You built VLANs. You added redundant switch links so a single cable failure doesn't bring down the network. The moment you did that, you introduced loops — and Ethernet loops will take down an entire network in milliseconds.
Spanning Tree Protocol is the mechanism that prevents it. STP runs automatically, elects one switch as Root Bridge, assigns a role to every port, and shuts off the ports that would create loops. No configuration required on a default network — but you need to understand the election algorithm, because you'll be asked to predict it on the CCNA exam and you'll need to influence it in production.
★ WHAT HAPPENS WITHOUT STP
Switch A receives a broadcast frame. It floods it out every port. Switch B receives it, floods it out every port — including back toward Switch A. Switch A receives it again. Floods it again. This loop runs at line rate.
Within milliseconds: bandwidth is consumed by the storm. MAC address tables flip continuously as the switch sees the same source MAC arriving on multiple ports simultaneously. End devices receive the same frame dozens of times. The network stops passing user traffic. The only fix is to physically disconnect a cable.
★ THE 4-STEP STP ELECTION
Every time switches boot or a topology changes, STP runs this algorithm. It always produces the same result given the same inputs — deterministic and predictable. You need to be able to trace it manually on any topology.
Every switch has a Bridge ID — an 8-byte value made of its priority (2 bytes) and MAC address (6 bytes). The switch with the lowest Bridge ID wins and becomes Root Bridge.
Default priority is 32768 on all switches. When priorities tie — which they do on a default network — the switch with the lowest MAC address wins. All ports on the Root Bridge become Designated Ports and forward traffic.
Every non-root switch selects exactly one Root Port (RP) — the port with the lowest cumulative path cost back to the Root Bridge. Path cost is additive: each link adds its cost based on speed.
Tie-breaker 1: lower sender Bridge ID. Tie-breaker 2: lower port ID. Trace every available path and sum every hop.
On each network segment, one port must be the Designated Port (DP). The switch with the lower root path cost on that segment wins. If both sides have equal cost, the lower Bridge ID wins.
Designated Ports forward traffic. The Root Bridge wins the DP election on every directly connected segment since its path cost to itself is zero.
Any port that is neither a Root Port nor a Designated Port enters Blocking state. It still receives BPDUs so STP can react to topology changes, but it does not forward user traffic. The loop is broken.
★ 802.1D DEFAULT PORT COSTS
Path cost is determined by the physical link speed. These are the 802.1D values the CCNA exam tests. Memorise them — you will be tracing paths and adding costs under time pressure.
| LINK SPEED | 802.1D COST | WHERE YOU'LL SEE IT |
|---|---|---|
| 10 Mbps | 100 | Legacy — rarely seen now |
| 100 Mbps (FastEthernet) | 19 | Most CCNA lab topologies |
| 1 Gbps (GigabitEthernet) | 4 | Trunk uplinks, modern access |
| 10 Gbps | 2 | Core and distribution links |
★ PORT ROLES
Root Port — best path to the root. One per non-root switch. Forwards traffic.
Designated Port — best port on each segment. Forwards traffic. All root bridge ports are DPs.
Blocking — neither RP nor DP. Receives BPDUs only. Does not forward frames.
★ PORT STATES (802.1D)
When STP decides a port should forward, it doesn't happen immediately. The port transitions through states — this is why pings take a while to work after a switch boots or a link comes up.
Blocking: receives BPDUs, does not forward frames
Listening: sends/receives BPDUs, no MAC learning, no forwarding
Learning: builds MAC table, no forwarding yet
Forwarding: fully operational
After a link failure, convergence takes ~50 seconds total:
Max Age (20s) — switch stops receiving BPDUs from the root and waits 20 seconds before declaring it gone and triggering a new election
Listening (15s) — Forward Delay: new topology elected, ports transition
Learning (15s) — Forward Delay: MAC table rebuilt before forwarding begins
RSTP (802.1w) eliminates Max Age and collapses the delay states, converging in under 1 second — covered in a later lab.
★ INFLUENCING STP
On a default network, the switch with the lowest MAC address wins. In production that's effectively random. You want to control which switch is Root Bridge — typically your most capable distribution switch.
SET PRIORITY MANUALLY
ADJUST PORT COST
spanning-tree vlan 10 priority 4096
★ INTERACTIVE LAB
Reading about STP is one thing. Being able to look at a topology, trace the paths, and correctly predict every port role is what the exam actually tests. The interactive lab puts four different topologies in front of you — quiz mode to test yourself, step-by-step walkthrough, a sandbox where you can change priorities and costs and watch STP recalculate in real time, and a reference tab for quick lookups.
No Packet Tracer required. Runs entirely in your browser.
4 topologies: Triangle, Line, Mesh (4 switches), Trunk Uplinks ► LAUNCH INTERACTIVE LAB