The Bridge ID and Priority
Every switch running STP has a unique identifier called the Bridge ID (BID). The BID is 8 bytes long and consists of two parts:
- Bridge Priority (2 bytes, 16 bits)
- MAC Address (6 bytes, 48 bits)
Bridge Priority Format
The 16-bit priority field is divided:
Bits 0-3: Extended System ID (for per-VLAN STP variants)
Bits 4-15: Bridge Priority Value (0-61440, configurable)
The bridge priority value defaults to 32768 (0x8000). Valid values are 0, 4096, 8192, 12288, ..., 61440 in increments of 4096. Cisco switches use the extended system ID to encode the VLAN, allowing different BIDs per VLAN.
Example Bridge ID
On a switch with MAC address aabb.cc00.5500:
Default bridge priority: 32768 (0x8000)
VLAN 1 BID: 32768.aabb.cc00.5500
VLAN 10 BID: 32768.aabb.cc00.5500 (or 32778 if extended system ID enabled)
The switch will display this as:
SW1# show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address aabb.cc00.1100
This bridge is the root
Root Bridge Election Process
When STP initializes, every switch assumes it's the root bridge and sends BPDUs advertising itself. Switches then compare BIDs and the switch with the lowest BID becomes the root. Tie-breaking happens in this order:
- Lowest bridge priority (16-bit value, configurable)
- Lowest MAC address (if priorities are equal)
Example Election (Three Switches)
SW1: Priority 32768, MAC 0000.0000.0001
SW2: Priority 32768, MAC 0000.0000.0002
SW3: Priority 24576, MAC 0000.0000.0003
Winner: SW3 (lowest priority 24576)
If SW3 and SW1 both have priority 32768:
SW1: Priority 32768, MAC 0000.0000.0001
SW3: Priority 32768, MAC 0000.0000.0003
Winner: SW1 (lowest MAC address when priorities tie)
Configuring Priority to Control Election
To make SW1 the root bridge on VLAN 10, lower its priority below other switches:
SW1(config)# spanning-tree vlan 10 priority 4096
SW1(config)# exit
SW1# show spanning-tree vlan 10
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 4096
Address aabb.cc00.1100
This bridge is the root
Bridge ID Priority 4096
Address aabb.cc00.1100
Port role counts Spanning tree 3
Alternatively, use the "root primary" / "root secondary" commands which automatically adjust priority:
SW1(config)# spanning-tree vlan 10 root primary
! Sets priority to 24576 on SW1 and configures all other switches with priority 28672
BPDU Format and Fields
Bridge Protocol Data Units are the control messages switches use to communicate STP information. A BPDU contains:
Field Size Purpose
────────────────────────────────────────────────────────
Protocol ID 2 bytes Version 0 (802.1D) or 2 (RSTP)
Version 1 byte Type (1 = Config BPDU, 2 = TCN)
Message Type 1 byte Reserved
Flags 1 byte TC, TCA, role info
Root Bridge ID 8 bytes Priority + MAC of root
Root Path Cost 4 bytes Cost from sender to root
Sender Bridge ID 8 bytes Priority + MAC of sender
Sender Port ID 2 bytes Sender port priority + number
Message Age 2 bytes Time since root created BPDU
Max Age 2 bytes Max age of this BPDU
Hello Time 2 bytes Interval between BPDUs
Forward Delay 2 bytes State transition delay
Interpreting a BPDU
A BPDU from SW2 advertising itself as root:
Root Bridge ID: Priority 32768, MAC aabb.cc00.2200
Sender Bridge ID: Priority 32768, MAC aabb.cc00.2200
Root Path Cost: 0 (SW2 is the root)
Sender Port ID: 128.1 (priority 128, port 1)
Hello Time: 2 seconds
Forward Delay: 15 seconds
Max Age: 20 seconds
This BPDU travels out all ports and is received by neighboring switches. Each neighbor compares the root BID to its own; if the neighbor's is lower, the neighbor keeps advertising itself. If the received BID is lower, the neighbor accepts it and starts advertising that root.
The Spanning Tree Algorithm (Core Logic)
Once the root is elected, all other switches calculate the shortest path back to the root. The algorithm is deterministic:
1. Calculate Root Path Cost
Each switch sums the cost of all links on the best path to the root. Cost is based on link speed:
Link Speed │ Cost (802.1D) │ Cost (Modern)
──────────────┼───────────────┼──────────────
10 Mbps │ 100 │ 2,000,000
100 Mbps │ 19 │ 200,000
1 Gbps │ 4 │ 20,000
10 Gbps │ 1 │ 2,000
If SW1 is root and SW2 connects directly to SW1 via a 1 Gbps link:
SW2's root path cost = 0 (from root) + 4 (cost on SW2's side) = 4
If SW3 reaches root through SW2:
SW3's root path cost = 4 (SW2 to root) + 4 (SW3 to SW2) = 8
2. Select Root Port (On Non-Root Switches)
The root port is the port with the lowest root path cost. If a switch has multiple ports with equal cost, tie-breaking uses:
- Lowest sender bridge ID
- Lowest sender port ID
3. Select Designated Ports (Per Link)
On each link in the tree, one port is designated (forwarding) and others are blocked. The designated port is on the switch with the lowest root path cost to the root. If costs are equal, the port on the switch with the lowest bridge ID is designated.
4. Block All Other Ports
Any port that is neither root nor designated is blocked.
Building the Tree: Concrete Example
Lab topology:
[SW1] ← Root (priority 4096)
/ \
Link1 Link2
/ \
[SW2] [SW3]
|
Link3
|
[SW4]
Election
All three switches start by advertising themselves. SW1 has priority 4096 (others default to 32768), so SW1 becomes root.
SW2's Calculations
Ports on SW2:
- Eth0/0: Connected to SW1
- Eth1/0: Connected to SW3
Eth0/0 (connected to SW1):
Root Path Cost = 0 (SW1 is root) + 4 (1 Gbps link) = 4
Sender BID = SW1 (4096.aabb.cc00.1100)
Eth1/0 (connected to SW3):
Root Path Cost = 4 (from SW3's advertisement) + 4 = 8
Sender BID = SW3 (32768.aabb.cc00.3300)
SW2's root port = Eth0/0 (cost 4 is lower)
Eth0/0 advertises with root path cost 4
SW3's Calculations
Ports on SW3:
- Eth0/0: Connected to SW1
- Eth1/0: Connected to SW2
Eth0/0 (connected to SW1):
Root Path Cost = 0 + 4 = 4
Sender BID = SW1
Eth1/0 (connected to SW2):
Root Path Cost = 4 (from SW2) + 4 = 8
Sender BID = SW2
SW3's root port = Eth0/0 (cost 4 is lower)
Eth0/0 advertises with root path cost 4
Link1 (SW1-SW2): Designated Port Selection
Both SW1 and SW2 have ports on this link. SW1's root path cost = 0, SW2's = 4. The port on SW1 (lowest cost) is designated and forwards. SW2's port is blocked? No—SW2 already selected it as its root port. Root ports always forward (when active).
Link2 (SW1-SW3): Designated Port Selection
Same logic: SW1's cost = 0, SW3's = 4. SW1's port is designated. SW3's port is root port (forwards).
Link Between SW2 and SW3
SW2 advertises root path cost 4 (via SW1). SW3 advertises 4 (via SW1). They have equal cost, so the switch with the lower bridge ID gets its port designated:
SW2 BID: 32768.aabb.cc00.2200
SW3 BID: 32768.aabb.cc00.3300
SW2 < SW3, so SW2's port is designated (forwards)
SW3's port is blocked
Final Tree
[SW1] ← Root (all ports designated)
/ \
(D) / \ (D)
/ \
[SW2] [SW3]
(D) (B)
|
[SW4]
Ports: (D) = Designated/Forwarding, (B) = Blocked
Verifying the Election and Tree
Show Spanning-Tree Summary
SW1# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address aabb.cc00.1100
This bridge is the root
Bridge ID Priority 32768
Address aabb.cc00.1100
Root Hello Max Fwd
Bridge ID Age Dly
SW1 4096 0 2 15
Show Spanning-Tree Interface Details
SW2# show spanning-tree vlan 1 interface ethernet 0/0
Vlan Interface Role Sts Cost Prio.Nbr Type
────────────────────────────────────────────────────────────────────────────
VLAN0001 Eth0/0 Root FWD 4 128.1 P2p
SW2# show spanning-tree vlan 1 interface ethernet 1/0
Vlan Interface Role Sts Cost Prio.Nbr Type
────────────────────────────────────────────────────────────────────────────
VLAN0001 Eth1/0 Altn BLK 4 128.2 P2p
SW2 has a Root port (Eth0/0, Forwarding) and an Alternate port (Eth1/0, Blocked).
Show Spanning-Tree Root
SW3# show spanning-tree root
Root Hello Max Fwd
Vlan Root ID Cost Age Dly Root Por
──────────────────────────────────────────────────────────────────
VLAN0001 4096 aabb.cc00.1100 4 2 15 Eth0/0
SW3 reaches the root via Eth0/0 with cost 4.
Rapid Spanning Tree (802.1w) and RSTP
Modern switches use Rapid STP instead of the slow 802.1D algorithm. RSTP uses the same BID and priority concepts but:
- Converges in seconds instead of 30-50 seconds
- Adds proposals and agreements to speed port transitions
- Keeps the same port roles and cost calculation
PVST+ and Rapid PVST+ apply these concepts per VLAN. Article 7 covers the differences in depth.
What's Next
Read Article 3: STP Port Roles Explained—Root, Designated, Blocked, and Alternate to dive deeper into how switches determine which port gets which role, including tie-breaking rules and real-world examples.