Loading learning content...
Every two seconds, across millions of enterprise networks worldwide, billions of small messages silently traverse switched networks. These messages carry no user data, generate no visible traffic, and are invisible to applications. Yet without them, modern networking would be impossible.
These are Bridge Protocol Data Units (BPDUs)—the heartbeat of the Spanning Tree Protocol. Through continuous BPDU exchange, bridges across a network collectively and automatically determine which paths should be active and which should be blocked, all without any central controller or human intervention.
STP is a marvel of distributed computing: individual bridges, each with only local information about their directly connected links, communicate exclusively through BPDUs to construct a globally consistent, loop-free topology. Understanding how this works requires diving into the protocol mechanics—the message formats, the decision algorithms, and the timers that govern STP behavior.
By the end of this page, you will understand the complete operational mechanics of STP: how Bridge Protocol Data Units (BPDUs) are structured and exchanged, the critical role of Bridge ID and path costs, the Hello/MaxAge/ForwardDelay timers that govern protocol behavior, and how bridges use this information to collectively compute the spanning tree. You'll master the distributed algorithm that makes loop prevention automatic.
BPDUs are the fundamental communication mechanism of STP. They are L2 frames that bridges use to discover each other, exchange topology information, and detect changes that require spanning tree recalculation.
BPDU Transmission Rules:
Why the Special Multicast Address?
The 01:80:C2:00:00:00 address is in the reserved range that switches recognize as "process locally, never forward." This ensures BPDUs remain within each link segment and don't flood through the network like regular multicast frames.
| Field | Size (bytes) | Description |
|---|---|---|
| Protocol Identifier | 2 | 0x0000 for IEEE 802.1D STP |
| Protocol Version | 1 | 0x00 for original STP, 0x02 for RSTP |
| BPDU Type | 1 | 0x00 = Configuration, 0x80 = TCN |
| Flags | 1 | TC (Topology Change), TCA (TC Acknowledgment) |
| Root Bridge ID | 8 | Priority (2) + MAC Address (6) of root |
| Root Path Cost | 4 | Cumulative cost to reach root bridge |
| Bridge ID | 8 | Priority (2) + MAC Address (6) of sending bridge |
| Port ID | 2 | Priority (1) + Port Number (1) of sending port |
| Message Age | 2 | Time since BPDU originated at root |
| Max Age | 2 | Maximum BPDU lifetime (default 20 seconds) |
| Hello Time | 2 | BPDU transmission interval (default 2 seconds) |
| Forward Delay | 2 | Time in Listening/Learning states (default 15 seconds) |
Total BPDU Size: 35 bytes (plus Ethernet header and trailer = ~60 bytes on wire)
BPDU Types:
Configuration BPDU (Type 0x00):
Topology Change Notification BPDU (Type 0x80):
Only the root bridge generates original BPDUs. All other bridges receive BPDUs from the root (directly or relayed), modify them to add their own path cost and bridge ID, and forward them out their designated ports. The Message Age field tracks how far the BPDU has traveled from the root.
Every bridge participating in STP must be uniquely identifiable and comparable. The Bridge ID serves this purpose and is the key to root bridge election.
Bridge ID Structure (8 bytes):
┌────────────────────┬────────────────────────────────────────────┐
│ Bridge Priority │ MAC Address │
│ (2 bytes) │ (6 bytes) │
├────────────────────┼────────────────────────────────────────────┤
│ 0x8000 (32768) │ 00:1A:2B:3C:4D:5E │
│ Default Priority │ Burned-in or Assigned │
└────────────────────┴────────────────────────────────────────────┘
Complete Bridge ID: 32768.00:1A:2B:3C:4D:5E
Bridge Priority:
Extended System ID:
In VLAN-aware environments, the same switch may participate in multiple spanning tree instances (one per VLAN or per VLAN group). The Extended System ID allows the same physical switch to have different Bridge IDs per VLAN:
Original 2-byte Priority: [Priority 16 bits]
With Extended System ID: [Priority 4 bits][VLAN ID 12 bits]
│ │
│ └── 0-4095 VLANs
└── Priority: 0, 4096, 8192, ..., 61440
Example for VLAN 100:
Priority = 32768 = 0x8000 = [1000][000001100100]
= Base 32768 + VLAN 100
Effective Bridge ID = 32868.00:1A:2B:3C:4D:5E
| Bridge A ID | Bridge B ID | Winner | Reason |
|---|---|---|---|
| 4096.00:11:22:33:44:55 | 32768.00:AA:BB:CC:DD:EE | Bridge A | Lower priority (4096 < 32768) |
| 32768.00:11:22:33:44:55 | 32768.00:AA:BB:CC:DD:EE | Bridge A | Equal priority, lower MAC |
| 32768.00:AA:BB:CC:DD:EE | 32768.00:11:22:33:44:55 | Bridge B | Equal priority, B has lower MAC |
| 0.00:FF:FF:FF:FF:FF | 4096.00:00:00:00:00:01 | Bridge A | Priority 0 beats all |
Never rely on MAC addresses for root bridge selection. MAC addresses are essentially random and change when hardware is replaced. Always configure explicit priorities: set the preferred root to 4096 or 8192, the backup root to 16384 or 20480, and leave access switches at default 32768.
Once the root bridge is elected, every other bridge must determine the best path to reach it. Path cost provides the metric for this calculation, with lower costs indicating more desirable paths.
How Path Cost Works:
ROOT BRIDGE
Cost to root = 0
│
────────┴────────
100Mbps │ 1Gbps
cost=19 │ cost=4
│
┌─────────────┼─────────────┐
│ │ │
SW-A (19) SW-B (4) SW-C (19)
path cost = 19 path cost=4 path cost=19
| Link Speed | Port Cost | Notes |
|---|---|---|
| 4 Mbps | 250 | Token Ring |
| 10 Mbps | 100 | Original Ethernet |
| 16 Mbps | 62 | Fast Token Ring |
| 100 Mbps | 19 | Fast Ethernet |
| 1 Gbps | 4 | Gigabit Ethernet |
| 10 Gbps | 2 | 10 Gigabit Ethernet |
| Link Speed | Recommended Cost | Notes |
|---|---|---|
| 10 Mbps | 2,000,000 | More granularity for high speeds |
| 100 Mbps | 200,000 | Proportional to bandwidth |
| 1 Gbps | 20,000 | 10x faster = 10x lower cost |
| 10 Gbps | 2,000 | Standard for modern data centers |
| 100 Gbps | 200 | Emerging standard |
| 1 Tbps | 20 | Future-proofing |
Path Cost Calculation Example:
ROOT (Priority 4096)
│
┌──────┴──────┐
1Gbps │ │ 100Mbps
(4) │ │ (19)
│ │
SW-A SW-B
│ │
1Gbps │ │ 1Gbps
(4) │ │ (4)
│ │
└──────┬──────┘
SW-C
(Access Layer)
SW-C's Path Cost Calculation:
Administrators can manually configure port costs to influence path selection. This is useful when physical topology doesn't match desired traffic patterns, or when specific paths should be preferred for policy reasons. However, misconfigurations can cause suboptimal routing or unexpected failover behavior.
STP relies on three configurable timers that control protocol behavior. Understanding these timers is essential for both troubleshooting and optimization.
The Three STP Timers:
| Timer | Default | Range | Affects |
|---|---|---|---|
| Hello Time | 2 seconds | 1-10 | BPDU frequency, overhead |
| Max Age | 20 seconds | 6-40 | Failure detection time |
| Forward Delay | 15 seconds | 4-30 | Port transition time |
| Total Convergence | 30-50 seconds | — | Max Age + 2×Forward Delay |
Why Such Long Default Timers?
The default timers were designed for networks with significant propagation delays and many bridges:
The 5-4-3-2-1 Rule Implication:
Original Ethernet specified maximum 7 bridges in a spanning tree path. With 1 second added per bridge hop (for processing), plus propagation delays, the 20-second Max Age ensures BPDUs can traverse the full diameter before timing out.
Never modify STP timers without understanding the implications. Reducing timers can cause instability when the network is larger than the timers allow. The formula for valid timers is: 2 × (Forward Delay - 1) ≥ Max Age ≥ 2 × (Hello Time + 1). Most networks should use RSTP instead of modifying original STP timers.
When a bridge receives a BPDU, it must decide whether this BPDU contains information "better" than what it currently knows. This comparison determines port roles and ultimately the spanning tree topology.
BPDU Comparison: The Four-Part Tie-Breaker
When comparing two BPDUs (received vs. stored), bridges use this priority order:
123456789101112131415161718192021222324252627282930313233343536373839404142
// BPDU Comparison Algorithm// Returns: true if received BPDU is superior to stored BPDU function isReceivedBPDUsuperior(received: BPDU, stored: BPDU): boolean { // Step 1: Compare Root Bridge IDs if (received.rootBridgeId < stored.rootBridgeId) { return true; // Lower root ID = superior } if (received.rootBridgeId > stored.rootBridgeId) { return false; // Higher root ID = inferior } // Root IDs equal, continue comparison // Step 2: Compare Root Path Costs let receivedCost = received.rootPathCost + thisPort.pathCost; if (receivedCost < stored.rootPathCost) { return true; // Lower cost = superior } if (receivedCost > stored.rootPathCost) { return false; // Higher cost = inferior } // Path costs equal, continue comparison // Step 3: Compare Sender Bridge IDs if (received.senderBridgeId < stored.senderBridgeId) { return true; // Lower sender ID = superior } if (received.senderBridgeId > stored.senderBridgeId) { return false; // Higher sender ID = inferior } // Sender IDs equal (same switch, different ports), compare Port IDs // Step 4: Compare Port IDs if (received.portId < stored.portId) { return true; // Lower port ID = superior } return false; // Received BPDU is not superior}What Happens When a Superior BPDU Arrives:
What Happens When an Inferior BPDU Arrives:
If the received BPDU is inferior to stored information:
This mechanism ensures that "better" topology information always wins, and the entire network converges to agree on the same root and spanning tree.
Through this simple comparison algorithm running on every bridge, the entire network converges to the same spanning tree without any central coordinator. Each bridge makes local decisions based on BPDUs, but the result is globally consistent. This is a classic example of distributed consensus in networking.
Every port on every bridge in the spanning tree is assigned one of three roles. Understanding these roles is fundamental to understanding STP behavior.
The Three Port Roles in 802.1D STP:
Port Role Selection Algorithm:
For each bridge:
1. Am I the Root Bridge? (My Bridge ID is lowest in all received BPDUs)
└── YES: All my ports are DESIGNATED PORTS
└── NO: Continue...
2. Determine my ROOT PORT:
- Compare all received BPDUs
- Port receiving best BPDU = ROOT PORT
- Best = lowest (Root ID, then Path Cost, then Sender ID, then Port ID)
3. For each remaining port, determine DESIGNATED vs BLOCKED:
- Am I the best path to the root for this segment?
- Compare my BPDU (from root port) against received BPDUs on this port
- If my BPDU is better → This port is DESIGNATED
- If my BPDU is worse → This port is BLOCKED
4. The Root Bridge's ports are always DESIGNATED (it is the best path by definition)
| Role | Exists On | State | BPDU Behavior | Traffic Direction |
|---|---|---|---|---|
| Root | Non-root bridges | Forwarding | Receives | Toward root |
| Designated | All bridges | Forwarding | Sends | Away from root |
| Blocked | Non-root bridges | Blocking | Receives only | None (blocked) |
The root bridge has NO root port (it is the root, there's nowhere closer to go). ALL ports on the root bridge are designated ports—the root is by definition the best path for every connected segment.
Let's trace through BPDU processing in a concrete example to solidify understanding.
Network Topology:
SW1 SW2 SW3
(32768.00:00:00:00:00:01) (16384.00:00:00:00:00:02) (32768.00:00:00:00:00:03)
│ │ │
Port 1 Port 1 Port 1
│ │ │
└─────────Link A─────────┴─────────Link B─────────┘
(100 Mbps each, cost = 19)
Step 1: Initial State
When switches boot, each believes it is the root:
Step 2: BPDU Comparison at SW1
SW1's Port 1 receives BPDU from SW2 claiming:
SW1 compares:
SW1 updates:
Step 3: BPDU Comparison at SW3
SW3 receives SW2's BPDU (same as SW1):
SW3 updates:
Step 4: Designated Port Decision on Link Between SW1-SW3
(Assume SW1 and SW3 also have a direct 100Mbps link between them)
Both SW1 and SW3 have:
Tie-breaker needed! Compare Sender Bridge IDs:
SW1 wins!
Final State:
SW2 (ROOT)
/ \
[RP]/ \[RP]
/ \
SW1───[DP] [BLK]───SW3
\ /
\ /
[DP] [BLK]
The network has converged to a loop-free spanning tree. SW2 is the root (lowest priority). SW1 and SW3 have root ports pointing to SW2. The redundant link between SW1-SW3 has one port blocked. Traffic flows without loops, but the physical redundancy is preserved for failover.
We've covered the complete operational mechanics of the Spanning Tree Protocol—the message formats, identifiers, and algorithms that enable distributed loop prevention.
What's Next:
Now that we understand how BPDUs work and how port roles are determined, we need to examine the most critical decision in any STP network: Root Bridge Election. The next page provides an in-depth exploration of how root bridges are elected, why root bridge placement matters enormously for traffic patterns, and best practices for root bridge design.
You now understand the operational mechanics of STP—how bridges communicate through BPDUs, how port roles are determined, and how the distributed algorithm converges to a loop-free topology. Next, we'll dive deep into root bridge election and its critical importance to network design.