How to Troubleshoot a Cisco STP Blocking Port Spanning Tree Protocol (STP) prevents Layer 2 loops by placing redundant ports into a blocking state. This is normal behavior in a switched network with redundant paths, but it can look like a fault when traffic does not pass through an interface you expect to be forwarding. Effective troubleshooting means verifying whether the port is correctly blocked by design or whether the topology, bridge priority, or port cost is producing an unexpected result. Step 1: Check STP Status for the VLAN Start by checking spanning-tree state for the affected VLAN: show spanning-tree vlan 10 Look for the interface state and role. Example output may show: Interface Role Sts Cost Prio.Nbr Type Gi0/2 Altn BLK 4 128.2 P2p In this example, Gi0/2 is an alternate port in a blocking state. That usually means STP has identified another better path toward the root bridge. Step 2: Identify the Root Bridge Many unexpected blocking-port cases are caused by the wrong switch becoming root bridge. show spanning-tree root This command shows which switch is acting as root for each VLAN. If the wrong switch is root, traffic paths may not match your intended design. To influence root bridge selection: configure terminal spanning-tree vlan 10 priority 4096 A lower priority makes the switch more likely to become root bridge. Step 3: Verify Interface Role and Cost STP chooses forwarding and blocking ports based on path cost and bridge information. Verify the interface details: show spanning-tree interface gigabitEthernet0/2 detail This helps confirm why the port was selected as alternate or blocking. If cost values are not what you expect, you can tune them manually: configure terminal interface gigabitEthernet0/2 spanning-tree vlan 10 cost 10 Changing cost should be done carefully and only when you fully understand the topology. Step 4: Verify Port Priority When STP sees equal paths, port priority can determine which interface forwards and which blocks. show spanning-tree interface gigabitEthernet0/2 detail To change port priority: configure terminal interface gigabitEthernet0/2 spanning-tree vlan 10 port-priority 64 Lower port priority values are preferred. Step 5: Check for Topology Changes Frequent STP recalculations can cause unstable forwarding behavior. show spanning-tree detail Look for topology change counters and timestamps. A rapidly increasing number may indicate flapping links, loops, or unstable edge ports. Step 6: Verify PortFast and BPDU Guard on Access Ports User-facing access ports should normally use PortFast so they do not transition slowly through STP states. They should also use BPDU Guard to prevent accidental loops. show running-config interface fastEthernet0/10 Recommended access-port example: interface FastEthernet0/10 switchport mode access switchport access vlan 10 spanning-tree portfast spanning-tree bpduguard enable Do not enable PortFast on true switch-to-switch trunk links unless you specifically intend to use spanning-tree portfast trunk in a controlled design. Step 7: Confirm the Blocked Port Is Actually Expected In a redundant Layer 2 design, at least one path often must block to prevent loops. A blocked port is not automatically a problem. The real question is whether the correct port is blocked. Compare: The root bridge location Port roles on each switch Link speeds and path costs Your intended Layer 2 topology Useful Verification Commands show spanning-tree vlan 10 show spanning-tree root show spanning-tree interface gigabitEthernet0/2 detail show spanning-tree detail show running-config interface gigabitEthernet0/2 Final Thoughts A Cisco STP blocking port is often a sign that the protocol is doing exactly what it was designed to do. Troubleshooting becomes much easier when you verify the root bridge, inspect interface roles, and compare the live topology against your intended design. Most STP confusion comes from unexpected root bridge elections, incorrect path cost assumptions, or treating a normal alternate blocking port as a failure. A few targeted IOS commands usually reveal the answer quickly.