12-07-2010 09:21 AM - edited 03-06-2019 02:23 PM
Forum
I am having difficulty understanding the difference between the root port and a designated port. Please read the following definitions from Todd Lammle's CCNA study guide...
Root port - The root port is always the link connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest cost port becomes the root port. if multiple links have the same cost, the bridge withe the lower advertising Bridge ID is used. Since multiple links can be from the same device, the lowest port number will be used.
Designated Port - a designated port is one that has been determined as having the best (lowest)cost. A designated port will be a forwarding port.
I am having some difficulty understanding this, and wanted the perspective of someone who may be able to expain the difference between the two port types. To me it sounds like the Root Port and the Designated Port are the same...
Why are they not the same, and what are the differences between each?
Thanks
Kevin
Solved! Go to Solution.
12-07-2010 09:39 AM
Kevin
Have a look at the attached schematic.

sw1 is the root bridge.
The root port (RP) is the port that leads to the root bridge so the root bridge does not have any root ports. All the ports on a root bridge forward and they are all designated ports (DP).
As you can see there is loop in this the above network so one of the links must be blocked (BLK).
When the switches boot up they exchange BPDUs and the first thing they do is elect a root bridge. SW1 is elected in this case.
Next each switch has to work out the least cost path to the root bridge. I haven't included costs for each link in this diagram but from the above
SW3 sees it's direction connection to SW1 as the least cost so it's port on that link becomes the RP.
SW2 sees it's direction connection to SW1 as the least cost so it's port on that link becomes the RP.
Once the switches have agreed on the root bridge and their RPs they now need to find their designated ports. The designated ports are the ports responsible for forwarding traffic onto a network segment. Think of it like this -
RPs lead toward the root bridge
DPs lead away from the root bridge
because the root bridge has no blocking ports all it's ports are DP's.
So the only other segment not accounted for in the above diagram is SW2 -> SW3. One of the ports that connect that segment must forward traffic onto that segment otherwise that segment would never receive any traffic. But they can't both forward as then there would be a loop ie. a packet sent from SW1 would go to SW3 -> SW2 and back to SW1 etc.
So SW2 and SW3 compare costs on that segment in the BPDUs sent between each other and one of them has a better cost, in this case SW3. It puts it's port into forwarding and this becomes a DP. To break the loop SW2 must now put it's port into blocking mode.
Hope that's helped. All of the above is done on costs but i didn't include them so as not to confuse the basic concepts.
Jon
12-07-2010 11:09 AM
Access ports are probably going to be in the forwarding state, and in reality you should probably have the spanning-tree portfast command on those ports so that they do not cycle through the stages of STP, better for them to go straight to forwarding. The designated port should never be an access port. It is a port that is basically a downlink to another switch.
If you are looking at the switch that is acting as the root bridge for the VLAN then it will show all the ports as designated ports because they are the downlinks to the rest of the network. If you are in a switch further down the spanning tree it will have a port called the root port, which is the pathway to the root bridge. So if you have a port in the root port state, it is understood that it is connected to a port that is in a designated port state. This is the case because the root port is the uplink towards the root, and the designated port is the downlink to a lower portion of the spanning tree. Hope that clears things up.
12-07-2010 09:34 AM
Think of it like this:
A bridge device has two (or more) ports.
The one that is connected on the side where the STP root resides is called 'root port'.
A port not facing the root but forwarding traffic (while lowest cost) from another segment is called 'designated port'.
Another difference is a designated port is transmitting bpdu's on the segment while a root port only listens to bpdu's from the root.
regards,
Leo
12-07-2010 10:06 AM
Leo
Thanks for the response.
Kevin
12-07-2010 11:31 AM
Leo
You've changed colour - congrats on new star
Jon
12-07-2010 09:39 AM
Kevin
Have a look at the attached schematic.

sw1 is the root bridge.
The root port (RP) is the port that leads to the root bridge so the root bridge does not have any root ports. All the ports on a root bridge forward and they are all designated ports (DP).
As you can see there is loop in this the above network so one of the links must be blocked (BLK).
When the switches boot up they exchange BPDUs and the first thing they do is elect a root bridge. SW1 is elected in this case.
Next each switch has to work out the least cost path to the root bridge. I haven't included costs for each link in this diagram but from the above
SW3 sees it's direction connection to SW1 as the least cost so it's port on that link becomes the RP.
SW2 sees it's direction connection to SW1 as the least cost so it's port on that link becomes the RP.
Once the switches have agreed on the root bridge and their RPs they now need to find their designated ports. The designated ports are the ports responsible for forwarding traffic onto a network segment. Think of it like this -
RPs lead toward the root bridge
DPs lead away from the root bridge
because the root bridge has no blocking ports all it's ports are DP's.
So the only other segment not accounted for in the above diagram is SW2 -> SW3. One of the ports that connect that segment must forward traffic onto that segment otherwise that segment would never receive any traffic. But they can't both forward as then there would be a loop ie. a packet sent from SW1 would go to SW3 -> SW2 and back to SW1 etc.
So SW2 and SW3 compare costs on that segment in the BPDUs sent between each other and one of them has a better cost, in this case SW3. It puts it's port into forwarding and this becomes a DP. To break the loop SW2 must now put it's port into blocking mode.
Hope that's helped. All of the above is done on costs but i didn't include them so as not to confuse the basic concepts.
Jon
12-18-2010 07:55 PM
Hello Forum,
I have an inquiry regarding port roles on this topology, mainly designated routers...I know Switch C is the root, therefore SWC fa0/1 & fa0/2 are designated, SWA fa0/1, SWD gi0/2 and SWB path SWD-SWC are root leaving SWA-SWB link dead, but I am not sure what port gets to be designated, I would say SWA's port (fa0/2) cause its cost is lower than SWB but dont know. Can you please give me a hand?

Regards
JOSE
12-18-2010 09:15 PM
12-19-2010 05:49 AM
Lamav,
I appreciate the video it was really good indeed, I guess my question even though the path of SWB to the root is better when it comes to electing the designated port and blocking port the lower BID is selected as designated; I thought that the costs were used to elect the designated port as well, does that make sense?
Thanks,
Jose
02-04-2016 11:32 PM
hello lamav...your video is amazing man...could you tell me the source of the video...bcoz 
anyway thank you for this video...keep up the 
01-23-2018 07:13 PM
very nice video and informative..now i am clear abt designated port..thanks lamav..hope you will share in future such gud stuff for increasing others knowledge.
02-08-2021 09:53 AM
Do you have a link to the STP Part 2 video?
06-20-2015 08:06 AM
Hi,
We must assume the cost of the port. Say Fa cost = 100, Gi cost = 4
We assume that the ID is by default for each switch, so the ranking is based on the MAC address. The ranking is therefore from the eldest (the older the better is) : SWC(1), SWA(2), SWD(3), SWB(4). So SWC is the root.
Root port determination: to calculate the cost from a SW to the root SW we sum all the outpout cost on the path.
If we do the maths it comes out : SWA Fa01 is RP (cost 104 to reach root), SWB Gi0/1 is RP (cost 8 to root), SWD Gi0/2 is RP.
For the DP ; we look at each segment, the port which has the lowest cost to reach the root will be the DP.
Segment swA-swB , A tells I've cost 100 to reach root C, B tells I've 8(4 for SWB Gi0/1 + 4 for SWD Gi0/2) to reach root C , thus SWB Gi0/2 is DP
Segment SWB-SWD : the same rationale gives SWD Gi0/1 as DP.
And as a result, interface SWA FA0/2 is in blocking state (it is neither RP nor DP). And while SWB Gi0/2 being a DP is used to forward broadcast frame, the frame is stopped by SWA on Fa0/2 interface, preventing a frame storm. Only BPDU from SWB to SWA is accepted by SWA.
12-07-2010 10:05 AM
Jon
Is it correct then to assume that Access ports cannot be Designated Ports?...
Thanks for your detailed response as it helps me undertand this better.
Kevin
12-07-2010 11:09 AM
Access ports are probably going to be in the forwarding state, and in reality you should probably have the spanning-tree portfast command on those ports so that they do not cycle through the stages of STP, better for them to go straight to forwarding. The designated port should never be an access port. It is a port that is basically a downlink to another switch.
If you are looking at the switch that is acting as the root bridge for the VLAN then it will show all the ports as designated ports because they are the downlinks to the rest of the network. If you are in a switch further down the spanning tree it will have a port called the root port, which is the pathway to the root bridge. So if you have a port in the root port state, it is understood that it is connected to a port that is in a designated port state. This is the case because the root port is the uplink towards the root, and the designated port is the downlink to a lower portion of the spanning tree. Hope that clears things up.
12-15-2014 04:35 AM
Quoted from Robert's answer: "The designated port should never be an access port."
Turning this concept around, and asking the question "Are all access ports designated ports?" I have been pondering this idea (during some deep STP study) and I think that all "access ports" (i.e. ports connected only to a host device) in an up/up state are designated ports, since they are not root ports and are in the forwarding state.
We tend to think of designated ports having to be on an inter-switch link, but links to hosts are LAN segments as well, and hence part of the spanning tree; it's just that they have only one port as a switch port. When a port determines whether or not it is a designated port, it forwards (or originates if the root bridge) a BPDU and waits to see if it receives a superior BPDU; if it does, then it 'knows':
If it receives no BPDUs, as is the case when attached to a host, it assumes, correctly, that it is the lowest cost path to the root bridge ON THAT SEGMENT, is therefore the designated port for that segment, and goes into forwarding state.
This is why BPDUGuard is a useful "access port" feature, because you would never expect a BPDU from a host device and if you received one, then someone has probably plugged in a rogue switch with the potential to completely mess with your STP topology.
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide