info_i_25x25.png Due to unforeseen weather conditions we are experiencing higher chat wait times. Remember you can also submit a ticket and one of our support representatives will get back to you as soon as possible. We apologize for the inconvenience.

UniFi - USW: Configuring Spanning Tree Protocol


Overview


After reading this article readers should expect to know how to configure spanning tree protocol in their UniFi network. This article also gives a brief insight on some spanning tree functions. 

NOTES & REQUIREMENTS:
Devices applicable:
  • All UniFi switch models

Keywords:

  • Bridge Protocol Data Unit (BPDU): Frames that contain information about spanning tree protocol.
  • Frame: Layer 2 communication encapsulation containing information such as source/destination MAC address, VLAN tagging, etc.

Table of Contents


  1. Introduction
  2. Network Diagram
  3. Steps: How to Configure STP/RSTP in the UniFi Controller
  4. Testing & Verification

Introduction


Back to Top

Spanning tree protocol (STP) is a network protocol that helps achieve a loop-free topology. The main function of STP is to allow network administrators to manipulate networks paths while preventing bridge (switch) loops. 

STP also allows for making passive, redundant links in the event that an upstream switch fails or a network path is no longer able to pass traffic (e.g. ethernet/fiber failure). 

The UniFi switch lineup supports two spanning tree protocol types:

  • 802.1D Spanning Tree Protocol (STP)
  • 802.1W Rapid Spanning Tree Protocol (RSTP) 
NOTE: These two protocols operate with the same end goal in mind, yet one has a much more rapid convergence time (RSTP). This is because with RSTP each state has a much shorter timer. STP can take up to a minute to converge, while RSTP typically converges under 10 seconds in normal operation. 

Port Roles and States 

Port States Port Roles
802.1D 802.1W 802.1D 802.1W
Blocking Discarding  Root Root
Listening  Designated Designated
Learning  Learning  Blocked Alternate
Forwarding  Forwarding   Backup

STP: 802.1D States 

Disabled (not listed in the table above): This indicates that the port is administratively shut down and is not in the STP topology.

Blocking: This state indicates that the port would cause a switch loop without STP intervention. No user data should flow through these ports. This port may become unblocked in the event of receiving a BPDU that would be superior to its current designated port. 

Listening: This state indicates that the port will listen and process BPDUs. Forwarding of frames and population of the MAC address table does not occur in this state.

Learning: This state indicates that the port will start to populate the MAC address table with source MAC addresses, but not yet forward frames.

Forwarding: This state indicates that the topology is converged and is sending and receiving frames in normal operation. 

RSTP: 802.1W States

Discarding: This state combines the blocking and listening state from 802.1D. It does not forward traffic but will listen for BPDUs on the port. 

Learning: This state indicates that the port will start to populate the MAC address table with source MAC addresses, but not yet forward frames. This building of the MAC address table limits the forwarding of unknown unicast frames.

Forwarding: This state indicates that the topology is converged and is sending and receiving frames in normal operation. 

STP: 802.1D Roles

Blocked: The port has a blocked role if it is not the designated or root port. 

Designated: The port will be designated if it can forward BPDUs to down-linked switches that are not the root bridge. 

Root: The port in which the best (superior) BPDU was received. This port is closest to the root bridge in terms of STP cost. 

RSTP: 802.1W Roles

Backup: A port with the backup role will receive BPDUs from the segment that it is on. Typically this role comes up as a backup for the designated port. 

Alternate: A port with the alternate role will receive BPDUs from another switch, but not necessarily the best path to the root. 

Designated: The port will be designated if it can forward BPDUs to down-linked switches that are not the root bridge. 

Root: The port in which the best (superior) BPDU was received. This port is closest to the root bridge in terms of STP cost. 

Spanning Tree Topology Bridge Priority

STP and RSTP bridge priority is a value that is included in the bridge ID. The bridge ID is a combination of bridge priority and MAC address. Priority can only be set in increments of 4096.

Examples of bridge IDs

Bridge Priority MAC Address Bridge ID
32768 00:20:40:50:AD:A1 32768.0020.4050.ADA1
24576 00:00:05:D8:DB:BB 24576.0000.05D8.DBBB
4096 02:00:00:00:22:22 4096.0200.0000.2222

Root Bridge Selection

The root bridge determination is made by the switch with the lowest priority. If there is a topology full of switches that all have a priority of 32768 then the lowest value (in hex) MAC address will be the root bridge. 

Common Issues with Default Priority

  • No control over which switch is root. 
  • Any lower bridge/device with a lower number MAC address that is plugged in can cause a topology change. 
  • Network paths can become sub-optimal.

Default Port Costs

STP cost value is defined by the total cost from the root port of a switch to reach the root bridge. When a switch receives a BPDU in its port it increments the path cost. 

802.1D (STP)  802.1W (RSTP) 
Port Speed Default Cost Port Speed Default Cost
10 Mbps 100 10 Mbps 2,000,000
100 Mbps 19  100 Mbps 200,000
1 Gbps 1 Gbps 20,000
10 Gbps 2   10 Gbps  2,000 

 


Network Diagram


Back to Top

802.1W Example

STPtop.png

The diagram above shows a basic three switch topology with a redundant 1 Gbps link between access switches. In normal operation with RSTP, the link between Access-A and Access-B would be in a discarding state. Depending on which switch had a lower MAC address would dictate whether the port on Access-A or Access-B went into the discarding state/alternate role. 

If a cable were to become inoperable between Core-A and Access-A, Access A would transition its root port over to the port between Access-A and Access-B. This would allow the redundant link to pass traffic until the link between Core-A and Access-A was restored.

The topology change would end up looking like the diagram below:

STPredundant.png


Steps: How to Configure STP/RSTP in the UniFi Controller


Back to Top

  1. Navigate to the switch in which you wish to change the priority. Clicking the device will open a properties side panel.
  2. Navigate to Config > Services > Spanning Tree

This section allows a UniFi administrator to select RSTP and STP modes along with bridge priority. 

User Tip: Selecting the lowest possible priority is not always the best solution. Keep in mind that at some point another switch that is the desired root bridge could be introduced. If the priority is already at the lowest on another switch it could take more planning to integrate.  

Interoperability with PVST, PVST+, and Rapid Variants (Cisco)

When integrating with Cisco's per-VLAN spanning tree implementations RSTP and STP are designated to the VLAN 1 instance of STP/RSTP on the Cisco switches. 


Testing & Verification


Back to Top

Being able to verify root bridge identity in the UniFi Controller is not yet available. To do so some commands in the switch CLI are needed.

  • To get into the switching CLI:

telnet localhost

enable

  • To verify STP state and role (summary):

show spanning-tree mst port summary 0 all

  • To verify STP state and role per port (detailed):

show spanning-tree mst port detailed 0 0/16

  • To verify STP per bridge (detailed): 

show spanning-tree mst detailed 0