1. ELECT ROOT BRIDGE
Lowest Bridge ID wins. Bridge ID = Priority (2 bytes) + MAC address (6 bytes).
Default priority = 32768. Priority tie → lowest MAC wins.

2. ELECT ROOT PORTS
Every non-root switch selects the port with the lowest cumulative Root Path Cost as its Root Port (RP). Tie → lower sender Bridge ID. Second tie → lower port ID.

3. ELECT DESIGNATED PORTS
On each segment, the switch with the lowest root path cost gets the Designated Port (DP). All DP ports forward traffic.

4. BLOCK THE REST
Any port that is neither RP nor DP enters Blocking state. This breaks loops.

10 Mbps → 100
100 Mbps (FastEth) → 19
1 Gbps (GigEth) → 4
10 Gbps → 2

Cost is cumulative — it adds at each hop from the root bridge.

Trunk links use the physical link speed for STP cost — a 1 Gbps trunk = cost 4 regardless of VLAN count.

With PVST+, each VLAN runs its own STP instance and can have a different root bridge. This enables load-balancing:
VLAN 10 root = SW1   VLAN 20 root = SW2

Force a switch to become root:
spanning-tree vlan 1 priority 4096
spanning-tree vlan 1 root primary

Priority must be a multiple of 4096 (0, 4096, 8192 … 61440).

Adjust a port's cost manually:
interface Fa0/1
 spanning-tree cost 10

Hello Timer = 2s — how often BPDUs are sent
Max Age = 20s — how long to wait before assuming root is gone
Forward Delay = 15s — time spent in Listening + Learning states

Total convergence after a link failure ≈ 50 seconds.
RSTP (802.1w) converges in under 1 second using proposal/agreement.

Blocking — receives BPDUs, does not forward frames
Listening — sends/receives BPDUs, no MAC learning
Learning — sends/receives BPDUs, learns MACs, no forwarding
Forwarding — fully operational
Disabled — admin shutdown