Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

port channel from 2960 to Cisco Core 6513

I have a Cisco 6513 Core Switch, which is in a vtp domain and the core is the Server.  There are a number of other port channels going from the 6513 to other 2960 switch stacks.  The other switch stacks are in vtp client mode and are getting all vlans form the Server 6513 within this vtp domain.

 

I am trying to connect 2 - 2960S FPD L switches, which are connected together via flex module/flex cable.  I have 2 sfp's in the sfp ports on one of these switches and am creating one port channel of 20G(2 10G ports Te1/0/1 and Te1/0/2) going to two 10Gig ports on the Cisco 6513(Te9/7 and Te9/8) as a port channel created on the 6513 end. 

 

I want to know first of all if it is possible to keep the 2960's in transparent mode and only allow 2 vlans to go to these 2 2960's.  I don't need all vlans on these switches, and the other 2960 stacks going to the 6513 do have all vlans and are in the vtp domain.  This one would only all vlans 4, and 20.

Can someone give me an example of the setup on each end to make this work?  I have tried and get a subnet mask error, so I must be going something wrong.  The vlans:  vlan 4: 10.35.3.0/22 and vlan 20 :  10.35.20.0/24 would be the only ones I would want to tag ports for on these 2 2960 switches in transparent mode.

 

Wanted to also setup a management interface for vlan 20 so I can remotely connect to 2960 stack.  It would be 10.35.20.30 for the int management IP.

 

Thanks in advance

Dave 

17 REPLIES

HelloLet say both your

Hello

Let say both your managment and native vlan are set to 900 and is already defined in the vtp D/B, then all you need to do is create a managment address on the new 2960 stack and put the stack intovtp  transparent mode and allow just the vlans you wish to cross the ehterchannel.

6513

Conf t

int vlan 900 ( already defined)
ip address x.x.x.x y.y.y.y

int vlan 4
ip address x.x.x.x y.y.y.y

int vlan 20
ip address x.x.x.x y.y.y.y

vlan 4,20
exit
 

 

int port-channel 1
description Link to 2960 PO1(TE1/0/1, TE1/0/2)
switchport trunk encapsulation dot1q
switchport mode trunk
switchport mode trunk allowed vlan 4,20,900
switchport trunk native vlan 900
switchport nonegotiate
channel-group 1 mode desirable


int ran te9/7 -8
no shut

 

2960

conf t
int vlan 900( managment address)
ip address x.x.x.x y.y.y.y

vtp mode transparent
vlan 4,20,900
exit

default interface ran  te1/0/1 -2
int ran te1/0/1 -2
shut
channel-group 1 mode desirable

int port-channel 1
description PO1 link to 6513 (TE9/7, TE9/8)
switchport trunk encapsulation dot1q
switchport mode trunk
switchport mode trunk allowed vlan 4,20,900
switchport trunk native vlan 900
switchport nonegotiate
channel-group 1 mode desirable


int ran te1/0/1 -2
no shut

 

 

res

Paul

 



 

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

what do you mean by native

what do you mean by native vlan.  is there a 3rd vlan I need?  vlan 4 and 20 are already on the 6513.  What exactly is native vlan?

 

Also on 2960, it will not let me do:

switchport trunk encapsulation dot1q

Do I need to do 

channel-group 1 mode desirable?

I did channel-group 1 mode on, also I am sure it doesn't matter that the port channel numbers are different on 6513 and 2960?  6513 is p06 and 2960 is p01

Cisco Employee

Many Cisco switches support

Many Cisco switches support two methods of trunking - dot1q and ISL.  ISL is a Cisco-proprietary method of trunking.  The 2960's do not support ISL, so dot1q is on by default.  There's no need for the trunk encapsulation command.

When a frame is transferred over a trunk, dot1q trunking adds a tag to the frame so that the receiving switch knows which vlan the frame belongs to.  Your native vlan is a special vlan which does not have a tag applied.  Among other things, it's used for administrative traffic between the switches such as the messages the switches exchange to negotiate a port channel.  You can use one of your two vlans - vlan 4 or 20 - as your native vlan but it's recommended that you use a different vlan to segregate the traffic.  If you do not specify a native vlan, the switch will use vlan 1 as the native.  It's considered more secure to not use vlan 1 on your network, so it's recommend to have a different vlan explicitly configured as native.  If you're using vlan 1 as native through the rest of the network - if none of your other trunks have a native vlan explicitly configured - it doesn't do much good to change it on this one trunk.  You do not have to explicitly allow the native vlan on the trunk.  If you leave your native vlan as 1 and allow vlans 4 and 20 it will work fine.  You might want to do some research on the security implications and consider changing it through the whole network but that's a separate issue from getting this to work.

Port channel numbers are locally significant.  They don't have to match on opposite ends of the channel, they just have to be the same on each interface of a particular switch.  You can use either mode desirable or mode on.  It changes the way the switches set up the port channel a little bit but it doesn't change the way the channel operates. 

helloshow interface trunk

hello

I am on my mobile so it hard to type so i will be brief!

 

show interface trunk -this will tell you your native vlan - unfortunately its usually set to vlan 1 (by default) and isnt changed 

it should for secuity reasons  so if it  vlan1 the  you dont have to specify the switchport trunk native  vlan command

 

as to swixhport trunk encapsulation dot1q - this isnt required either as the 2960 defUlt to dot1q - (forgot about that)

 

the etherchannel numbers on either swich DONT have to be th same

 

as for th ethrchannel -On-ON is fine

however no link aggregation monitoring would be active

Pagp - cisco to cisco

lagp - cisco to other vendor

 

 

res

paul

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Ok so if I don't have the

Ok so if I don't have the dot1q encapsulation on the 2960 end of the port channel that is ok right?  I still want the dot1q on the 6513 end, or can take that off also?

I also don't have anything listed for a protocol when I do a sh etherchannel summary, so I want to make that Pagp? correct?

none of the other trunks I have are showing native vlan, so will not having this affect it not coming up or coming up?

My error I received when I originally set this up on the 2960 end is this:

%EC-5-CANNOT_BUNDLE2: Te1/0/1 is not compatible with Po1 and will be suspended (vlan mask is different)

Te1/0/1 shows up and suspended.

So on each end of the port channel interface, from 6513 ports to 2960 it will look a lot alike correct.  the ports that are are part of the port channel on each end would look like what?

After that I can just make all ports switchports and assign them either vlan 20 or 4 ?

Are you around on monday morning when I am going to be making some changes to email back and forth?

you have an email address I can use or chat?  Ever use team viewer?  Would you be interested in or be able to do this Monday if I had issues?

Hellodot1q IS required on the

Hello

dot1q IS required on the 6513

correct assign vlan 4 or 20 to th access ports of the 2660 stack

 

the error message you received is telling you that the two interfaces  in the port channel are not the same they Need to be Exactly the same configuration hence the error message - please  follow my original  post

if you are unsure you about anything you can contact me via my csc email address i would be happy to assist you in anyway i can!

 

res

Paul

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

what is your csc email?

what is your csc email?

New Member

what is your csc email

what is your csc email address?

Log on to csc and send me a

Log on to csc and send me a message and i will reply to it

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

I am sending you a message,

I am sending you a message, can you reply with your email address?

New Member

I'm going to mess with this

I'm going to mess with this now and see what I end up getting

working/not working.

should I use pagp?

HelloYes use pagp 

Hello

Yes use pagp

 

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

FYI, I got this working. 

FYI,

 

I got this working.  Turns out I had to reseat the sfp on the Core 6513 switch.  The port was showing (faulty) reseating it brought this port on the port channel up.

helloNice to hear that?I

hello

Nice to hear that?

I guess the ehterchannel config is okay for you then?

 

please rate if applicable

 

 

Please don't forget to rate any posts that have been helpful. Thanks.

Hi,Both end switches trunk

Hi,

Both end switches trunk ports have to be set with same trunk encapsulation, in your case the switch 6513 trunk encapsulation has to be set to dot1qThere are some requirements when using ether channel, like all physical interfaces have to have same duplex and speed and to be in the same vlan or all in same trunk link carrying same vlans and none of them can be a span port.

Aref

New Member

Do I need to have Pagp

Do I need to have Pagp protocol enabled? right now I have nothing

New Member

Attached is some port

Attached is some port information on the port channel on the 2960 end.

The port channel came up, but only one of the 10 gig ports is coming up .

 

Te1/0/1 and Te1/0/2 are part of this port channel but only Te1/0/1 comes up and for some reason when I show int on P01 on the 2960 it only shows Te1/0/1 as a member.

 

See attached

530
Views
0
Helpful
17
Replies
CreatePlease to create content