STP Port Roles – Detailed Explanation

1. Overview of STP Port Roles

Spanning Tree Protocol (STP) prevents Layer 2 loops in Ethernet networks by assigning specific port roles to each switch port.
Purpose: To use only loop-free, safest paths for data forwarding and place redundant links in a standby (blocking) state.

2. Purpose of Port Roles in Loop Prevention

Roles are central to STP’s loop-avoidance mechanism. Assigning a role (Root, Designated, Blocking, etc.) ensures only non-looping paths are used, while backup links remain available for redundancy.

3. Relationship Between Roles and Port States

Port Role: What the port does in the STP topology (e.g., forwarding to the root, or blocking).
Port State: The operational state (e.g., forwarding, blocking, listening, learning) that determines if user traffic is actually passed.

4. Root Port (RP)

Definition and Function: The Root Port is the single port on a non-root switch with the lowest path cost to the Root Bridge.
There is one Root Port per switch (except the Root Bridge, which has none).
Selection: STP calculates the lowest cumulative cost path to the Root Bridge. The port on that path becomes the Root Port.
Role in Forwarding: The Root Port forwards frames toward the Root Bridge.

Switch A (Root Bridge)
  |
Switch B (RP: Gi0/1, cost 19)
  |
Switch C (RP: Gi0/2, cost 38)

On Switch B and C, the port facing the root bridge (or shortest path to it) is the Root Port.

5. Designated Port (DP)

Definition: A Designated Port is the port on each network segment (collision domain) that has the lowest path cost to the Root Bridge.
Purpose: Forwards frames away from the Root Bridge to other segments.
Selection: Each segment must have exactly one Designated Port. The port with the lowest path cost to the Root Bridge becomes the DP.

Switch B (DP: Gi0/2 on segment to C)
Switch C (DP: Gi0/1 on segment to B)

Each side’s port facing a shared segment is compared; only one becomes DP.

6. Blocking Port

Role: Blocking Ports do not forward traffic or learn MAC addresses. They exist only to provide backup paths if the active topology fails.
Blocking ports are those that are neither RP nor DP.
Condition: When two ports on the same segment could create a loop, the non-DP is blocked.

Triangle topology: A—B—C—A
One port on each switch is RP, one is DP, and the redundant port is blocking to break the loop.

7. Alternate and Backup Port Roles (RSTP/MSTP)

Alternate Port: Provides an alternate path to the root, but remains in discarding (blocking) state unless needed.
Backup Port: Backup to a designated port on the same segment; also in discarding state.
Both roles are part of RSTP and MSTP enhancements, enabling faster convergence and failover.

8. Port Role Selection Process

How STP Determines Roles:
- Root Bridge election occurs first.
- Each switch calculates its shortest path (lowest cost) to the Root Bridge.
- Root Port: The port with the lowest cost path to root.
- Designated Port: For each segment, the port with the lowest path cost to root.
Link Speed/Cost Table:

Link Speed	Cost (Default)
10 Gbps	2
1 Gbps	4
100 Mbps	19
10 Mbps	100

9. Port States Associated with Roles

Port Role	Typical State(s)
Root Port	Forwarding
Designated Port	Forwarding
Blocking Port	Blocking / Discarding
Alternate/Backup	Discarding (RSTP/MSTP)

Listening and Learning are transitional states before forwarding.

10. Multiple Designated Ports on Different Segments

Each segment (collision domain) has one Designated Port.
A switch may have multiple Designated Ports if it connects to multiple segments.

11. Examples and Topology Diagrams

   [Root Bridge]
      /     \
   [S1]----[S2]

Root’s ports: All Designated
S1/S2: Each has one Root Port (toward root), one Designated Port (if connected to a segment), and one Blocking Port (for redundancy).

12. Impact of Port Roles on Network Traffic

Traffic flows only on ports in forwarding state (RP/DP).
Blocked ports are unused, preventing loops, but become active if a failure occurs.

Exam Tip: A non-root switch will have one RP, possibly multiple DPs, and any remaining ports may be blocking.

13. Troubleshooting Port Roles

Symptom	Possible Cause	Solution
Unexpected loops/broadcasts	DPs or RPs not properly assigned	Check port roles with `show spanning-tree`
Inactive redundant links	Normal; STP blocking is working	Only an issue if a link fails
Too many blocking ports	Network design may be inefficient	Reconsider topology/root placement

Command Example:

show spanning-tree

Shows port roles and states for each interface per VLAN.

14. Differences in Port Roles in RSTP and MSTP

RSTP and MSTP add Alternate and Backup roles for faster failover.
Provide rapid transition to forwarding state if a failure is detected.

📑 Key Points and Exam Tips

Root Port: Only one per switch (except root), always forwarding traffic toward root.
Designated Port: One per segment, can be multiple per switch.
Blocking Port: Neither RP nor DP; prevents loops, activated if topology changes.
Port roles are per VLAN in PVST+ and Rapid PVST+.
Link speed affects path cost and port role selection.
Use show spanning-tree for verification and troubleshooting.
RSTP/MSTP: Alternate and Backup roles for rapid failover.

When and Where to Use This Knowledge

All networks using STP/PVST+ for loop prevention.
Exam scenarios testing ability to determine port roles and troubleshoot loops/blocked links.
Optimizing redundancy and traffic flow in campus/enterprise networks.

STP Port Roles Quiz

1. What is the role of a Root Port in STP?

A. The port that blocks traffic to prevent loops B. The port forwarding traffic away from the Root Bridge C. The single port with lowest cost path toward the Root Bridge D. A backup port for redundancy

Correct answer is C. Root Port is the port with the lowest cumulative cost path towards the Root Bridge and forwards traffic to it.

2. How many Root Ports can a non-root switch have?

A. One B. None C. Multiple D. As many as ports

Correct answer is A. Each non-root switch has exactly one Root Port.

3. What is a Designated Port?

A. Port that blocks traffic to prevent loops B. The root switch port with highest priority C. Port that receives BPDUs only D. The port on each segment with lowest cost to the Root Bridge that forwards traffic

Correct answer is D. Designated Port is the forwarding port for a given LAN segment with the lowest path cost to the root.

4. What is the primary function of Blocking Ports in STP?

A. Forward traffic towards the root B. Prevent loops by not forwarding traffic or learning MAC addresses C. Provide power to connected devices D. Backup port that forwards traffic if the Root Port fails

Correct answer is B. Blocking ports do not forward frames or learn MACs, preventing Layer 2 loops.

5. What impact does link speed have on STP port role selection?

A. Lower path cost (higher speed) links are preferred for Root and Designated Ports B. Link speed has no effect C. Slower links are preferred for root ports D. Speed only matters for blocking ports

Correct answer is A. STP selects ports with lower path cost, which corresponds to higher link speeds.

6. How many Designated Ports can a switch have?

A. One per switch B. None C. Multiple, one per segment connected D. As many as ports minus one

Correct answer is C. A switch can have multiple Designated Ports, one for each connected segment.

7. Which STP port states are typically associated with forwarding traffic?

A. Blocking and Listening B. Learning and Blocking C. Listening and Learning D. Forwarding

Correct answer is D. Only ports in the forwarding state actively send and receive user traffic.

8. What is the role of Alternate and Backup ports in RSTP/MSTP?

A. They forward traffic in normal operation B. They provide backup/discarding roles for faster failover C. They replace Designated Ports permanently D. They increase loop chances

Correct answer is B. Alternate and Backup ports are in discarding state and enable rapid transition to forwarding on failure.

9. What is the recommended command to verify STP port roles?

A. show spanning-tree B. show vlan brief C. show interfaces status D. show mac address-table

Correct answer is A. The show spanning-tree command displays port roles and states per VLAN.

10. Why might too many ports be in blocking state?

A. STP is not running B. The root bridge has failed C. Network design may be inefficient or topology may cause excessive blocking D. VLANs are misconfigured

Correct answer is C. Too many blocking ports can indicate an inefficient topology or suboptimal root bridge placement.

← Back to Home