multiple trunks

Unanswered Question
Oct 3rd, 2008
User Badges:
  • Bronze, 100 points or more

Dear Friends,


I have two switches (4500x2) from where a Server is connected.


SERVER : is virtually a switch which has 16 ports.Which acts as a switch as well(can read BPDU and trunk information).


I want to connect 16 cables ( Fastethernet) to that server and all those port should be trunks.


When im doing this ports are going to blocking mode due to STP.


Is there any way?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Giuseppe Larosa Fri, 10/03/2008 - 04:07
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rajeev,

STP blocks the individual links.


I would suggest you to configure two etherchannel 8 FE each.


first 8FE bundle goes to 4500_1

second 8FE bundle goes to 4500_2


have 4500_1 to be the root bridge for half vlans and the 4500_2 for the other vlans


So you should get some load balancing if multiple vlans are used or at least 8 ports are used for traffic.


Verify if you can use LACP to negotiate the bundles with the server front end.


Hope to help

Giuseppe



rajivrajan1 Fri, 10/03/2008 - 05:01
User Badges:
  • Bronze, 100 points or more

hi Giuseppe ,


Thanks for the reply.


All these ports have to have all vlan information & should be in forwarding mode as well.



Giuseppe Larosa Fri, 10/03/2008 - 05:44
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rajeev,


>> All these ports have to have all vlan information & should be in forwarding mode as well


you cannot get this as far as I know for how STP work

and you need also to connect to both 4500 switches so I think what I suggested is a viable and reasonable option for your scenario.


all vlan information will travel on both etherchannel groups but the forwarding state will not be reached for the same vlan on both bundles at the same time.


If you had two C6509 chassis with VSS you could probably get what you want but no with two separate distibution switches


Hope to help

Giuseppe


m.surtees Fri, 10/03/2008 - 21:14
User Badges:

Hi,


Don't mean to hijack your post rajivrajan1, but I have a similar problem right now. What I'm trying to achieve is etherchannel trunking. Instead of 2x 4500's I have one 6500 with 2 ethernet blades (WS-X6748-GE-TX). My server is a blade chassis (HP BladeSystem c7000). 2 x 8-port bays (switch module)


We don't seem to be able to get the trunking working although I'm pretty sure that the 'not-working' part is the config of HP blade chassis. But to be sure in my head I've included my 6500 config for the etherchannel trunking. Would this successfully be passing both vlan 53 and 301 to the HP chassis switch modules? Do you want any other output?

SW01#sh etherchannel summ

<..>

31 Po31(SU) LACP Gi2/13(P) Gi2/14(P)

33 Po33(SU) LACP Gi2/17(P) Gi2/18(P) Gi2/19(P) Gi2/20(P)


41 Po41(SU) LACP Gi3/13(P) Gi3/14(P)

43 Po43(SU) LACP Gi3/17(P) Gi3/18(P) Gi3/19(P) Gi3/20(P)

<..>


Example of Po config

====================

interface Port-channel43

description TRUNK -> net_43

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 53,301

switchport mode trunk

switchport nonegotiate

no ip address

spanning-tree portfast trunk

end


All members are configured same way e.g.:

========================================

interface GigabitEthernet3/17

description po43 -> VC bay 2/port 5

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 53,301

switchport mode trunk

switchport nonegotiate

no ip address

spanning-tree portfast trunk

channel-protocol lacp

channel-group 43 mode active

end


Many thanks,

Mike


Giuseppe Larosa Sat, 10/04/2008 - 00:09
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Mike,


for having both etherchannel groups in forwarding state the HP device must use a different STP bridge-id on the two bays : it should think of itself as made of two distinct switches : there is no other solution if the same bridge-id is presented on both bundles only one will be in forwarding state.

Or the HP blade doesn't run STP at all and in that case you can get both bundles in forwarding state.


Hope to help

Giuseppe


m.surtees Sat, 10/04/2008 - 17:35
User Badges:

Hi Giuseppe, thanks for your reply.


From the doco: "VC [Virtual Connect] uplink ports do not transmit or receive STP BDDUs and cannot interfere with the external switched infrastructure's implementation of STP any more than a multihomed server can"


So that means I don't have to worry about that. I was just wondering if I was correct to configure the member interface and the Po both as trunks or if I should only be doing that on the Po.


Also how can I test to ensure vlan 53 - a vlan set up just to test this trunking - is being passed along with vlan 301 to the VC. I don't have easy access to the data centre the switch and blade-chassis are in.


Thx,

Mike

Giuseppe Larosa Sun, 10/05/2008 - 11:29
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Mike,


>> VC [Virtual Connect] uplink ports do not transmit or receive STP BDDUs and cannot interfere with the external switched infrastructure's implementation of STP any more than a multihomed server can"


Ok this means that both the etherchannel bundles will be in forwarding state for every Vlan permitted on the trunk


>> I was just wondering if I was correct to configure the member interface and the Po both as trunks or if I should only be doing that on the Po.


We had real nightmares two times when some collegue modified the configuration of a physical member link on etherchannel between two C6509 with Native IOS.


Configure an modify the list of permitted Vlans on the logical port-channel interface : its configuration will be replicated on member links in a timely manner.

If you change config by hand on physical links you could not have enough time to finish it that a bridging loop form.


>> Also how can I test to ensure vlan 53 - a vlan set up just to test this trunking - is being passed along with vlan 301 to the VC


you can verify with:

sh int po switchport


or if not supported look at one member link:


sh int gx/y switchport


look for the list of vlans permitted and in forwarding state


Hope to help

Giuseppe




m.surtees Sun, 10/05/2008 - 16:28
User Badges:

Giuseppe, once again thank you.


The original customer's design specs look like they can be improved. More reading tells me the blade chassis cannot handle port channels spanning across different VC ethernet modules. Therefore I'm going to etherchannel 8 Cisco ports (4 from each of the 2 6500 blades) and have those go to a single VC. And the same setup again to the other VC module.


Taking your advice I'm going to remove the "allowed vlans" line from the member port config and only have it on the Po config.


Does this mean all other trunking config should also be removed from the member port? I.e.


interface GigabitEthernet3/17

description BLAH

switchport

!REMOVE switchport trunk encapsulation dot1q

!REMOVE switchport trunk allowed vlan 53,301

!REMOVE switchport mode trunk

!REMOVE switchport nonegotiate

no ip address

!REMOVE spanning-tree portfast trunk

!REMOVE channel-protocol lacp

channel-group 43 mode active

end


Sorry I'm asking you to spell it out but I have not done too much switching and have never come across a bridging loop - so can't easily troubleshoot one - and don't want to come across one now in a production environment.


Many thx,

Mike

Giuseppe Larosa Mon, 10/06/2008 - 03:41
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Mike,

do not remove anything.


configuration on member links is replicated and populated from the port-channel.


the suggestion is to make any config and change on the port-channel after the bundle is operational


Before creating the bundle you need to configure all member links to trunk, to use the same encapsulation, and to have the same list of allowed vlans

member links need to share the same basic config before adding the channel-group commands.


After the bundle is up, any change should be done on the logical port-channel that is the meaning of my advice based on our experience: someone tried to add a vlan to a working bundle on a member link and this caused a bridging loop.


In our case the symptoms were very clear we lost communication with the whole campus network and all cables on core switches had to be unplugged to break the loop.


Hope to help

Giuseppe





m.surtees Mon, 10/06/2008 - 15:33
User Badges:

Thanks Giuseppe,


That explains it nicely and makes me confident in my part of the change.


As it turned out the firmware on the VC eth modules in the chassis needs to be updated. Even though the doco said it would accept trunks the tick box (I know, it has an awful admin GUI) for passing those trunks on to the midplane and an ESX blade was not there.


I hope this offered some help to the original poster rajivrajan1. Sorry if I went too far off topic for you.


Thanks again,

Mike

Actions

This Discussion