07-18-2013 03:28 PM - edited 03-07-2019 02:29 PM
I am trying to configure a Catalyst 2950 with 4 VLANS to forward VLAN Traffic from all 4 VLANS across a port-channel containing two ethernet ports, Can someone show me the down and dirty I have a config on, But I wan to verify
07-18-2013 09:26 PM
Scott,
Easy and simple answer.
1- Creat Port-Channel and configure the vlans which you want it to be allowed on this.
2- Assisgn the Port-Channel group number to the access port.(make sure the port is up else the PO will not form).
Example:
I have two switches connected:
3560---------3560 { four ports}
Switch 1
Switch# sh ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES unset up up
FastEthernet0/2 unassigned YES unset up up
FastEthernet0/3 unassigned YES unset up up
FastEthernet0/4 unassigned YES unset up up
interface FastEthernet0/1
channel-group 1 mode on
switchport mode trunk
!
interface FastEthernet0/2
channel-group 1 mode on
switchport mode trunk
!
interface FastEthernet0/3
channel-group 1 mode on
switchport mode trunk
!
interface FastEthernet0/4
channel-group 1 mode on
switchport mode trunk
interface Port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
+++++ Same configuration apply on the other end.+++++++++
Switch#show int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Fa0/2 on 802.1q trunking 1
Fa0/3 on 802.1q trunking 1
Fa0/4 on 802.1q trunking 1
Po1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Fa0/2 1-1005
Fa0/3 1-1005
Fa0/4 1-1005
Po1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1
Fa0/2 1
Fa0/3 1
Fa0/4 1
Po1 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1
Fa0/2 1
Fa0/3 1
Fa0/4 1
Po1 1
Switch#
All vlans will be seen if you are in the sanme vtp domain.
See my Switch 2 were it took allthe vlans from Switch2
Switch2#
%SYS-5-CONFIG_I: Configured from console by console
sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
2 VLAN0002 active
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
40 VLAN0040 active
HTH
Regards
Inayath
*Plz rate all usefull posts.
07-19-2013 12:58 AM
Hello,
Inayath is completely correct, I would just like to suggest a minor change in Inayath's approach: instead of using the on mode with EtherChannels, always use LACP or PAgP to negotiate the EtherChannel creation. I have seen the on mode to cause switching loops quite a few times, so I strongly discourage using the on mode unless absolutely unavoidable.
So the configuration would be the same, just instead of channel-group 1 mode on, you would use channel-group 1 mode active for LACP, or channel-group 1 mode desirable for PAgP, and have the other switch configured in the same way. LACP is widely supported among different vendors, so running LACP should be really straightforward.
Best regards,
Peter
07-19-2013 08:26 AM
Guys thank you so much for your help, I am currently attempting to configure this, Since they are 2950's and I am connecting them to Force Ten S25's i will probaly combine the answers. Also, Funny thing is when i put my Port-channel in Trunk Mode, i do not get any options for encapsulation on "Native" "Allowed" and "Pruning" I am at a loss. Any Ideas?
07-19-2013 08:58 AM
Hi Scott,
Perhaps the EtherChannel must be established (i.e. properly negotiated with the other device) before the switch actually allows you to use the switchport trunk commands on the Port-channel. I have noticed that some switch platforms actually wait until the EtherChannel is established before they copy the commands from physical interfaces to the newly created Port-channel interface.
Would you mind posting the show etherchannel summary command output please?
Best regards,
Peter
07-19-2013 09:07 AM
Hey Peter
Yes it show
BTSERVERSW001(config)#do show etherchannel summary
Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 u - unsuitable for bundling U - in use f - failed to allocate aggregator d - default
port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+--------1 Po1(SU) LACP Fa0/47(Pd) Fa0/48(I)
07-19-2013 09:13 AM
Hi Scott,
Thank you. The output got scrambled, unfortunately
Anyway, it tells us that the Fa0/47 is currently working and bundled in the Port-channel, however, the Fa0/48 is currently considered to be an individual port. That is a cause for concern. The most probable cause is that the opposite device does not negotiate LACP on the Fa0/48 port, or has not its own port facing your Fa0/48 bundled into an EtherChannel.
Nevertheless, this EtherChannel is currently working even with a single physical port. Can you please post the output of the following two commands?
show run int po1
show run int fa0/47
Also please can you go to the po1 interface and actually start writing the switchport trunk ? and post the result of this help? I am eager to see if there is no allowed vlan or native vlan available currently.
Best regards,
Peter
07-19-2013 09:41 AM
Current configuration :
54 bytes !
interface Port-channel1
switchport mode trunk
end
BTSERVERSW001#sh run int fa 0/47
Building configuration... Current configuration : 110 bytes !
interface FastEthernet0/47
switchport mode trunk
channel-group 1 mode active
spanning-tree portfast
end
BTSERVERSW001#config
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line. End with CNTL/Z.
BTSERVERSW001(config)#int fa 0/47
BTSERVERSW001(config-if)#switchport trunk ?
allowed Set allowed VLAN characteristics when interface is in trunking mode
native Set trunking native characteristics when interface is in trunking mode
pruning Set pruning VLAN characteristics when interface is in trunking mode
07-19-2013 09:54 AM
Scott,
Thank you. Please remove the spanning-tree portfast from your Fa0/47 (and Fa0/48 if also present) port. This command must never be used between switches, and if the opposite device is not working as a switch, then this command must be present on the Port-channel1 interface itself in the switchport portfast trunk form.
You have tried the switchport trunk ? command on the Fa0/47 interface. Can you test it on the Port-channel1 interface? You originally said that these commands do not appear to be available there.
Any luck with bringing the Fa0/48 into the EtherChannel?
Best regards,
Peter
07-19-2013 10:11 AM
Hi Peter
The "switchport trunk" command is limited on any interface it seems
BTSERVERSW001(config)#int Port-channel 1
BTSERVERSW001(config-if)#switchport trunk ?
allowed Set allowed VLAN characteristics when interface is in trunking mode
native Set trunking native characteristics when interface is in trunking mode
pruning Set pruning VLAN characteristics when interface is in trunking mode
Also No, I cannot figure out qwhy port 48 says standalone, it is pluggrd into a separate switch but it is the sam econfig as the one 47 is plugged into
07-19-2013 10:22 AM
Scott,
The "switchport trunk" command is limited on any interface it seems
Why do you think so? You have just confirmed it is fully supported, be it allowed vlan, native vlan or pruning vlan even on the Port-channel - that's exactly what your posted transcript says. Why do you believe it is limited?
No, I cannot figure out qwhy port 48 says standalone, it is pluggrd into a separate switch
You have just answered yourself. All links within a single EtherChannel must be connected to the same neighbor. It is not allowed to have ports in a single EtherChannel leading to different neighboring devices. If you want to have EtherChannels to different devices, you must bundle all links leading to the same physical neighbor into a separate EtherChannel, having as many distinct EtherChannels as many neighbors you have.
Best regards,
Peter
07-19-2013 11:13 AM
OMG
I do know that!! I don't know why I did that. Let me re arrange my port channels..And I will let you Know THANKS SO MUCH Peter
07-19-2013 11:40 AM
Hi Peter
SO my setup is I have 2 2950's with 2 port-channels
FA0/47 in Port Channel 1
FA0/48 in Port Channel 2
Fa0/47 goes to a Force 10 that is paired with another running VRRP witrh 4 VLANs with Virtual IP's
FA0/48 goes to the second one in the pair of Force 10 S25s switches
The port FA 0/47 goes to a port that is configured on it as Port-channel 1
FA 0/48 ngoes to a port on the other one configured into port channel 2
No if I try to ping the virtyual IP address on the fortce 10 I get "Unrecognized host or address, or protocol not running" can you help with that?
07-20-2013 02:14 AM
Hello Scott,
SO my setup is I have 2 2950's with 2 port-channels
FA0/47 in Port Channel 1
FA0/48 in Port Channel 2
I am not sure I understand you here. Are you suggesting that each of your EtherChannels has only one physical link, i.e. Port-channel1 has only Fa0/47 and Port-channel2 has only Fa0/48 and no other physical ports are bundled together into these Port-channels? If that is the case then the Port-channel has no meaning in your setup.
An EtherChannel is supposed to combine multiple ports connected to the same neighboring device and to use them in parallel, so that the traffic can be sent through multiple ports in a single EtherChannel simultaneously. However, if an EtherChannel consists just of a single physical port, no load balancing can take place simply because there are no more ports to carry the traffic. Multiple EtherChannels do not by themselves result into load balancing the traffic because they are considered to be distinct and independent ports, just like multiple unbundled physical ports.
If you want to take advantage of EtherChannels, you have to connect multiple links between the same pair of devices, and bundle these links into a single EtherChannel (one EtherChannel for each neighbor containing all links to that neighbor). The load balancing will then occur between these physical links between the common pair of devices. Having multiple EtherChannels, as opposed to having multiple links in a single EtherChannel, is not going to load balance the traffic. If you can not afford to have multiple physical links between the same pair of devices that can be bundled into an EtherChannel, it makes no sense to configure the EtherChannel at all.
In your case, I would suggest having, say, ports Fa0/45 and Fa0/46 go to the same F10 and bundle then into Port-channel1, and having ports Fa0/47 and Fa0/48 go to the other F10 and bundle them into Port-channel2. This would achieve the goal of actually using more available bandwidth.
No if I try to ping the virtyual IP address on the fortce 10 I get "Unrecognized host or address, or protocol not running" can you help with that?
This is because you do not have an IP address configured on your 2950. This IP address has to be configured on the interface Vlan X where X is the number of your management VLAN. Commonly, it is VLAN 1 but best practice recommends using a different VLAN number. This management VLAN must match the management VLAN on your F10s so that they can hear each other. Assuming that the management VLAN is 1 the configuration is straightforward:
interface Vlan 1
ip address 192.0.2.11 255.255.255.0
no shutdown
!
ip default-gateway 192.0.2.1
Replace the IP addresses with your appropriate values.
If your management VLAN is different from 1, say, 999, then the configuration would be:
vlan 999
name Management
exit
interface Vlan 1
no ip address
shutdown
interface Vlan 999
ip address 192.0.2.11 255.255.255.0
no shutdown
!
ip default-gateway 192.0.2.1
Deaddressing and deactivating the interface Vlan1 is not required as the 2950 will shutdown interface Vlan1 automatically as soon as another interface Vlan is turned on, but for the sake of going by-the-book, I have suggested this approach.
Best regards,
Peter
07-20-2013 09:05 AM
Peter
I am going to configure htis in just a bit, hanks so much again and I will update you ASAP
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: