STP - port roles

In an STP environment, when using the IEEE 802.1D standard version of the protocol, each port in a switch has a specific role in the network topology. These roles are decided based on the Bridge Protocol Data Units (BPDUs) that are exchanged between switches. Here's a summary of these roles:

  1. Root Port: This is the port on a non-root bridge with the least path cost to the root bridge. There is only one root port on every switch (excluding the root switch itself), which provides the shortest path from that switch to the root bridge. It's always in the forwarding state if STP is converged.
  2. Designated Port: A designated port is one that has the least cost path to the root bridge from its connected network (collision domain). In other words, if two switches are connected together, the switch with the lower path cost to the root bridge will have its port (connecting the two switches) as the designated port. Designated ports are always in the forwarding state if STP is converged.
  3. Non-Designated (Blocked) Port: A non-designated port, also known as a blocked port, is one that is not a root or designated port. These ports are in a blocking state to prevent loops and do not participate in frame forwarding. They only listen to and process BPDUs.
  4. Disabled Port: This port doesn’t participate in STP and doesn't forward frames, because it's been administratively shut down.

The goal of STP is to create a loop-free Layer 2 topology. To achieve this, it elects one root bridge (the switch with the lowest bridge ID), and determines the best path to the root bridge from all other switches, blocking all other redundant paths.

For more information on port roles and BPDUs, take a look at STP - BPDU generation and port roles.

For RSTP, the port roles are slightly different.

Port roles should not be confused with port states.