. Root Bridge will never have a Root Port.

What is Extended System ID?
The Extended System ID is utilized by spanning-tree to include the VLAN ID information inside 16-bit STP Bridge Priority value. Extended System ID is the least significant 12-bits in 16-bit STP Bridge Priority value.

Explain Root Guard ?
Root guard is used to protect root bridge. Root Guard stops a new switch introduced in the network with a lower bridge ID to become the root bridge. If a port with Root Guard feature enabled receives a superior BPDU, it moves the port into a root-inconsistent state (equal to a listening state) thus maintaining the current Root Bridge status. It is enabled on interface level.
switch(config-if)# spanning-tree guard root

What is BPDU Guard ?
When we enable portfast on a port , we do not expect BPDU's on that port. Suppose a switch is connected by mistake on the port where portfast is enabled, loop can form. An even greater consequence is that connected switch has potential to become root bridge. The BPDU Guard feature was developed to protect the integrity of switch ports that have PortFast enabled. If any BPDU (superior to the current root or not) is received on a port where BPDU Guard is enabled, that port immediately is put into the error-disable state. The port is shut down in an error condition and must be either manually re-enabled or automatically recovered through the error-disable timeout function.
BPDU Guard can be enabled on both interface & global level. It is basically enabled on access layer switches. In this all vlans are effected.

Switch(config)# spanning-tree portfast bpduguard default
Switch(config-if)# spanning-tree bpduguard enable

Explain Sudden Loss of BPDUs?
Suppose switch does not receive BPDUs, it will think that the topology must have changed, so blocked ports can be unblocked again. What if the absence of BPDUs is actually a mistake and not a topology change, bridging loops easily can form.
There are two features that help detect or prevent the unexpected loss of BPDUs:-
1. Loop Guard
2. Unidirectional Link Detection (UDLD)

What is Loop Guard?
Loop Guard keeps track of the BPDU activity on non-designated ports. It does not allow non-designated ports to become designated ports in case of sudden loss of BPDUs. While BPDUs are received, the port is allowed to behave normally. When BPDUs go missing, Loop Guard moves the port into the loop-inconsistent state (port is effectively blocking at this point to prevent a loop from forming and to keep it in the non-designated role). When BPDUs are received on the port again, Loop Guard allows the port to move through the normal STP states and become active.
It can be enabled on both interface & global level. It affects per vlan basis.
Switch(config)# spanning-tree loopguard default
Switch(config-if)# spanning-tree guard loop

What is BPDU Filter?
STP runs on a switch to prevent loops. However, in special cases when we need to prevent BPDUs from being sent or processed on one or more switch ports, we can use BPDU filtering to effectively disable STP on those ports. It prevents port from sending and receiving BPDUs. It can be enabled on both interface & global level.

Switch(config)# spanning-tree portfast bpdufilter default
Switch(config-if)# spanning-tree bpdufilter { enable | disable }

What is the difference between BPDU Guard and BPDU Filter?
BPDU Guard works aggresively and puts the port in error-disable state while BPDU filter does not shut the port, it only filters BPDU. BPDU Guard only prevents receiving BPDUs while BPDU filter prevents both sending and receiving BPDU.


If Both BPDU Guard and BPDU Filter is enabled on a port than only BPDU filter will work.





EIGRP Interview Questions and Answers [CCNP]
BGP Interview Questions and Answers [CCNP]
STP Interview Questions and Answers [CCNP]
RSTP & MST Interview Questions and Answers [CCNP]
Labels:

Comments

Post a Comment

Popular posts from this blog

How to Upgrade Software on Cisco 5508/5520 HA WLC

The process to upgrade a Cisco Wireless Lan Controller is quite straightforward but there are a few things you need to be aware of which can minimise the downtime for your wireless network. This guide will go through the process to upgrade a pair of 5508 WLC’s configured in HA setup and connected back to back with RP port. Here is the Topology: Upgrade Software on Cisco 5508/5520 WLC – Steps The first step is to upload the new image to the controller. This process does nothing to your live network and only uploads the image to the controller. Download the image from  cisco.com  and store in a known location on your laptop. For the purpose of this guide I am using 8.0.121.0 .Don't forget to check compatible matrix for your AP Models.  You will need a TFTP server running, I am using TFTPD32 running locally on my laptop. You can also use FTP or SFTP server to transfer the image.  Copy the new image into your tftp directory and go to the GUI on your controller
2 comments
Read more

How to upgrade software on a Cisco 3850 Switch | Recover Password | Configuration Backup | Restore Configuration

This short post will show you how to upgrade the software on a single Cisco 3850 switch or a 3850 stack, using TFTP and USB. The process is very easy but it is a bit different than the usual software image of previous switches i.e 3750 etc. The main difference is the Cisco 3850 switch run IOS-XE so you have to copy the .bin file to the flash on the switch and then install the software on the switch. Download the required image from cisco.com Begin the install Reboot the switch Step 1 copy the new image to the 3850 3850-SW1# copy tftp flash Address or name of remote host []? 10.1.1.100 Source filename []? cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin Destination filename [cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin]? Accessing tftp://10.1.1.250/cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin… Loading cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin from 10.251.226.253 (via Port-channel1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Post a Comment
Read more

RSTP and MST Interview Questions and Answers[CCNP]

What are the Port Roles in RSTP? 1. Root port - It is the port on the switch that has the best root path cost to the root bridge. This is identical to 802.1D. 2. Designated port - The switch port on a network segment that has the best root path cost to the root. 3. Alternate port - A port that has an alternative path to the root, different from the path the root port takes. This path is less desirable than that of the root port. 4. Backup port - A port that provides a redundant (but less desirable) connection to a segment where another switch port already connects. If that common segment is lost, the switch might or might not have a path back to the root. What are different port states in RSTP? 1. Discarding - Incoming frames simply are dropped; no MAC addresses are learned.This state combines the 802.1D Disabled, Blocking, and Listening states. 2. Learning - Incoming frames are dropped, but MAC addresses are learned. 3. Forwarding - Incoming frames are forwa
Post a Comment
Read more