Free CCNA | Spanning Tree Protocol (Part 2) | Day 21 | CCNA 200-301 Complete Course

Welcome to Jeremy’s IT Lab. This is a free, complete course for the CCNA. If you like these videos, please subscribe to follow along with the series.

Also, please like and leave a comment, and share the video to help spread this free series of videos. Thanks for your help. In this video we will continue our study of spanning tree.

In part 1 we focused on the basic purpose of spanning tree and how to calculate a spanning tree topology. In this video we will look into more detail at the operation of spanning tree. First let’s see what we’ll cover in this video.

First of all we will take a look at spanning tree states and timers. You already know the blocking and forwarding states, but there are also a couple transitional states between those two, and some timers that determine when the switch moves between each state. I’ll show you the spanning tree BPDU (bridge protocol data unit, what fields are included in it and what their purpose is.

Then we’ll take a look at some optional features of STP, sometimes called the spanning tree ‘toolkit’, some additional features that you can enable that improve spanning tree, we’ll cover some of them briefly. Finally, we’ll cover spanning tree configurations. Spanning tree runs by default so you don’t actually have to do any configuration, but you should know how to change which switch becomes the root switch and such, so you can make sure traffic follows the best path.

Also, make sure to stick around to the end of today’s quiz. I will feature one practice question from Boson Software’s ExSim, a fantastic set of practice exams for the CCNA. Pretty much everyone who uses them agrees they are the best practice exams out there, and are an essential part of preparing for the CCNA.

They definitely helped me pass all of my CCNA and CCNP exams on the first try! If you want to grab a copy of ExSim, please follow the link in the video description. First let’s take a look at spanning tree port states.

You are already familiar with two, BLOCKING and FORWARDING, but there are two others, LISTENING and LEARNING. BLOCKING and FORWARDING are the two ‘stable’ states. Root and Designated ports remain stable in a Forwarding state, and Non-designated ports remain stable in a Blocking state.

Note that they only remain stable as long as there are no changes in the network topology. If a new device is added, an interface is shutdown, or a hardware failure occurs somewhere, they may have to change states. But as I said, as long as the network is stable, each spanning tree interface will be stable in one of these states.

Now, there are also two transitional states. Listening and Learning are transitional states which are passed through when an interface is activated, or when a Blocking port must transition to a Forwarding state due to a change in the network topology. Actually, there is one more state you might hear of, this is the disabled state.

This simply refers to an interface that is administratively disabled, meaning shutdown. We won’t really talk about the disabled state much because it doesn’t really play any role in spanning tree, the interface is shut down. Okay, let’s take a look at these states, starting with the Blocking state.

Non-designated ports are in a Blocking state. Interfaces in a Blocking state are effectively disabled to prevent loops. This is what makes spanning tree work, disabling redundant interfaces to avoid loops.

Interfaces in a Blocking state do not send/receive regular network traffic. Any regular traffic that arrives on an interface in a blocking state will simply be dropped. However, Interfaces in a Blocking state do receive STP BPDUs.

They need to receive and process BPDUs to be aware of the spanning tree topology, and be ready to transition toward a forwarding state if they need to. But, interfaces in a Blocking state do NOT forward STP BPDUs. Finally, interfaces in a Blocking state do NOT learn MAC addresses.

If regular traffic arrives on the interface it is dropped without adding the MAC address to the MAC address table. After the Blocking state, interfaces with the Designated or Root role enter the Listening state. Let me just repeat that only Designated or Root ports enter the Listening state, Non-designated ports are always Blocking.

That’s because Listening is a transitional state that eventually leads to the forwarding state, so there’s no need for a Non-designated port to enter this state. The Listening state is 15 seconds long by default. This is determined by a timer called the ‘Forward delay’ timer.

You’ll soon see that this timer isn’t used only for the Listening state. Anyway, remember that it is 15 seconds by default. An interface in the Listening state ONLY forwards/receives Spanning Tree BPDUs.

It does NOT send or receive regular traffic. If a regular unicast frame is received on a port in the Listening state, it will be discarded. An interface in the Listening state also does NOT learn MAC addresses from regular traffic that arrives on the interface.

I said the same thing about the Blocking state, but let me explain. As you know well already, when a frame arrives on a switch interface, the switch uses the source MAC address field to ‘learn’ that MAC address, and it updates the MAC address table with the MAC address, interface, and VLAN information. However, if an interface is in the spanning tree Listening state, it will not do this.

The traffic is simply dropped, and the MAC address learning process does not occur. After the Listening state, a Designated or Root port will enter the Learning state. The Learning state is 15 seconds long by default.

This is determined by the Forward delay timer, so the same timer is used for both the Listening and Learning states, meaning by default it takes a total of 30 seconds to move through both states and enter a forwarding state. Same as in the Listening state, an interface in the Learning state ONLY sends or receives spanning tree protocol BPDUs. Also, it does NOT send or receive regular traffic.

However, here is the difference between the Listening and Learning states. An interface in the Learning state learns MAC addresses from regular traffic that arrives on the interface. So, an interface in the learning state is preparing to forward traffic by building up some of its MAC address table beforehand.

Finally, we have the forwarding state. Root and Designated ports are in a Forwarding state when they're stable. A port in the Forwarding state operate as normal.

So, what does that mean? A port in the Forwarding state sends and receives BPDUs. It sends and receives normal traffic.

Also it learns MAC addresses from the frames that arrive on it, and adds them to the MAC address table. So, it’s a switchport operating as normal. For review, here’s a summary of each spanning tree port state.

For reference, I’ve also added the Disabled state to the bottom, which as I said before is the spanning tree state of a shutdown, administratively disabled, interface. Pause the video if you want to take a look at this table and use it for review. You can also review using the flashcard deck, make sure to download it from the link in the video description.

Now let’s talk about each of the timers used in Spanning Tree. I’ve already mentioned the Hello and Forward Delay timers, but I haven’t mentioned Max Age yet. First up let’s look more in detail at the hello timer.

It determines how often the root bridge sends hello BPDUs, by default it will send them every 2 seconds. Other switches in the network do not originate their own BPDUs, but they will forward BPDUs they receive. However, there is one thing I didn’t mention before.

The switches will only forward BPDUs on their DESIGNATED PORTs. Let’s see how that works. First off, I showed you this slide in day 20’s video.

Assuming these switches all come online at the same time, each assumes they are the root bridge, and each will send BPDUs out of all interfaces. However, once the network has converged and all switches and ports are stabilized in their roles, only the root bridge sends BPDUs. Then, the other switches will forward these BPDUs on their designated ports, updating information like the bridge root cost, sending bridge ID, sending port ID, etc.

Then, two seconds later, the root bridge will send BPDUs again, and the other switches will again forward these BPDUs on their designated ports. Note that they do not forward the BPDUs out of their root ports and non-designated ports, only their designated ports. So, that’s the hello timer.

Next up, the forward delay timer. This is the length of the Listening and Learning transitional states that a port goes through when it moves to forwarding. Note that this is the length of each of the states, not the total length of both combined.

So, with the default Forward delay timer of 15 seconds, it takes a total of 30 seconds for the switchport to move through both states and forward traffic. Then the final timer, one I haven’t told you about yet, is the max age timer. This timer indicates how long an interface will wait to change the spanning tree topology after ceasing to receive BPDUs.

So, this will need some more explanation. Let’s take a look. Remember that each collision domain has one designated port, and BPDUs are forwarded out of designated ports.

So, all root ports and non-designated ports expect to receive BPDUs. The root bridge, SW3, sends BPDUs, and then SW1 and SW4 forward them out of their designated ports. To demonstrate the Max Age timer, let’s focus on SW2’s G0/1 interface.

It just received a BPDU, so the max age timer is reset to 20. It counts down to 19. .

. 18… And then the root bridge sends BPDUs, because of the 2 second hello timer. they are forwarded by the other switches, and SW2 resets its max age timer to 20.

. . 19.

. . 18… But what if a failure occurs on the connection between SW1 and SW2?

The root bridge will send BPDUs, and other switches will forward the BPDUs, but SW1’s G0/0 interface is down so SW2 no longer receives a BPDU on its G0/1 interface. So, the max age timer continues counting down. 17… 16… 15… and if the failure doesn’t recover and SW2 doesn’t receive any more BPDUs on its G0/1 interface, SW2’s max age timer will count all the way down to 0.

What happens then? First of all, If another BPDU is received before the max age timer counts down to 0, the time will reset to 20 seconds and no changes will occur. However, If another BPDU is not received, the max age timer counts down to 0 and the switch will reevaluate its STP choices, including root bridge, and local root, designated, and non-designated ports.

After these decisions, if a non-designated port is selected to become a designated or root port, it will transition from the blocking state to the listening state (for 15 seconds), learning state (again for 15 seconds), and then finally the forwarding state. So, it can take a total of 50 seconds for a blocking interface to transition to forwarding. Why does it take so long?

Well, tThese timers and transitional states are to make sure that loops aren’t accidentally created by an interface moving to forwarding state too soon. I showed you in the previous lecture how dangerous a Layer 2 loop can be. That’s why spanning tree protocol is very careful about moving an interface to a forwarding state.

However, a forwarding interface can move directly to a blocking state, because there is no worry about creating a loop by blocking an interface. But, as I just said, a blocking interface cannot move directly to forwarding state. It must go through the listening and learning states.

So let’s move on to check out the spanning tree BPDU, bridge protocol data unit. First off, in the Ethernet header section, notice the destination. Cisco’s PVST+ uses the destination MAC address of 0100.

0ccc. cccd for its BPDUs. I recommend remembering this, it’s a little bit of trivia you might need to know for the test.

For remembering little facts like these, I highly recommend using the Anki flashcard deck I include with this video. I mentioned PVST in the previous lecture, but what’s PVST+? Well, PVST is an older version which only supports Cisco’s ISL for trunk encapsulation.

PVST+ is a newer version which supports dot1q. I might use the term ‘PVST’ sometimes, but really I mean PVST+, because ISL is pretty much never used anymore. By the way, since I mentioned the MAC address, regular spanning tree, meaning not Cisco’s PVST or PVST+, uses a destination MAC address of 0180.

c200. 0000. Again, you probably should remember that fact for the exam.

Now let’s move on to the spanning tree BPDU itself. I don’t think you need to memorize the BPDU for the CCNA, but I just want to give you an introduction to what is included in the BPDU. The first three fields are the protocol identifier, which is always hexadecimal 0000 for spanning tree.

The protocol version identifier is set to 0 for classic spanning tree, you’ll see a different value here when we look at rapid spanning tree protocol in day 22. Finally, the BPDU type is hexadecimal 00 for what’s called a ‘configuration BPDU’. There are other types of BPDUs, but we don’t need to go that in depth for the CCNA.

Next up are some flags, these are used to signal topology changes to other switches. Again, I don’t think we need to go in depth about these for the CCNA. Next up is the root identifier, which gives the bridge priority, extended system ID, which is the VLAN ID, 10 in this case, and the bridge system ID, which is the MAC Address of the root bridge.

I set the MAC address to all A’s in this case. Next is the root path cost. It’s 0 in this case, so you know that this is the root bridge.

You can also know this is the root bridge by looking at this field. The information in the bridge identifier field is the same as in the root identifier field, meaning this is the root bridge. After that is the port identifier, the interface which sent the BPDU.

It is hexadecimal 8 0 0 2. 8 0 in hexadecimal is equivalent to 128, which if you remember from day 20, is the default port priority. 0 2 is the number of the port itself.

Finally, the timers. Message age is something I haven’t mentioned yet, but it starts at 0 at the root bridge and is increased by 1 each time it is forwarded by another switch. It is subtracted from the max age when a switch receives the BPDU, so for example if the BPDU is passed through 5 switches, when it reaches the 6th bridge it will immediately reduce its max age timer to 15, meaning each time it receives a BPDU its max age will reset to 15 instead of 20, even though the max age timer is 20.

I don’t think that’s an important topic for the CCNA though, its a bit more advanced. After that we have the three timers we talked about, max age, hello, and forward delay. By the way, the spanning tree timers on the root bridge determine the spanning tree timers for the rest of the switches in the network, even if they are configured differently.

Next let’s talk about some optional features of spanning tree, sometimes called the spanning tree toolkit. These are features that can be enabled to improve the functionality of spanning tree protocol in some way. The first one is called portfast.

It solves one problem of spanning tree. Portfast can be enabled on interfaces which are connected to end hosts, like the G0/2 interface on each of these switches. These are designated ports, in a forwarding state.

However, when they are first turned on or first connected to the PCs, they must go through the Listening and Learning states first before they can start forwarding traffic. How long does that take? 15 seconds for Listening and 15 seconds for Learning, so 30 seconds in total.

I want you to open up Packet Tracer and try a little experiment. For this experiment, make sure Show Link Lights is enabled. You can enable it by clicking on options, preferences, and then making sure this box is checked.

I want you to place a switch and a PC like this, get a watch or timer ready, and then connect them. At first you should see that the link light on the switch is orange. This is the same if you connect a real physical PC to a physical switch, the link light will be orange.

Why is this? It’s because the port is not Forwarding yet, it is going through the Listening and Learning states. However, 30 seconds later you should finally see the link light turn green.

The port is finally forwarding. I told you why spanning tree goes through this process before putting a port in the forwarding state, it’s because Layer 2 loops are so dangerous for a network that the switch wants to be absolutely sure no loop will be formed before forwarding out of that interface. However, only interfaces connected to another switch can form a Layer 2 loop.

There is no risk of forming a loop with an end host. So, wouldn’t it be nice if these ports connected to end hosts could start forwarding right away, without having to wait 30 seconds to go from listening to learning to forwarding? Well, that’s what portfast does.

Portfast allows a port to move immediately to the Forwarding state, bypassing Listening and Learning. If used, it must be enabled only on ports connected to end hosts. If enabled on a port connected to another switch it could cause a Layer 2 loop.

The purpose of the listening and learning states is to avoid causing a loop, so bypassing them is risky when connected to another switch. We haven’t looked at any other spanning tree configurations yet because spanning tree operates by default even without configuration. We will look at general spanning tree configuration, but first lets look at portfast.

Portfast is enabled at the interface level with the command SPANNING-TREE PORTFAST. Then we get a warning about what I just told you, you should only enable portfast on ports connected to an end host. There is also a message saying that, even though portfast was configured, it will only take effect if the interface is in a non-trunking mode, so if it is an access port.

That’s because trunk ports are typically connected to other switches. You can still configure portfast on a trunk port, it just won’t take effect. You can also enable portfast with the following command in global config mode: spanning-tree portfast default.

This enables portfast on all access ports, but not trunk ports. So, portfast is a great feature for getting a switchport connected to an end host running quickly without having to wait 30 seconds. However, it can still be a risk.

What if an employee plugs another switch into the network like this? This employee doesn’t necessarily have malicious intent, they could just be unaware of exactly what they are doing. Because portfast is putting these interfaces into a forwarding state, a Layer 2 loop is formed.

Portfast can also cause loops if the network cabling is changed without proper caution, perhaps a host is moved to a different switchport and a switch is connected to its old port. Anyway, the point is that there is a risk to using portfast. However, there is an additional spanning tree optional feature that we can enable to protect against such loops.

It’s called BPDU Guard. If an interface with BPDU Guard enabled receives a BPDU from another switch, the interface will be shut down to prevent a loop from forming. BPDU guard is very simple to configure.

From interface configuration mode, use the command SPANNING-TREE BPDUGUARD ENABLE. That’s it. Similar to portfast, there is also an option to enable it by default.

That’s this command. From global config mode, use the command SPANNING-TREE PORTFAST BPDUGUARD DEFAULT. This enables BPDU Guard on all portfast-enabled interfaces.

Notice that the commands are a little different, to enable it directly on the interface its spanning-tree bpduguard enable, no mention of portfast. However to enable it globally, you have to include portfast in the command, spanning-tree portfast bpduguard default. I took this screenshot in packet tracer, so the CLI color scheme is a little different than the previous one, but I connected a switch to a BPDU-guard enabled interace, and now you can see what happens when a BPDU arrives on a BPDU guard-enabled port.

The port is disabled, it is effectively shut down. What if you want to enable the port again? To enable a port that was disabled by BPDU guard, simply SHUTDOWN, and then NO SHUTDOWN the interface.

You can see that the interface comes up. However, if you didn’t actually solve the problem and it's still connected to a switch, you can see here that the interface will immediately be disabled again when the next BPDU arrives. So, make sure you actually solve the problem before trying to enable the interface again.

In terms of spanning tree optional features, the 200-301 exam topics list only mentions portfast. I also showed you BPDU guard because it is connected to portfast, so I think it is included. There are many other optional features that can be enabled, and there’s no need to know all of them for the CCNA, but let me just quickly introduce two others you should at least know the name and basic purpose of, just incase they are mentioned in the exam.

They are Root Guard and Loop Guard. If you enable root guard on an interface, even if it receives a superior BPDU (with a lower bridge ID) on that interface, the switch will not accept the new switch as the root bridge. The interface will be disabled.

This helps maintain the spanning tree topology if someone plugs another switch into the network either with bad intent, or perhaps without knowing the impact of their action. If you enable loop guard on an interface, even if the interface stops receiving BPDUs, it will not start forwarding. The interface will be disabled.

This prevents loops that can happen if an interface fails only in one direction, causing what is called a ‘unidirectional link’ that can’t receive data, but is still able to forward it, or the opposite. So, those are two other optional spanning tree features. However, as I said, You probably don’t have to know these spanning tree optional features (or others such as UplinkFast, Backbone Fast, etc) for the CCNA.

But make sure you know Portfast and BPDU Guard. If you want to read more about the others just in case, do a Google search. Finally, let’s look at some basic spanning tree configurations, starting with the mode.

You can configure the spanning mode the switch uses with the command SPANNING-TREE MODE, and then you can see there are three options. MST, multiple spanning tree, is not a topic you need to know for the CCNA. PVST is the classic spanning tree but with Cisco’s per-vlan addition, the one we have been learning about so far.

Rapid-PVST is an improved version I will tell you about in the next lecture. Modern Cisco switches run rapid-PVST by default, and usually there is no reason to change it. However, if you want to try out the classic spanning tree for your lab, like I did for these demonstrations, you can enable it with this command, SPANNING-TREE MODE PVST.

You can also manually configure the root bridge by manipulating the bridge priority of a switch. With these MAC addresses and the default priority values, SW1 is the root bridge. However, we could configure SW3 to be the root bridge.

We could also configure something called a ‘secondary’ root bridge, which will be next in line to become the root bridge if the current root bridge fails. Let’s see how to configure that. This is how to configure the root bridge, called the ‘primary’ root bridge.

SPANNING-TREE VLAN, followed by the vlan number, then ROOT PRIMARY. Now you can see that this bridge has become the root. This command sets the STP priority to 24576.

If another switch already has a priority lower than 24576, it sets this switch’s priority to 4096 less than the other switch’s priority. So, it makes this switch have the lowest priority, making it the root bridge. If you then check the running-config, you can see that the command that is actually applied in this case is SPANNING-TREE VLAN 1 PRIORITY 24576.

So, this commands tells the switch to apply the spanning-tree priority command, either with the priority 24576, or 4096 less than the current lowest priority. The command to set the secondary root bridge, the bridge with the second-lowest priority, is basically the same. SPANNING-TREE VLAN, vlan number, ROOT SECONDARY.

Now the priority has been set to 28672. So, this command sets the spanning tree priority for this VLAN to 28672. However, like the root primary command, the actual command that is applied is the spanning-tree priority command.

So, for both of these commands, you could actually use the spanning-tree priority command as you see here to configure the root bridge, the spanning-tree root command is just a simple way to do it without remembering the different increments of 4096. You may remember from the last lecture, that the bridge priority must be set in increments of 4096, so the root command is easier to use. So, this is our topology now.

The interface between SW1 and SW2 is disabled because SW1 is blocking its G0/0 interface. This topology is running Cisco’s PVST+, so actually this is just the topology for VLAN1. Perhaps there is another VLAN, VLAN 2, in this topology, what will the topology look like for it?

It will look like this, the default topology, because the root bridge settings we configured only apply to VLAN 1. In VLAN 2, the connection between SW1 and SW2 WON’T be disabled, instead the connection between SW2 and SW3 will be disabled. This allows for what’s called spanning tree load balancing.

If you have multiple VLANs in your network, blocking the same interface in each VLAN is a waste of interface bandwidth. That connection will be doing nothing, just waiting for another connection to fail so it can start forwarding. However, if you configure a different root bridge for different VLANs, different VLANs will disable different interfaces.

Okay, to check if you understood that explanation, let’s do a quick quiz. This is quiz question 7, because in day 20’s lecture we did spanning tree quizzes 1 to 6. Two VLANs are active in this network, 10 and 20.

By default, SW3 is the root bridge for both VLANs. Configure SW1 as the primary root for VLAN10 and the secondary root for VLAN20. Configure SW2 as the primary root for VLAN20 and the secondary root for VLAN10.

Which two commands should you issue on SW1, and which two commands should you issue on SW2? So, use the commands I just showed you, the spanning-tree root commands, and configure SW1 and SW2. You don’t have access to the CLI so just use an empty text file to write out the commands, two commands on each switch.

Pause the video now to do so. Okay, let’s check. We want to make SW1 the primary root bridge for VLAN10 and the secondary for VLAN20, so essentially it acts like a backup root bridge for VLAN20.

So, these are the commands to issue on SW1. On SW2 we want to do the opposite. It should be the root bridge for VLAN20, and be just the secondary root bridge for VLAN10, so it will have the second lowest priority in VLAN10 and become the root for VLAN10 if SW1 fails.

These are the commands to issue on SW2, basically the opposite of SW1. So, did you get the correct answers? If not, don’t worry.

Please watch the next video which will be a lab video covering the configurations you learn in this video, you can practice with that lab. Or of course feel free to make your own labs in packet tracer to practice. So, with those settings, perhaps the VLAN10 topology looks like this.

And then perhaps the VLAN20 topology looks like this. So, different connections are used in different VLANs, the load is balanced across different interfaces, this is called load balancing. Before moving on to the rest of the quiz questions for today and finishing up, let me quickly show you how to configure some spanning-tree port settings.

There are two main settings you can configure on a spanning tree port. The cost, and the port priority, and as you can see from this command they are both configured on a per-VLAN basis like the bridge priority. As a review, what is cost?

It’s the root cost, remember the chart I showed you in day 20. FastEthernet costs 19, gigabit ethernet costs 4, etc. It’s used primarily to determine the root port, and is also used as a tiebreaker in selecting designated and non-designated ports.

How about the priority, do you remember what it is used for? Well, it is the first half of the port ID, which is the final tiebreaker in determining the root port. Why would you want to change either of these values?

Well, to change the result of the root port or designated port selection process. I won’t give a detailed example here, but we’ll practice it a little bit in the lab video, so make sure to watch that. First I configured the cost of this interface, as you can see the range is from 1 to 200 million.

Then I set the port-priority, which is configured in increments of 32, from 0 to 224. Those are the only spanning tree interface settings you need to know for the CCNA. Again, stay tuned for the lab video to try them out.

So, what did we cover? We covered the different spanning tree states and timers used. We took a brief look at the structure of a spanning tree BPDU, we looked at a few of the spanning-tree optional features, focusing on portfast and BPDU guard.

Finally we did some basic spanning tree configurations, including configuring the root bridge, using different root bridges in different VLANs to achieve load balancing across different interfaces, and then some basic spanning tree interface settings. Okay, for today’s quiz we’ll do 3 more questions about spanning tree, covering what we learned in this video. After that, one special practice question from Boson Software’s ExSim for CCNA, by far the best practice exams for the CCNA there are so be sure to watch for that.

If you want to get a copy of Boson ExSim, please follow the link in the video description. Now let’s go to question 8 of the quiz. So, continuing from quiz question 7 we did earlier, here is number 8.

You connect a PC to a switch, however for about half a minute you are unable to connect to the network. Which two options could fix this issue and allow you to access the network more quickly? Choose two.

Each answer is a complete solution. A, enable portfast on the switch port you connect the PC to. B, reduce the STP hello timer.

C, reduce the STP forward delay timer. Or D, reduce the STP max age timer. Pause the video to think about your answer, remember to choose two.

The answers are A and C. A, portfast, allows switchports to bypass the listening and learning spanning tree states and enter the forwarding state immediately, so there will be no delay after connecting the PC. As for C, the forward delay timer determines how long the listening and learning states are.

If you shorten this timer, the switch will begin forwarding more quickly. However, it is recommended that you leave the timers at their default settings, these default settings were chosen for a reason. Okay let’s go to question 9.

A packet capture indicates that a switch port has an STP port ID of 0x8002. What is the STP port priority of this port? A, 80.

B, 32. C, 128. Or D, 224.

Pause the video to think about your answer. The answer is C, 128. The first half of the port ID, hexadecimal 8 0, is the STP port priority.

Hexadecimal 8 0 is equivalent to 128 in decimal, so C is the correct answer. Let’s go to question 10. You want to make sure that a Layer 2 loop will not be caused if a user connects a switch to a switch port.

Which spanning tree optional feature achieves this? A, portfast. B, loop guard.

C, root guard. Or D, BPDU guard. Pause the video to think about your anwer.

The answer is D, BPDU guard. BPDU guard will shutdown an interface if a BPDU is received on the interface, to prevent any potential loops. It should be enabled on portfast-enabled switch ports connected to end hosts.

Okay, that’s all for the quiz, let’s take a look at a question from Boson ExSim for CCNA. Okay, for today's Boson ExSim practice question we're going to take a look at the same question as in Day 20's video because at the end of Day 20's video I said we hadn't actually learned enough to answer the questions from Boson ExSim about spanning tree. Well, now we can answer at least some of them.

So, let's read the question one more time. You want to decrease the amount of time that it takes for switch ports on SwitchA to begin forwarding. PortFast is not configured on any of the switch ports on SwitchA.

You issue the SPANNING-TREE PORTFAST DEFAULT command from global configuration mode. Which of the ports on SwitchA will use PortFast? Select the best answer.

A, no ports because PortFast cannot be enabled globally. B, all trunk ports. C, all ports.

Or D, all access ports. Okay, you should know the answer to this question. Please pause the video here to think about your answer.

Okay, did you get the answer? So, you should know, we just talked about it, the answer is D, all access ports. Or at least I think it is, let's check.

To check your answer click down here, 'show answer'. There it is. Okay, so not only does it tell you it's correct, but even more importantly it gives you an explanation of why it's correct.

Why D is correct, and why A, B, and C are incorrect. That's one of the great things about Boson ExSim, is these explanations. Personally I think a practice exam that just tells you correct or incorrect, without telling you why it's correct or why it's incorrect, isn't very useful.

So let's read just at least this first part about the explanation. All access ports on SwitchA will use PortFast. PortFast enables faster connectivity for hosts connected to an access layer switch port.

If PortFast is not enabled, a switch port transitions through the STP listening and learning states before it enters the forwarding state. This process can take as long as 30 seconds if the default STP timers are used. In addition, port initialization can take as long as 50 seconds if Port Aggregation Protocol is enabled.

I haven't talked about this yet in the course, that will be coming in Day 23, maybe. We'll see. PortFast transitions the port into the STP forwarding state without going through the STP listening and learning states.

Okay, and there's more explanation down here. Plus references, here to the official cert guide written by Wendell Odom, I highly recommend it. And some Cisco documentation you can read for free online.

Okay, so if you want to get a copy of Boson ExSim, I highly recommend these practice exams, I used them myself for my CCNA and CCNP, please follow the link in the video description. There will be supplementary materials for this video. There will be a review flashcard deck to use with the software ‘Anki’.

Download the deck from the link in the description. There will also be a packet tracer practice lab. Please be sure to watch the practice lab and try it yourself, it will give some more practice with the configurations you learned in this video.

Before finishing today’s video I want to thank my JCNP-level channel members. Thank you to Vikram, Joyce, Marek, Samil, Velvijaykum, C Mohd, Johan, Mark, Aleksa, Miguel, Yousif, Kone, Boson Software, the creators of ExSim, Sidi, Magrathea, Devin, Charlsetta, Lito, Yonatan, Mike, Aleksandr, and Vance. Sorry if I pronounced your name incorrectly, but thank you so much for your support.

One of you is still displaying as Channel failed to load, if this is you please let me know and I’ll see if YouTube can fix it. This is the list of JCNP-level members at the time of recording by the way, May 17th 2020, so if you signed up recently and your name isn’t on here don’t worry, you’ll definitely be in the next video. Thank you for watching.

Please subscribe to the channel, like the video, leave a comment, and share the video with anyone else studying for the CCNA. If you want to leave a tip, check the links in the description. I'm also a Brave verified publisher and accept BAT, or Basic Attention Token, tips via the Brave browser.

That's all for now.