[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2082
  • Last Modified:

Cisco 3750 - Teamed network (Trunking)

We have a new blade server and need to setup trunking (EtherChannel) on 2 ports - gi1/01 and gi1/02.

I assume these ports need to be in a seperate vlan?

I have been getting a bunch of different errors along the way.

I thought this was fairly simple.... these are the instructions I have...
config t                                                                 (change to config mode)

int range gi2/29-30                                          (commands below apply to ports 29 and 30.... configuring the port(s) )

switchport mode trunk                                                 (becomes .1q trunk)
switchport trunk allow vlan 3                      (vlan 3 can now pass through this trunk "vlan pruning")
channel-protocol lacp                                    (change those ports to lacp)
channel-group 10 mode active                   (creates an ether-channel)
spanning-tree bpduguard enable                             (discards bpdu's from VC)
spanning-tree portfast trunk                      (treats this connection as a "server connection")              


Any thoughts or suggestions?

Thanks!
0
edalzell
Asked:
edalzell
  • 22
  • 11
  • 11
  • +2
2 Solutions
 
SouljaCommented:
I don't see:

switchport trunk encapsulation dot1q


Also check your Po10 interface to ensure the configs match up with the member port configs.
0
 
SouljaCommented:
Also, you stated you were creating this on gi1/01 and gi1/02 and then later show int range gi2/29-30. Are you plugging int to the correct ports?                                  
0
 
edalzellAuthor Commented:
Sorry,,, was cutting and pasting from an old doc.

Here's my current notes.

config t

int range gi1/0/1-2

switchport trunk encapsulation dot1q

switchport mode trunk                                            

switchport trunk allow vlan 3                      

channel-protocol lacp                              

channel-group 10 mode active                  

spanning-tree bpduguard enable                

spanning-tree portfast trunk

Anything else I might be missing?

Thanks for getting back to me! :-)
0
New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

 
SouljaCommented:
Can you post the config of your port channel interface? Is this server a vmware box. What reason do you need it to be a trunk, espically is you are only allowing 1 vlan?
0
 
edalzellAuthor Commented:
Thanks again...

For our blade server - we need (or are trying) to combine 2 Gb interfaces into 1 aggregate 2 Gb port, to comminicate with the 8 blades in our server.

The config and suggestion came from our HP rep.
BTW, not a VM.

Let me know if I'm off-base... thanks!



#show interfaces port-channel 10
Port-channel10 is down, line protocol is down (notconnect)
  Hardware is EtherChannel, address is 001e.bdf9.4e82 (bia 001e.bdf9.4e82)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Auto-duplex, Auto-speed, link type is auto, media type is unknown
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:25:10, output 00:24:42, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     230640 packets input, 17792547 bytes, 0 no buffer
     Received 230640 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 32315 multicast, 0 pause input
     0 input packets with dribble condition detected
     116505 packets output, 14484820 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out
0
 
edalzellAuthor Commented:
Quick clarification...

I meant 2 x 1 Gb interfaces into 1 aggregate 2 Gb int.

And, yes, I do realize that Port-channel10 is down 0 just not sure what I;ve done wrong.

from the GUI, both interfaces appear disabled. :-(

Thanks again! :-)
0
 
Don JohnstonInstructorCommented:
Switch config looks good.

Are the server interfaces configured?

Post the output of a "show ether summ".
0
 
edalzellAuthor Commented:
#show ether summ
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 1
Number of aggregators:           1

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
10     Po10(SD)        LACP      Gi1/0/1(s)  Gi1/0/2(s)
0
 
edalzellAuthor Commented:
Yes, they are configured.
Port-channel10 is still down - how can I bring this up?

Thanks again! :-)
0
 
Don JohnstonInstructorCommented:
Are the server ports in active or passive mode?

Just in case something went goofy, check your config for the physical ports and verify the commands are all there and that both ports are configured exactly the same.

Then bounce the ports and see if that does it.

int range g1/0/1 -2
shut
no shut
0
 
FideliusCommented:
Hello,

As you mention you have HP blade servers, you also probably have blade switches in the blade chassis so blade servers are connected through blade switches to 3750. What type are blade switches? Please post their external port (ports facing Cisco) config.

You have to configure etherchannel in same mode on both sides of the uplink.

Regards!
0
 
edalzellAuthor Commented:
Thanks guys - I'll have a look at the server first thing on the AM.

Any idea WHY the switch ports would be DOWN or listed as disabled?

Thanks!

E.D.
0
 
Don JohnstonInstructorCommented:
>Any idea WHY the switch ports would be DOWN or listed as disabled?

Post the output of a "show int g1/0/1" and "show int g1/0/1" along with "show run int g1/0/1" and "show run int g1/0/2".
0
 
edalzellAuthor Commented:
As requested... :-)


show int g1/0/1
GigabitEthernet1/0/1 is up, line protocol is down (suspended)
  Hardware is Gigabit Ethernet, address is 001e.bdf9.4e81 (bia 001e.bdf9.4e81)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 06:28:44, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     360725 packets input, 27751351 bytes, 0 no buffer
     Received 357525 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 45546 multicast, 0 pause input
     0 input packets with dribble condition detected
     75147 packets output, 10136652 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out



show int g1/0/2
GigabitEthernet1/0/2 is up, line protocol is down (suspended)
  Hardware is Gigabit Ethernet, address is 001e.bdf9.4e82 (bia 001e.bdf9.4e82)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 06:28:52, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     37315 packets input, 3482417 bytes, 0 no buffer
     Received 19744 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 7226 multicast, 0 pause input
     0 input packets with dribble condition detected
     87400 packets output, 12529489 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out




show run int g1/0/1
Building configuration...

Current configuration : 274 bytes
!
interface GigabitEthernet1/0/1
 switchport access vlan 3
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 3
 switchport mode access
 channel-protocol lacp
 channel-group 10 mode active
 spanning-tree portfast trunk
 spanning-tree bpduguard enable
end



show run int g1/0/2
Building configuration...

Current configuration : 274 bytes
!
interface GigabitEthernet1/0/2
 switchport access vlan 3
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1
 switchport mode access
 channel-protocol lacp
 channel-group 10 mode active
 spanning-tree portfast trunk
 spanning-tree bpduguard enable
end

0
 
Don JohnstonInstructorCommented:
Do you want this link to be a trunk (multiple VLANs) or an access link in VLAN 3?
0
 
FideliusCommented:
As this link must be terminated at blade switch, not server directly it doesn't matter if it is configured as access or trunk.
My guess is that blade switch maybe doesn't support LACP.

Try to configure ports as a trunks without LACP:

interface range GigabitEthernet1/0/1 - 2
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport trunk allowed vlan 3
 channel-group 10 mode on
 spanning-tree portfast trunk
 spanning-tree bpduguard enable
end
0
 
edalzellAuthor Commented:
donjohnston - I assume an access link in Vlan3.
Really all I want to do is have my blade connect to my switch at 2 Gb, rather than 1 Gb to avoid any bottle-necking. I'd rather not vlan at all, but I assume I have to....

Thanks!

Fidelius - I'll try your suggestion as soon as I can. :-)
0
 
Don JohnstonInstructorCommented:
Well, if you don't need multiple VLANs then yes, an access link is what you want.

But you've got a few commands that are trunking specific:

 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1
 spanning-tree portfast trunk

Now these commands won't have any effect until a "switchport mode trunk" command is entered on the interface so they're not hurting anything.

But if both ends of the link aren't operating identically, the channel will not come up. So it's important that the other end of this link be an access link in VLAN 3.

Which brings up another thought: Does VLAN 3 exist? Post the output of a "show vlan brief".
0
 
edalzellAuthor Commented:

3750_1#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                Gi1/0/7, Gi1/0/8, Gi1/0/9... and so on...

3    blade                            active
10   SCAN                             active
0
 
Don JohnstonInstructorCommented:
Looks like Po10 isn't a member. Try this:

int po10
 shut
 switchport access vlan 3
 switchport mode access
 no shut
0
 
Craig BeckCommented:
Are you using a blade switch or pass-through modules in the blade chassis?
0
 
edalzellAuthor Commented:
Blade switch - flex10
0
 
edalzellAuthor Commented:
djohnston...


interface Port-channel10
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 3
 switchport mode trunk
!
interface GigabitEthernet1/0/1
 switchport mode access
 switchport port-security
 switchport port-security aging time 2
 switchport port-security violation restrict
 switchport port-security aging type inactivity
 macro description cisco-desktop
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/2
 switchport mode access
 switchport port-security
 switchport port-security aging time 2
 switchport port-security violation restrict
 switchport port-security aging type inactivity
 macro description cisco-desktop
 spanning-tree portfast
 spanning-tree bpduguard enable
!




3750_1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi1/0/3, Gi1/0/4, Gi1/0/5
                                                Gi1/0/6, Gi1/0/7, Gi1/0/8
                                                Gi1/0/9, Gi1/0/10, Gi1/0/11
                                                Gi1/0/12, Gi1/0/13, Gi1/0/14....
3    blade                            active    Po10


The ports are back UP - but still can't PING blade.


Thanks again guys.... heopfully I'm getting closer! :-)
0
 
SouljaCommented:
As I stated earlier. All of the configurations for you Port Channel interface and the interfaces in it must match up. You can't have the two gig interfaces as trunks and the port channel as an access port. I won't work. Start from scratch. Configure the port channel first, then go to the two interfaces and copy the port channels configuration to them, then add the channel-group x mode on to the two gig interfaces.
0
 
SouljaCommented:
Based on the config you just posted the two ports aren't even in the port channel. Please see my previous post.
0
 
Don JohnstonInstructorCommented:
Okay...

Here's the issue.

>I assume an access link in Vlan3.

>interface GigabitEthernet1/0/1
> switchport mode access

>interface Port-channel10
> switchport trunk allowed vlan 3

It is VITAL that all interface participating in this channel be configured identically. So now (it appears) you've got a trunk going to the blade. Did you re-configure the blade interfaces to be a trunk? If not, either change the blade side to be a trunk or change the switch side to be an access link.

inter po10
 shut
 switchport mode access
 no shut

Then verify with a "show vlan brief" and "show ether summ".
0
 
SouljaCommented:
Remove the port security from the two ports. Secured ports cannot be part of an etherchannel.
0
 
edalzellAuthor Commented:
Something strange... now, I can't do a show config - it hangs for a but then goes back to prompt.
Is there anything I can do without restarting the switch? ughhhh....

Thanks again guys!
0
 
Don JohnstonInstructorCommented:
What command are you using?
0
 
edalzellAuthor Commented:
Back now... hmmm -  still working on it - report back soon.
0
 
edalzellAuthor Commented:
was using show config

Seems ok now though... weird.
0
 
edalzellAuthor Commented:
I hate to rehash... getting a little confused now.
Just went through the instructions from our HP rep again...

Here's what I've got - getting a little confused between access link and trunk.

!
interface Port-channel10
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 3
 switchport mode trunk
!
interface GigabitEthernet1/0/1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 3
 switchport mode trunk
 channel-group 10 mode active
 spanning-tree portfast trunk
 spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/2
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 3
 switchport mode trunk
 channel-group 10 mode active
 spanning-tree portfast trunk
 spanning-tree bpduguard enable

Can you clarify? Sorry... it's been awhile since I've worked on routers & switches - seems I've forgotten some of the lingo.

0
 
SouljaCommented:
That looks better. I would still start of with all three configs matching exactly except for the channel-group command of course. Then go from there by adding additional configs to the port channel itself.
0
 
edalzellAuthor Commented:
Ok.... it looks like it's partially working now.

From my HP Virtual connect, I see both interfaces as active at 1Gb.

The only issue is I can't ping anything in the blade but the onboard admin.

Also, when I look at the VLAN 3 I see this..



3750_1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi1/0/3, Gi1/0/4, Gi1/0/5
                                                Gi1/0/6, Gi1/0/7, Gi1/0/8
                                                Gi1/0/9, Gi1/0/10, Gi1/0/11
 
3    blade                            active

Does these ports need to be assigned to the vlan?

Thanks again!
0
 
Don JohnstonInstructorCommented:
>Ok.... it looks like it's partially working now.

What do you mean by "partially"?

>Also, when I look at the VLAN 3 I see this..

To see what port is carrying what VLAN when a trunk is used, the "show int trunk" command is used.

What does a "show ether summ" report?
0
 
edalzellAuthor Commented:
partially... I wasn't seeing both INT on the blade as linked & active.


3750_1>show int trunk

Port        Mode         Encapsulation  Status        Native vlan
Po10        on           802.1q         trunking      1

Port        Vlans allowed on trunk
Po10        3

Port        Vlans allowed and active in management domain
Po10        3

Port        Vlans in spanning tree forwarding state and not pruned
Po10        3


show ether summ

Number of channel-groups in use: 1
Number of aggregators:           1

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
10     Po10(SU)        LACP      Gi1/0/1(P)  Gi1/0/2(P)


Any thought?

Thanks again, much appreciated!
0
 
Don JohnstonInstructorCommented:
You've got a trunk that only carries VLAN 3 (which is pointless... but it'll work) and the etherchannel successfully negotiated the creation with the peer.

>I wasn't seeing both INT on the blade as linked & active.

I would say the problem (most likely a configuration issue) is on the blade server.
0
 
SouljaCommented:
What vlan does the devices you are trying to ping reside on? How about try opening up your trunk to allow all vlans, until you figure out the connectivity issue. Then restrict the vlans across it.  Do this by removing switchport trunk allow vlan 3 from the port-channel and two interfaces.
0
 
SouljaCommented:
@Don

Lol, I said the same thing at the beginning.

"Can you post the config of your port channel interface? Is this server a vmware box. What reason do you need it to be a trunk, espically is you are only allowing 1 vlan? "
0
 
edalzellAuthor Commented:
Yes! That's it..... switchport trunk allow vlan 3
I have connectivity now.

Does this mean nothing re: vlan 3 has been programmed on the blade side?
0
 
edalzellAuthor Commented:
err.. I meant NO switchport trunk allow vlan 3 on the INTs and port-channel. :-)
0
 
SouljaCommented:
So did you remove switchport trunk allow vlan 3 and it works now? Just confirming.
0
 
SouljaCommented:
Okay, so that means the devices you are trying to ping are not on vlan 3.
0
 
edalzellAuthor Commented:
Yes... :-)
0
 
Don JohnstonInstructorCommented:
Since the default is to allow all VLAN on a trunk, removing the allow vlan command will let ALL of the VLANs cross the link.
0
 
edalzellAuthor Commented:
Thanks guys.. much appreciaited!
Now... I assume I should copy the running config to start-up, correct?

Sorry... as you can tell, my Cisco is rusty!
0
 
Craig BeckCommented:
Correct....

copy running-config startup-config
0
 
edalzellAuthor Commented:
Thanks guys!
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 22
  • 11
  • 11
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now