cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3319
Views
0
Helpful
15
Replies

Catalyst 2950 Port-Channels

scottcummins
Level 1
Level 1

I am trying to configure a Catalyst 2950 with 4 VLANS to forward VLAN Traffic from all 4 VLANS across a port-channel containing two ethernet ports, Can someone show me the down and dirty I have a config on, But I wan to verify      

15 Replies 15

InayathUlla Sharieff
Cisco Employee
Cisco Employee

Scott,

Easy and simple answer.

1- Creat Port-Channel and configure the vlans which you want it to be allowed on this.

2- Assisgn the Port-Channel group number to the access port.(make sure the port is up else the PO will not form).

Example:

I have two switches connected:

3560---------3560  { four ports}

Switch 1

Switch#   sh ip int br

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/1        unassigned      YES unset  up                    up

FastEthernet0/2        unassigned      YES unset  up                    up

FastEthernet0/3        unassigned      YES unset  up                    up

FastEthernet0/4        unassigned      YES unset  up                    up

interface FastEthernet0/1

channel-group 1 mode on

switchport mode trunk

!

interface FastEthernet0/2

channel-group 1 mode on

switchport mode trunk

!

interface FastEthernet0/3

channel-group 1 mode on

switchport mode trunk

!

interface FastEthernet0/4

channel-group 1 mode on

switchport mode trunk

interface Port-channel 1

switchport trunk encapsulation dot1q

switchport mode trunk

+++++ Same configuration apply on the other end.+++++++++

Switch#show int tr

Port        Mode         Encapsulation  Status        Native vlan

Fa0/1       on           802.1q         trunking      1

Fa0/2       on           802.1q         trunking      1

Fa0/3       on           802.1q         trunking      1

Fa0/4       on           802.1q         trunking      1

Po1         on           802.1q         trunking      1

Port        Vlans allowed on trunk

Fa0/1       1-1005

Fa0/2       1-1005

Fa0/3       1-1005

Fa0/4       1-1005

Po1         1-1005

Port        Vlans allowed and active in management domain

Fa0/1       1

Fa0/2       1

Fa0/3       1

Fa0/4       1

Po1         1

Port        Vlans in spanning tree forwarding state and not pruned

Fa0/1       1

Fa0/2       1

Fa0/3       1

Fa0/4       1

Po1         1

Switch#

All vlans will be seen if you are in the sanme vtp domain.

See my Switch 2 were it took allthe vlans from Switch2

Switch2#

%SYS-5-CONFIG_I: Configured from console by console

sh vlan

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/5, Fa0/6, Fa0/7, Fa0/8

                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12

                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16

                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20

                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24

                                                Gig0/1, Gig0/2

2    VLAN0002                         active   

10   VLAN0010                         active   

20   VLAN0020                         active   

30   VLAN0030                         active   

40   VLAN0040                         active

HTH

Regards

Inayath

*Plz rate all usefull posts.

Hello,

Inayath is completely correct, I would just like to suggest a minor change in Inayath's approach: instead of using the on mode with EtherChannels, always use LACP or PAgP to negotiate the EtherChannel creation. I have seen the on mode to cause switching loops quite a few times, so I strongly discourage using the on mode unless absolutely unavoidable.

So the configuration would be the same, just instead of channel-group 1 mode on, you would use channel-group 1 mode active for LACP, or channel-group 1 mode desirable for PAgP, and have the other switch configured in the same way. LACP is widely supported among different vendors, so running LACP should be really straightforward.

Best regards,

Peter

scottcummins
Level 1
Level 1

Guys thank you so much for your help, I am currently attempting to configure this, Since they are 2950's and I am connecting them to Force Ten S25's i will probaly combine the answers. Also, Funny thing is when i put my Port-channel in Trunk Mode, i do not get any options for encapsulation on "Native" "Allowed" and "Pruning" I am at a loss. Any Ideas?

Hi Scott,

Perhaps the EtherChannel must be established (i.e. properly negotiated with the other device) before the switch actually allows you to use the switchport trunk commands on the Port-channel. I have noticed that some switch platforms actually wait until the EtherChannel is established before they copy the commands from physical interfaces to the newly created Port-channel interface.

Would you mind posting the show etherchannel summary command output please?

Best regards,

Peter

Hey Peter

Yes it show

BTSERVERSW001(config)#do show etherchannel summary

Flags:  D - down        P - in port-channel         I - stand-alone s - suspended         H - Hot-standby (LACP only)         R - Layer3      S - Layer2         u - unsuitable for bundling         U - in use      f - failed to allocate aggregator         d - default

port Number of channel-groups in use: 1 Number of aggregators:          1 Group  Port-channel  Protocol    Ports ------+--------1      Po1(SU)        LACP      Fa0/47(Pd)  Fa0/48(I)

Hi Scott,

Thank you. The output got scrambled, unfortunately

Anyway, it tells us that the Fa0/47 is currently working and bundled in the Port-channel, however, the Fa0/48 is currently considered to be an individual port. That is a cause for concern. The most probable cause is that the opposite device does not negotiate LACP on the Fa0/48 port, or has not its own port facing your Fa0/48 bundled into an EtherChannel.

Nevertheless, this EtherChannel is currently working even with a single physical port. Can you please post the output of the following two commands?

show run int po1

show run int fa0/47

Also please can you go to the po1 interface and actually start writing the switchport trunk ? and post the result of this help? I am eager to see if there is no allowed vlan or native vlan available currently.

Best regards,

Peter

Current configuration :

54 bytes !

interface Port-channel1

switchport mode trunk

end

BTSERVERSW001#sh run int fa 0/47

Building configuration... Current configuration : 110 bytes !

interface FastEthernet0/47

switchport mode trunk

channel-group 1 mode active

spanning-tree portfast

end

BTSERVERSW001#config

Configuring from terminal, memory, or network [terminal]? t

Enter configuration commands, one per line.  End with CNTL/Z.

BTSERVERSW001(config)#int fa 0/47

BTSERVERSW001(config-if)#switchport trunk ?

  allowed    Set allowed VLAN characteristics when interface is in trunking mode 

native       Set trunking native characteristics when interface is in trunking           mode  

pruning      Set pruning VLAN characteristics when interface is in trunking mode

Scott,

Thank you. Please remove the spanning-tree portfast from your Fa0/47 (and Fa0/48 if also present) port. This command must never be used between switches, and if the opposite device is not working as a switch, then this command must be present on the Port-channel1 interface itself in the switchport portfast trunk form.

You have tried the switchport trunk ? command on the Fa0/47 interface. Can you test it on the Port-channel1 interface? You originally said that these commands do not appear to be available there.

Any luck with bringing the Fa0/48 into the EtherChannel?

Best regards,

Peter

Hi Peter

The "switchport trunk" command is limited on any interface it seems

BTSERVERSW001(config)#int Port-channel 1

BTSERVERSW001(config-if)#switchport trunk ?  

allowed      Set allowed VLAN characteristics when interface is in trunking mode 

native        Set trunking native characteristics when interface is in trunking           mode  

pruning      Set pruning VLAN characteristics when interface is in trunking mode

      

Also No, I cannot figure out qwhy port 48 says standalone, it is pluggrd into a separate switch but it is the sam econfig as the one 47 is plugged into

Scott,

The "switchport trunk" command is limited on any interface it seems 

Why do you think so? You have just confirmed it is fully supported, be it allowed vlan, native vlan or pruning vlan even on the Port-channel - that's exactly what your posted transcript says. Why do you believe it is limited?

No, I cannot figure out qwhy port 48 says standalone, it is pluggrd into a separate switch

You have just answered yourself. All links within a single EtherChannel must be connected to the same neighbor. It is not allowed to have ports in a single EtherChannel leading to different neighboring devices. If you want to have EtherChannels to different devices, you must bundle all links leading to the same physical neighbor into a separate EtherChannel, having as many distinct EtherChannels as many neighbors you have.

Best regards,

Peter

OMG

I do know that!! I don't know why I did that. Let me re arrange my port channels..And I will let you Know THANKS SO MUCH Peter

Hi Peter

SO my setup is I have 2 2950's with 2 port-channels

FA0/47 in Port Channel 1

FA0/48 in Port Channel 2

Fa0/47 goes to a Force 10 that is paired with another running VRRP witrh 4 VLANs with Virtual  IP's

FA0/48 goes to the second one in the pair of Force 10 S25s switches

The port FA 0/47 goes to a port that is configured on it as Port-channel 1

FA 0/48 ngoes to a port on the other one configured into port channel 2

No if I try to ping the virtyual IP address on the fortce 10 I get "Unrecognized host or address, or protocol not running" can you help with that?

Hello Scott,

SO my setup is I have 2 2950's with 2 port-channels

FA0/47 in Port Channel 1

FA0/48 in Port Channel 2

I am not sure I understand you here. Are you suggesting that each of your EtherChannels has only one physical link, i.e. Port-channel1 has only Fa0/47 and Port-channel2 has only Fa0/48 and no other physical ports are bundled together into these Port-channels? If that is the case then the Port-channel has no meaning in your setup.

An EtherChannel is supposed to combine multiple ports connected to the same neighboring device and to use them in parallel, so that the traffic can be sent through multiple ports in a single EtherChannel simultaneously. However, if an EtherChannel consists just of a single physical port, no load balancing can take place simply because there are no more ports to carry the traffic. Multiple EtherChannels do not by themselves result into load balancing the traffic because they are considered to be distinct and independent ports, just like multiple unbundled physical ports.

If you want to take advantage of EtherChannels, you have to connect multiple links between the same pair of devices, and bundle these links into a single EtherChannel (one EtherChannel for each neighbor containing all links to that neighbor). The load balancing will then occur between these physical links between the common pair of devices. Having multiple EtherChannels, as opposed to having multiple links in a single EtherChannel, is not going to load balance the traffic. If you can not afford to have multiple physical links between the same pair of devices that can be bundled into an EtherChannel, it makes no sense to configure the EtherChannel at all.

In your case, I would suggest having, say, ports Fa0/45 and Fa0/46 go to the same F10 and bundle then into Port-channel1, and having ports Fa0/47 and Fa0/48 go to the other F10 and bundle them into Port-channel2. This would achieve the goal of actually using more available bandwidth.

No if I try to ping the virtyual IP address on the fortce 10 I get  "Unrecognized host or address, or protocol not running" can you help  with that?

This is because you do not have an IP address configured on your 2950. This IP address has to be configured on the interface Vlan X where X is the number of your management VLAN. Commonly, it is VLAN 1 but best practice recommends using a different VLAN number. This management VLAN must match the management VLAN on your F10s so that they can hear each other. Assuming that the management VLAN is 1 the configuration is straightforward:

interface Vlan 1

ip address 192.0.2.11 255.255.255.0

no shutdown

!

ip default-gateway 192.0.2.1

Replace the IP addresses with your appropriate values.

If your management VLAN is different from 1, say, 999, then the configuration would be:

vlan 999

name Management

exit

interface Vlan 1

no ip address

shutdown

interface Vlan 999

ip address 192.0.2.11 255.255.255.0

no shutdown

!

ip default-gateway 192.0.2.1

Deaddressing and deactivating the interface Vlan1 is not required as the 2950 will shutdown interface Vlan1 automatically as soon as another interface Vlan is turned on, but for the sake of going by-the-book, I have suggested this approach.

Best regards,

Peter

Peter

I am going to configure htis in just a bit, hanks so much again and I will update you ASAP

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco