Cloud switch architectures may support tens of thousands of external ports coupled to external devices, enabling the formation of massive layer-2 networks. In a typical cloud switch, a fabric interconnect, operating under the control of route processors, is used to couple leaf switches together to form virtual switches. Each virtual switch formed is typically referred to as a cloud switch domain. The interconnect fabric of a cloud switch will typically provide loop-free connections among the leaf switches of the various cloud switch domains. Accordingly, there is generally no need to execute a spanning tree protocol (STP) to break loops internal to a cloud switch. However, this may not be the case for external connections formed between the cloud switch and external devices, for example, legacy bridges. It may be desirable to run a STP to break external loops that may potentially arise from the external connections. Further, it may be desirable to run a STP in such a way that the cloud switch's utilization can be maximized, by promoting traffic to be directed through cloud switch domains rather than through external devices. Likewise, it may be desirable to run a STP in such a way that the impact of topology changes within the network can be limited. While a straightforward approach of executing a STP without changes has been proposed to manage a cloud switch's interaction with external devices, such an approach has a number of shortcomings, including limited scalability, slow convergence, and a propensity to undesirably block certain logical ports internal to the cloud switch. Accordingly there is a need for improved techniques.