The Lazy Networker

Scenario: Network Loop and High CPU Usage

Company ABC has a redundant Layer 2 network using Rapid Spanning Tree Protocol (RSTP). Users report network slowdowns, high latency, and intermittent connectivity. The network administrator notices that CPU usage on the core switch is spiking to 90%.

Symptoms Observed:

✅ High CPU usage on switches.
✅ Excessive broadcast traffic flooding the network.
✅ Some switches show MAC address table instability.
✅ Some ports frequently transition between forwarding and blocking.

---

Step 1: Verify STP Status

🔍 First, check the spanning-tree topology:

Switch# show spanning-tree

🚨 Key Issues to Look For:

• Multiple Root Bridges (should be only one).
• Ports frequently changing state.
• Unexpected Root Port (RP) or Designated Port (DP) assignments.

---

Step 2: Check the Root Bridge

✅ Find the Root Bridge by running:

Switch# show spanning-tree root

🔍 Expected Output: The same switch should be the Root Bridge across all switches.
🚨 Issue? If multiple Root Bridges exist, STP isn’t working properly.

✅ Fix: Set priority manually on the intended Root Bridge:

Switch(config)# spanning-tree vlan 1 priority 4096

(Default priority is 32768; lower value wins.)

---

Step 3: Check Port Roles & Path Cost

🔍 Verify if incorrect ports are blocking or forwarding:

Switch# show spanning-tree interface GigabitEthernet0/1

🚨 Issue? If a port has unexpectedly high path cost, traffic may be taking the wrong path.

✅ Fix: Manually adjust the STP cost to prefer the desired path:

Switch(config-if)# spanning-tree cost 2

---

Step 4: Look for Erroneous Trunking & VLAN Mismatches

🔍 Check trunk configuration:

Switch# show interfaces trunk

🚨 Issue? If Native VLAN mismatches exist on trunk links, STP can behave unexpectedly.

✅ Fix: Ensure both ends of the trunk have the same Native VLAN:

Switch(config-if)# switchport trunk native vlan 10

---

Step 5: Identify Redundant Links & Loops

🔍 Look for physical loops by checking MAC address flapping:

Switch# show mac address-table dynamic | include (flapping|changing)

🚨 Issue? MAC addresses rapidly appearing on different interfaces indicate a loop.

✅ Fix: Shut down suspected interfaces and check if the issue resolves:

Switch(config-if)# shutdown

If confirmed, check BPDU Guard, Root Guard, and Loop Guard settings.

---

Step 6: Enable STP Protection Features

✅ Enable BPDU Guard to prevent unauthorized switches from participating:

Switch(config-if)# spanning-tree bpduguard enable

✅ Enable Root Guard to prevent unintended Root Bridges:

Switch(config-if)# spanning-tree guard root

✅ Enable Loop Guard to protect against unidirectional link failures:

Switch(config-if)# spanning-tree guard loop

---

Step 7: Monitor & Confirm Fixes

After making changes, verify STP stability:

Switch# show spanning-tree summary

✅ Ensure:
✔ Only one Root Bridge exists.
✔ Ports remain stable (not continuously changing states).
✔ No unexpected blocked ports or loops.

---

🎯 Conclusion: How We Fixed the Issue

✅ We verified and corrected the Root Bridge.
✅ We fixed VLAN mismatches on trunk links.
✅ We identified and shut down a looping redundant link.
✅ We enabled STP protection features to prevent future issues.

🚀 Result: Network performance improved, CPU usage dropped, and users experienced normal connectivity again!