Link to home
Start Free TrialLog in
Avatar of pzozulka
pzozulka

asked on

Cisco SG300 LACP config

We purchased a 2nd switch (sg300-28) to add redundancy. Both switches are the same model, and both set to L3 Mode.

Can someone please review the below config to verify if LACP is correctly configured between the two switches on ports 27 & 28 to allow all traffic to flow between the two switches.

FYI, the factory default VLAN was changed from 1 to 1000 to match the 1st switch.

config-file-header
i1lvsw02
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
default-vlan vlan 1000
exit
vlan database
vlan 1-2,101,320,400,646,649,1020,1030,1040
exit
voice vlan state disabled
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname i1lvsw02
line ssh
exec-timeout 30
exit
no passwords complexity enable
username cisco password encrypted da193767a7ba202949500df3547a3151dc0ee4a5 privi                                                                                        lege 15
username pavel password encrypted a5f6338dcec5cg56440a92f22c04098e5808fafc privi                                                                                        lege 15
ip ssh server
snmp-server server
snmp-server location "Las Vegas"
snmp-server contact "Pavel"
ip http timeout-policy 1800 http-only
clock timezone PST -8
clock summer-time web recurring usa
sntp broadcast client enable both
clock source sntp
clock source browser
sntp unicast client enable
sntp unicast client poll
sntp server 64.250.229.100 poll
sntp server 205.233.73.201 poll
ip telnet server
!
interface vlan 2
 name Transit
 ip address 10.0.15.250 255.255.255.248
!
interface vlan 101
 name DMZ
 ip address 10.0.0.1 255.255.255.0
!
interface vlan 320
 name Server
 ip address 10.0.32.2 255.255.255.0
!
interface vlan 400
 name Citrix
!
interface vlan 646
 name Batch
!
interface vlan 649
 name Desktop
 ip address 10.0.64.130 255.255.255.128
!
interface vlan 1000
 ip address 10.10.0.2 255.255.255.0
!
interface vlan 1020
 name Storage
 ip address 10.20.0.2 255.255.255.0
!
interface vlan 1030
 name Replication
 ip address 10.30.0.2 255.255.255.0
!
interface vlan 1040
 name HSRP
!
interface gigabitethernet1
 switchport mode access
!
interface gigabitethernet2
 switchport mode access
!
interface gigabitethernet3
 switchport mode access
!
interface gigabitethernet4
 switchport mode access
!
interface gigabitethernet5
 switchport mode access
!
interface gigabitethernet6
 switchport mode access
!
interface gigabitethernet7
 switchport mode access
!
interface gigabitethernet8
 switchport mode access
!
interface gigabitethernet9
 switchport mode access
!
interface gigabitethernet10
 switchport mode access
!
interface gigabitethernet11
 switchport mode access
!
interface gigabitethernet12
 switchport mode access
!
interface gigabitethernet13
 switchport mode access
!
interface gigabitethernet14
 switchport mode access
!
interface gigabitethernet15
 switchport mode access
!
interface gigabitethernet16
 switchport mode access
!
interface gigabitethernet17
 switchport mode access
!
interface gigabitethernet18
 switchport mode access
!
interface gigabitethernet19
 switchport mode access
!
interface gigabitethernet20
 switchport mode access
!
interface gigabitethernet21
 switchport mode access
!
interface gigabitethernet22
 switchport mode access
!
interface gigabitethernet23
 switchport mode access
!
interface gigabitethernet24
 switchport mode access
!
interface gigabitethernet25
 switchport mode access
!
interface gigabitethernet26
 switchport mode access
!
interface gigabitethernet27
 no negotiation
 channel-group 1 mode auto
 switchport mode access
!
interface gigabitethernet28
 no negotiation
 channel-group 1 mode auto
 switchport mode access
!
interface Port-channel1
 flowcontrol on
 description SwitchToSwitch
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
!
exit
macro auto disabled
ip default-gateway 10.0.15.254

Open in new window

Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image
Nearly there, but try this instead...

interface gigabitethernet27
 no negotiation
 channel-group 1 mode active
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
 switchport mode trunk
!
interface gigabitethernet28
 no negotiation
 channel-group 1 mode active
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
 switchport mode trunk
!
interface Port-channel1
 flowcontrol on
 description SwitchToSwitch
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
 switchport mode trunk

Open in new window

Avatar of pzozulka
pzozulka

ASKER

From the Admin guide:

To add a port to the LAG, it cannot belong to any VLAN except the default VLAN.
Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image
I think that means you must create the LAG before you add VLANs to it.  IIRC you can't configure the VLANs on the LAG interface until it is created.
Avatar of pzozulka
pzozulka

ASKER

I get an error message when trying to add the interface to the channel-group. It says: port gi27 belongs to a VLAN.
Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image
Ok it may just be that it doesn't like the existing configuration, as there are already VLANs added to the interfaces.

Default the interfaces first, then try again, like this...

default interface gigabitethernet27
default interface gigabitethernet28
interface gigabitethernet27
 no negotiation
 channel-group 1 mode active
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
 switchport mode trunk
!
interface gigabitethernet28
 no negotiation
 channel-group 1 mode active
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
 switchport mode trunk
!
interface Port-channel1
 flowcontrol on
 description SwitchToSwitch
 switchport trunk allowed vlan add 2,101,320,400,646,649,1020,1030
 switchport trunk allowed vlan add 1040
 switchport mode trunk

Open in new window

Avatar of pzozulka
pzozulka

ASKER

Having trouble with the default interface command.

Tried to do it from the main cli, as well as from "config t", and from the "<config>int gi27", but it says the command is not recognized.

This is a sg300-28 switch (small business) in L3 mode.
Avatar of Mohammed Rahman
Mohammed Rahman
Flag of India image
how about interface GE27

I have checked the SG300 Series CLI guide and the interface command is

switch(config)# interface gi1

Guide Link For your reference. Cisco 300 Series CLI Guide

Is your previous question: Creating a trunk between two switches still unresolved?
Avatar of pzozulka
pzozulka

ASKER

craigbeck: I'm having difficulty with the "default" command. It says unrecognized.

Mohammad Rahman: I'm getting mixed feedback from various sources. Cisco Small Business Support is telling me that the recommendations provided by forums is incorrect because the switches are set to L3 mode, and thus require me to setup static routes on each switch for each VLAN.

Example:
Switch A - 10.10.0.1
ip route 10.10.0.0 255.255.255.255.0 10.10.0.2

Switch B - 10.10.0.2
ip route 10.10.0.0 255.255.255.255.0 10.10.0.1

According to them, since it's set to L3, LACP will not work between the two switches without also configuring static routes between each of the VLANs.

Is this true?
Avatar of pzozulka
pzozulka

ASKER

Also for Layer 3, what load-balancing mode should I configure. The default is by MAC address, but the other option is "By IP and MAC Address".
SOLUTION
Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Avatar of Mohammed Rahman
Mohammed Rahman
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial