Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Root Port Election (STP or RSTP)

Published on
12,738 Points
4 Endorsements
Last Modified:
Please see preceding article here: http://www.experts-exchange.com/Networking/Operating_Systems/A_11209-Root-Bridge-Election.html


Figure 1

After Root Bridge has been elected, then what?.....

Let's start by defining a Root Port in lay man's terms

A Root Port is the switchport a switch chooses with the determination that it is the closest or fastest port to reaching the Root Bridge.

Notice "reaching the Root Bridge"
It is easy to confuse Root Ports as the ports on the Root Bridge. The Root Port is the port that leads to the Root Bridge.

From San Francisco, California, Interstate 5 Southbound leads to Los Angeles. You will not find any Highway inside Los Angeles that says "To Los Angeles". If you see any such sign around the area, then it means you are not in Los Angeles. The same I5 that takes you to L.A from S.F, takes you back to S.F. from L.A. in the reverse direction. The sign changes to "To San Francisco"

Long story short. You will never find a Root Port on a Root Bridge.
Any switch you see with a Root Port Label means it is not a Root Bridge.

I hope I made that clear enough without bugging you with repetition.

With that out of the way, there are several criteria the switch uses to determine which of its ports is most reliable path to the Root Bridge.

This also implies the following.
- There can only be 1 Root Port on a switch.
- All switches except the Root Bridge must each have a Root Port

Before I proceed with those criteria, I should highlight the purpose of the Root Bridge and why every other switch needs to get to it as quickly as possible.

The main function of Spanning Tree is to prevent loops in a network especially when alternate or redundant links are configured.
It therefore needs 1 switch that all other switches can connect to. When this is determined, it then further determines the quickest or most efficient path(s) other switches can use to get to the Root Bridge. If it must block redundant links, it makes more sense to block less efficient links for optimum performance.

This then takes us to how the most efficient port is determined.
The major focus in a switching environment is speed and efficiency.

The switch therefore chooses the link it believes is the fastest and most reliable.

Every link has a cost attached to it based on the bandwidth or speed of the link.

Refer to the values in the table below


Table 1
These values are IEEE recommendations and cuts across different platforms or vendors

The higher the speed, the lower the cost,
The lower the cost, the more reliable the link.

In Spanning Tree, the rule of thumb is LOWER IS BETTER!
Think of trees and think about LOWEs (free advertisement but that's ok)

In essence, the shortest path (not in distance but in cost value), is considered the most efficient and most reliable path.

Please note that, EVERY other switch in the network apart from the Root Bridge that PARTICIPATES in Spanning Tree will always have 1 port it designates as the shortest path to the Root Bridge.

The shortest path is then LABELED the ROOT PORT. Once the Root Port is determined, the switch looks to see if there is another link or path to the Root Bridge. If any is found, the switch automatically blocks that link from actively forwarding packets (Hold this thought here!, I will elaborate more on this later when dealing with designated port).

Imagine a tree and and pay attention to the root.
The tree is the Root Bridge - sort of bridges all
the roots together.


Figure 2

That is the concept behind spanning tree. Another good way of looking at it is the way Jeremy Ciora (CBT Nuggets) described it in one of his video tutorials - Imagine spanning tree as the falling of trees over bad links. When no other path exists to the Root Bridge, it's time for Caltrans to remove the trees from the highway. (If you are not from California, Caltrans is California's state agency responsible for highway, bridge, and rail transportation planning, construction, and maintenance)

Going back to figure 1, after the Root Bridge has been elected, the figure will look something like this. (Please refer to the article (Root Bridge Selection) if you need to review how the root bridge was selected.


Figure 3

Remember the statement above,
Once the Root Port is determined, the switch looks to see if there is another link or path to the Root Bridge. If any is found, the switch automatically blocks that link from actively forwarding packets....

Our Root Bridge is Switch C.
Switch D has 2 paths to get to C
a. From its Root Port (Gi0/2) -> C's Fa0/2
b. From its Designated Port (Gi0/1) -> B's Gi0/1 -> B's Gi0/2 -> A's Fa0/2 -> A's Fa0/2 -> C's Fa0/1
Question is, why didn't Switch D block it's Gi0/1 since that's another path to the Root Bridge?

If you observe the Figure 3 very well, you will notice that Switch D's Gi0/1 port is connected to Switch B's Gi0/1 port which happens to be a Root Port also, meaning that, Switch D needs that link to access the Root Bridge.

If you continue through path B for Switch D, you will notice that the link gets blocked eventually by Switch B at FGi0/2.

I know it's getting a little more complex here but take it bit by bit and you'll be fine.
You may also have wondered as to how the blocked port is determined.
Why didn't Switch A block the link instead?
Another great question.

Remember Spanning Tree's Lower is Better Slogan.
Spanning Tree uses MAC Address or Priority value to determine which switch becomes the Root Bridge. The 1st criteria used is PRIORITY, then MAC Address if there is a tie in priority values.

The Switch with lowest priority or lowest MAC Address becomes the Root Bridge (Master). Same concept applies to Blocked or Alternate Ports. The switch with the lower priority or MAC Address gets to keep it's port (since it is superior of the two).

Please note

1. Any port connecting to a Root Port will always be a Designated Port and is never Blocked.
2. There is no Root Port on a Root Bridge.
3. There is never a Blocked or Alternate Port on a Root Bridge
4. All the Ports on a Root Bridge are Designated Ports (Always in a forwarding state)
5. A Blocked or Alternate Port always connect to a Designated Port
6. Designated Ports can pair with another Designated Port, but Alternate Ports can only pair with Designated Port.

Take your time to sink this in.

You may ask, Can a Blocked Port on a switch pair with a Designated Port on a Root Bridge? Great question, and the answer is YES.

Anytime you identify a Root Bridge, mark all its ports as Designated, then look for paths other switches will use to connect to it. Only 1 path is allowed per switch to the Root Bridge. If 2 paths link to the Root Bridge, 1 link must be blocked, if 3, 2 links must be blocked; if 100 paths, 99 links must be blocked. The goal is to prevent a ring from forming between 2 switches.

I hope this is clear enough. There are more concepts with respect to Spanning Tree but the goal of this article is to keep it simple and as basic as possible.

Before I wrap up, I would like to touch up on one more possible but uncommon scenario.

What happens with Redundant links between 2 switches?

Observe the two paths from Switch B to Switch A
- The Priority values are the same
- The MAC addresses are the same

So, how does the switch determine which port to block?

Back to our Spanning Tree Slogan, "Lower is better"
The 2 ports on Switch B are
a. Fa0/1
b. Fa0/2

Can you guess which port is lower? Of course, Fa0/1

So Switch B keeps Fa0/1 up and blocks Fa0/2


Figure 4

That's it, about Root Ports in its most basic description.

I hope this helps

All the best
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 25

Expert Comment

One thing I would add is that port numbers by themselves do not determine which port (when redundant ports are found) is blocked and which is forwarding.  Just like switches have bridge IDs made up of a bridge priority and mac address, ports have port priorities as well which can be tweaked to override default behavior.  I only bring it up because you do talk about bridge priorities when electing the root bridge so it makes sense to mention port priorities as well without going so complicated as to discuss per vlan configurations as well

A second thing is that in the last pic showing the redundant links you have the left link showing both ends as designated.  That can't be.  one of those must be a root port.

1) ever non-root bridge has a single root port
2) every link has one designated port.

so switch B fa0/1 would be root port not designated.

Finally, those port costs are for STP (1998 standard, original is different of course), not RSTP.  I only bring it up because the title of the article is STP or RSTP.  So I think a distinction should be made.
LVL 18

Author Comment

Thanks for your input

If you read the preceeding article, you would know that this is a simplified (generalized) approach. To your comments about designated ports - Root Bridges do not have Root Ports. All ports on root bridges are designated.
LVL 25

Expert Comment

Umm, I never stated a root bridge was to have a root port; quite the contrary actually.  Look at the picture again.  Switch A has the lower mac and they have the same bridge priority.  So Switch A is the root.  And as you point out, all its ports are designated then which the picture shows.  What it doesn't show is a root port on Switch B.  Which in this case would be port fa0/1 and for the exact reason you mention in the article.  But beyond that.  no link in a switched network can have both sides be designated.  That is an invalid state.

Pointing out a small mistake on a picture is not trying to cripple the article because from what I saw nothing is really wrong with what you are saying.  My first point was an omission of data (which I agree with you was mostly likely to keep then article easier to understand but I stated why I thought it should be included).  The second point was simply pointing out that the last image should be fixed.  No where did I state that any text needs to change as everything you said is true.  I merely don't want people to be confused after you go thru explaining the entire process that there is no root port in that 2 switch network you are using as an example.  Or to think it is ok to have 2 ports on the same link to be in designated state.  You clearly know what you're talking about, I just figured it was an oversight.

Administrative Comment

Cyclops3590, thank you for your clarification. I have removed the portion of Akinsd's comment. Please keep it civil, and dedicated to improving information to the reader.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Join & Write a Comment

Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Next Article:

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month