Spanning-tree

Spanning-tree protocol is described by the IEEE 802.1d protocol. (I've never, in a real-world situation needed to know that, but it seems like the sort of thing Cisco would put on their test to see if you were paying attention). It is a layer 2 protocol that prevents loops in traffic by figuring out what is the fastest path to the root bridge (or root switch).

STP bases all its calculation on cost, which it figures by default by the speed of the link. STP costs are assigned as follows:

10 Gb - Cost 2
1 GB - Cost 4
100 Mb - Cost 19
10 Mb - Cost 100

When a switch comes online, it sends out a Bridge Protocol Data Unit (BPDU) that carries its bridge ID, which is a combination of the switches priority (32768 by default, but configurable in multiples of 4096) combined with the MAC address of the switch. Lowest Bridge ID becomes the root bridge. It then sends out BPDU's every 2 seconds, and as long as it doesn't receive a response that another switch on the network has a lower ID, it will continue happily as the root bridge.

Once the root bridge is elected, it defines root ports and designated ports throughout the network. Root ports are simply the ports that have the lowest cost back to the root, and designated ports are the ports that connect to other switches. The cost is calculated by adding all cost values for the entire path back to the root. So if you have 3 switches, and there is a 1Gb link between switch A and switch B, and a 100 Mb link between switch B and switch C, the cost for the path is 23 (4 + 19).

If there are multiple paths to the root, the switch will use the following means of deciding which port will forward and which will block. It looks first at cost, with the lowest cost going into a forwarding state and the higher cost blocking. If there are multiple paths with the same cost, the switch will look at bridge ID, with the lowest going to forwarding state. If there are identical bridge ID's it will look at port priority, which is an arbitrarily assigned number that defaults to 128 but can be configured to choose one path over another. If there continues to be a tie, the switch will then look at port number, with the lowest interface ID going to forward packets.

Spanning-tree ports go through transitions, where each port ends either in a forwarding or blocking state. There are timers assigned to each state, and each state has a different function. They are:

Disabled - the port is obviously not forwarding
Blocking - the portaccepts BPDu's but does not send other user data
Listening - port is accepting traffic and accerpts and sends BPDU's
Learning - port is accepting traffic and entering MAC addresses into memory
Forwarding - the port is forwarding user data as well as BPDU's

To transition from blocking to listening takes 20 seconds, from listening to learning takes 15 seconds and from learning to forwarding takes another 15 seconds. When there is a topology change, STP will take 50 seconds to transition and resume network connectivity. PVSTP+ can converge in 2 seconds, but that is another topic... These timers are dictated by the root bridge, so to modify them in your network you only need to change them on the root and they will propagate throughout the network via BPDU's.

Later, VLAN's.