STP Port Types – Cisco CCNP and CCIE

Cisco NX-OS has three main STP port types: an edge port, a network port, or a normal port. A port can be in only one of these states at a given time. The default spanning tree port type is normal. Depending on the type of device to which the interface is connected, you can configure a spanning tree port as one of these port types.

Spanning tree edge ports: Edge ports are normally connected to end hosts. An edge port can be either an access port or a trunk port. The edge port interface immediately transitions to the forwarding state without moving through the blocking or learning states. (This immediate transition was previously configured as the Cisco-proprietary feature PortFast.) Interfaces that are connected to hosts should not receive STP bridge protocol data units.

Note

If a port connected to another switch set as an edge port, that might create a bridging loop.

.Spanning tree network ports: Network ports are normally connected only to switches or bridges. Bridge assurance is enabled only on network ports.

Note

If you mistakenly configure ports that are connected to hosts or other edge devices as spanning tree network ports, those ports automatically move into the blocking state.

Spanning tree normal ports: Normal ports can be connected to either hosts, switches, or bridges. These ports function as normal spanning tree ports. The default spanning tree interface is a normal port.

STP Extensions

Different STP extensions are used to protect the switch against certain problems that can cause bridging loops in the network. Loops can be caused by several problems:

Unidirectional links

 Device malfunctions

Configuration errors

External system forwarding (hub or non-STP switch, or end-host network bridging)

NX-OS has added many STP extensions that enhance loop prevention, protect against some possible user misconfigurations, and provide better control over the protocol parameters. Here’s a quick summary of these extensions:

STP Bridge Assurance: Spanning tree Bridge Assurance is one of those features that help prevent bridging loops in Layer 2 networks.

BPDU Guard: This extension disables ports that receive a BPDU frame; it is useful for edge ports that should never be connected to another switch.

BPDU Filtering: This extension prevents the switch from sending or even receiving BPDUs on a specified edge port.

Loop Guard: This extension protects against network interfaces that malfunction. Loop Guard is useful only in switched networks where devices are connected by point-to-point links. On a point-to-point link, a designated bridge cannot disappear unless it sends an inferior BPDU or brings the link down.

Root Guard: This extension prevents a port from becoming a root port or a blocked port.