Cisco IOS: Ether-Channel Trunks

KB ID 0001533

Problem

This is a subject that every time I need to create an Ether-Channel I end up checking beforehand, so it’s about time I wrote it up. We are combining two different things, an Ether-channel, (an aggregation of links) and a Trunk (the ability to carry many VLANS). If you are NOT from a Cisco background then you might want to read though the following post first to avoid confusion about the world ‘Trunk‘.

HP and Cisco – VLANs and Trunks Confusion!

So this is what I’m going to create;

I will combine the TWO links between the switches to act at one link (Ether-Channel). An Ether-Channel can have up to eight links.

Note: I’m only concentrating on the Ether-Channel setup so VLANs/VTP and Routing are not covered.

Solution

You can use two types of Ether-Channels PAgP (Port Aggregation Protocol), but WHY when it only works on Cisco switches. LACP (Link Aggregation control Protocol) which is supported by just about everything else, so let’s stick with that! By default a ‘Trunk’ will pass ALL VLANS, you might not want that, I’ll cover filtering VLANs a bit further down.

WARNING: If you simply connect two switches with two cables you will create a LOOP, if you have STP enabled the network will recover and block one of the links, but your colleagues will shake their heads and pull a ‘frowny face’. For that reason ‘SHUT THE PORTS DOWN BEFORE YOU CABLE / CONFIGURE THEM“. 

Starting on Switch1 make sure there’s is no existing Ether-Channels configured;

[box]

SW-1#show etherchannel
                Channel-group listing:
                ----------------------

Group: 1
----------
Group state = L2
Ports: 2   Maxports = 4
Port-channels: 1 Max Port-channels = 4
Protocol:   LACP
Minimum Links: 0

[/box]

Above there is already an Ether-Channel (port-channel) on the switch (group 1) so you would have to use group 2. For arguments sake we will say I don’t have one, so I can use group 1.

Note: ‘show etherchannel summary’ is also a handy command to remember!

[box]

First shut down the uplinks, Note the syntax for the 'range interfaces', may differ from device to device, 
so use the TAB key.

SW-1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW-1(config)#interface range ethernet 0/1 - 2
SW-1(config-if-range)#shutdown

Add the ports to channel group 1, Note 'Active' denotes use LACP, (Passive also works, but one (or both) ends
should be active.)

SW-1(config-if-range)#channel-group 1 mode active
Creating a port-channel interface Port-channel 1

Create a 'trunk' with 802.1q encapsulation.

SW-1(config-if-range)#switchport trunk encapsulation dot1q
SW-1(config-if-range)#switchport mode trunk

[/box]

Then configure the other end the same, (assuming the port numbers are the same!) As mentioned above you can use LACP mode ‘passive‘ but I tend to set both ends active.

Once you have both ends configured and the cables in place, enable the interfaces with a ‘no shutdown‘ command, on both ends!

[box]

SW-1(config)#interface range ethernet 0/1 - 2
SW-1(config-if-range)#no shutdown

[/box]

Filtering VLANs on an Ether-Channel Trunk

Any further port-channel changes need to be done on the port-channel interface, so if you want to filter what’s allowed you simply use the following syntax;

[box]

SW-1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
SW-1(config)#interface Port-channel1
SW-1(config-if)#switchport trunk allowed vlan 1,10,100,200

[/box]

Note: When adding any future VLANS check the syntax, if you simply add a new one it will overwrite all the others, and things will break!

Do all Ether-Channels need to be Trunks? No! Not at all, they can be access ports (as long as they are all in the same VLAN), and they can also be routed uplinks, with an IP address at both ends, (specified in the port-channel interface). 

Related Articles, References, Credits, or External Links

NA

HPe Synergy 12000 MPIO QSFP to 10GB SFP Setup

KB ID 0001495

Problem

I was recently involved in deploying an HPe Synergy 12000 Frame. And the network connections from it were ‘a little unusual’ so I thought I’d document that here, to save anyone else the problems I had.

I was connecting to an HP/Aruba 5412 switch so my cables were all HP/Aruba (to be on the safe side).

What you can see (above) is the MPIO Cable (K2Q46A P/N 800867-001) fixed onto the left (and above boxed,) there is a QSFP (P/N 817040-B21.) Note: this can be used either as 4 x 10Gbe or 4 x 8GbFC). On the right you can see the cable ends in 4x Standard LC fibre connectors, so you will also need 4x 10GB SR SFP+ Modules (Aruba P/N J1950D) – shown bottom right.

So what does it do? (Apart from cost a fortune!) Well the QSFP connects at 40Gb and splits the traffic down into 4 x 10Gb 

Cabling and Configuring MPIO QSFP

Connecting up is pretty straight forward, REMEMBER when you connect the 40GB QSFP to the Synergy it will light purple if its connected, and flash purple when it sees activity.

Connecting to the switch is also easy enough, (WARNING: All the ports need to be Trunked (HP) or Ether Channelled (Cisco,)) with LACP enabled. You don’t need to worry about configuring LACP on the Synergy, that’s handled automatically by the ‘Uplink set’.

So the back of the ‘Frame’ has two interconnect links (If you are from a switch background think of these like stacking cables). And two MPIO uplink cables.

HPe/Aruba Switch Config For MPIO

As previously stated, the switch I’m using is an Aruba 5412, with two 8 Port 1Gb/10Gb modules (J9993-A). Here’s the relevant switch config;

[box]

Firstly give the interfaces a sensible name;
!
interface A2
   name "Trunk Link to Synergy VC1 Port Q1"
   exit
interface A3
   name "Trunk Link to Synergy VC1 Port Q1"
   exit
interface A4
   name "Trunk Link to Synergy VC1 Port Q1"
   exit
interface A5
   name "Trunk Link to Synergy VC1 Port Q1"
   exit
!
interface B2
   name "Trunk Link to Synergy VC2 Port Q1"
   exit
interface B3
   name "Trunk Link to Synergy VC2 Port Q1"
   exit
interface B4
   name "Trunk Link to Synergy VC2 Port Q1"
   exit
interface B5
   name "Trunk Link to Synergy VC2 Port Q1"
   exit
!

Show any 'already configured' Trunk links with a 'show trunk' command
In my case two existed, (Trk1 and Trk2). So I used Trk3;

!
trunk A2-A5,B2-B5 Trk3 LACP
!

Now UNTAG vlan 1 (assuming that's your default VLAN) And TAG and VLANS that 
need to be used in the Synergy Deployment. (Note on an HP switch simply add
the Trk3 to the existing settings like so;

!
vlan1
untagged A6-A8,B6-B8,E1-E24,F1-F24,G3-G12,H3-H12,Trk1-Trk3
!
vlan 100
   tagged Trk1-Trk3
   exit
vlan 101
   tagged Trk1-Trk3
   exit
vlan 102
   tagged Trk1-Trk3
   exit
vlan 103
   tagged Trk1-Trk3
   exit
etc.

[/box]

Cisco Switch Config For MPIO

If you have a Cisco Switch then instead of ‘Trunking’ you will be ‘Ether Channelling’ for a more detailed explanation see the following post

HP and Cisco – VLANs and Trunks Confusion!

[box]

!
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface range Te1/1 - 4 , Te2/1 - 4
switchport trunk encapsulation dot1q
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!

[/box]

Configuring Synergy 12000 Networking

The process is, you add  Networks, then collect Networks together in Network Sets, Then you create Logical Interconnect  Groups. Part of creating a Logical Interconnect Groups, involves creating an Uplink Set, which consists of both your Networks, and the The Uplink ports.

Note: A Network Set is used by a Server Profile, (or a Server Profile Template).

Create Networks

One View > Networking > Networks > Create Network

Create Network Sets

One View > Networking > Networks Sets  > Create Network Set  > Give it a name > Add Networks > Create.

Create Logical Interconnect Group

One View > Networking > Logical Interconnect Group  > Create Logical Interconnect Group > Give it a name > Select the correct  Interconnect Bay Set (see diagram above) > Select Interconnects > Add Uplink Set.

Give the set a name > Select the Type > Add in the Networks > Add in the Uplinks > Create.

Note: You only need to add in ALL the LOGICAL interfaces i.e. Q1:1, Q1:2,Q1:3,Q1:4 for EACH Interconnect module. .

After a few minutes if you look under One View > Networking > Logical Interconnects > You will see one listed that has the name of your Logical Interconnect group (with a divide symbol on the end!) Make sure ALL the logical uplinks are connected. (If not you will see LACP errors on the switch).

 

Related Articles, References, Credits, or External Links

NA

Window Server – Configuring NIC Teaming

KB ID 0000786 

Problem

One great new feature of Server is bult in network ‘Teaming’. To do this normally takes some third party software, either form the server vendor (HP Teaming) or from the NIC manufacturer.

It utilises a new Windows feature called LBFO, this lets you both aggregate links, and have links available in the event of failover.

Note: NIC Teaming only supports up to 32 network cards.

Solution

1. Launch Server manager > All Servers > Select the server you ant to create a team on > Right Click > Configure NIC Teaming.

2. Select the NICs you want to add to the team > Right Click > Add to New Team.

3. Give the Team a name > OK.

Note: By default ‘Switch independent’ will be selected, this is probably what you want (see below) > OK.

Windows Server 2012 NIC Teaming Modes

Static Teaming: Requires configuration on the switch, which must be configured for IEEE 803.3ad (draft v1).

Switch Independent: Generally requires no switch configuration and can be connected to multiple switches.

LACP: Requires configuration on the switch, which must be configured for IEEE 802.1ax, and support LACP. Note: On a Cisco Catalyst this would be a port-channel, on an HP Networking switch this would be called an LACP trunk.

4. Now if you look under ‘Network Connections’ you will see a new one with the name you created.

5. Configure this new Teamed NIC, and simply treat it as a single network card.

Configure Teaming via PowerShell

To do the same as we did above use the following command;

[box]

New-NetLbfoTeam -Name TEAM -TeamMembers NIC1,NIC2,NIC3,NIC4 -TeamingMode SwitchIndependent

[/box]

Related Articles, References, Credits, or External Links

NA

HP and Cisco – VLANs and Trunks Confusion!

KB ID 0000741

Problem

When I first started in IT, I went and did my Cisco CCNA. So I learned that to connect Cisco switches and pass VLAN traffic between them, I needed to create a ‘Trunk’ to pass the VLAN traffic. Fast forward a few years, and I now work for an HP reseller. Very early on I came to realise that what HP called a ‘trunk’ was very different from what I had been taught. Below is an article I did a while ago about setting up HP Trunks.

HP Networking ‘ProCurve’ – Trunking / Aggregating Ports

I was in some HP/Wireless training last week and once again I was struggling with their terminology, so today I lined up a bunch of switches on the test bench and worked out the differences.

Below you will find the following scenarios;

Scenario 1 Configuring Cisco Catalyst Switches with VLANs.

Scenario 2 Configuring HP Switches with VLANs.

Scenario 3 Setting up HP Switches with Trunked VLANs

Scenario 4 Setup VLANs via HP Trunks and Cisco Port Channels

Setting up VLANs on older Cisco Switches

Solution

Scenario 1 Configuring Cisco Catalyst Switches with VLANs.

In ‘Ciscoland’ All ports are either in access mode or trunk mode, the access mode allows the port to communicate with the VLAN. The trunk mode carries the VLAN traffic to another switch (or device). So to replicate the diagram above, this is what you would need to do. (Note: For older switches like the 3550XL the VLAN commands are a little different see here)

[box]

Switch01>
 Switch01>enable
 Password: xxxxxxxx
 Switch01#configure terminal
 Enter configuration commands, one per line. End with CNTL/Z.
 Switch01(config)#vlan 10
 Switch01(config-vlan)#name Admin
 Switch01(config-vlan)#exit
 Switch01(config)#vlan 20
 Switch01(config-vlan)#name Data
 Switch01(config-vlan)#exit
 Switch01(config)#int f0/2
 Switch01(config-if)#switchport mode access
 Switch01(config-if)#switchport access vlan 10
 Switch01(config-if)#exit
 Switch01(config)#inf f0/16
 Switch01(config-if)#switchport mode access
 Switch01(config-if)#switchport access vlan 20
 Switch01(config-if)#exit
 Switch01(config)#int f0/23
 Switch01(config-if)#switchport mode trunk
 Switch02(config-if)#switchport trunk allowed vlan 1,10,20
 Switch01(config-if)#exit
 Switch01(config)#exit
 Switch01#write mem
 Building configuration...
 [OK]
 Switch01#
 
 
 
 Switch02>
 Switch02>enable
 Password: xxxxxxx
 Switch02#configure terminal
 Enter configuration commands, one per line. End with CNTL/Z.
 Switch02(config)#vlan 10
 Switch02(config-vlan)#name Admin
 Switch02(config-vlan)#exit
 Switch02(config)#vlan 20
 Switch02(config-vlan)#name Data
 Switch02(config-vlan)#exit
 Switch02(config)#int f0/2
 Switch02(config-if)#switchport mode access
 Switch02(config-if)#switchport access vlan 10
 Switch02(config-if)#exit
 Switch02(config)#inf f0/15
 Switch02(config-if)#switchport mode access
 Switch02(config-if)#switchport access vlan 20
 Switch02(config-if)#exit
 Switch02(config)#int f0/1
 Switch02(config-if)#switchport mode trunk
 Switch02(config-if)#switchport trunk allowed vlan 1,10,20
 Switch02(config-if)#exit
 Switch02(config)#exit
 Switch02#write mem
 Building configuration...
 [OK]
 Switch02#[/box]

Scenario 2 Configuring HP Switches with VLANs.

With HP switches the terminology is different, here switch ports are either tagged members or untagged members of a VLAN.

What’s the difference between tagged and untagged? If a port is a tagged member it passes the VLAN information with the traffic it sends. If it is untagged it sends the VLAN traffic without adding in the VLAN tag. So you would only make a port a tagged member if the device that is plugged into it is VLAN aware, i.e. another switch, router, or machine with a VLAN aware NIC. (Note: The VLAN tag is the ID that gets inserted into the head of a network packet). So to do exactly the same as we did in scenario 1, but with HP switches, you would do the following:

BE AWARE: Any single port can only be untagged on one VLAN. Out of the box all ports are untagged on VLAN 1 (or the default VLAN), so if you untag a port into VLAN 20 (for example) it will automatically remove the ‘vlan 1 untagged’ property for that port.

[box]

Switch01> enable
 Password:xxxxx
 Switch01# configure terminal
 Switch01(config)# vlan 10 name Admin
 Switch01(config)# vlan 20 name Data
 Switch01(config)# vlan 10
 Switch01(vlan-10)# untagged 6
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# untagged 16
 Switch01(vlan-20)# exit
 Switch01(config)# vlan 10
 Switch01(vlan-10)# tagged 13
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# tagged 13
 Switch01(vlan-20)# exit
 Switch01(config)# write mem
 Switch01(config)#
 
 Switch02> enable
 Password:xxxxx
 Switch02# configure terminal
 Switch02(config)# vlan 10 name Admin
 Switch02(config)# vlan 20 name Data
 Switch02(config)# vlan 10
 Switch02(vlan-10)# untagged 4
 Switch02(vlan-10)# exit
 Switch02(config)# vlan 20
 Switch02(vlan-20)# untagged 20
 Switch02(vlan-20)# exit
 Switch02(config)# vlan 10
 Switch02(vlan-10)# tagged 23
 Switch02(vlan-10)# exit
 Switch02(config)# vlan 20
 Switch02(vlan-20)# tagged 23
 Switch02(vlan-20)# exit
 Switch02(config)# write mem
 Switch02(config)#[/box]

Scenario 3 Setting up HP Switches with Trunked VLANs

Remember with HP a Trunk is adding together lots of links, (if you’re a Cisco head think of port-channeling). So here we create a trunk, then use that trunk to pass tagged VLAN traffic across the switches.

[box]

Switch01> enable
 Password:xxxxx
 Switch01# configure terminal
 Switch01(config)# vlan 10 name Admin
 Switch01(config)# vlan 20 name Data
 Switch01(config)# vlan 10
 Switch01(vlan-10)# untagged 6
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# untagged 16
 Switch01(vlan-20)# exit
 Switch01(config)# trunk 21,23 Trk1 LACP
 Switch01(config)# vlan 10
 Switch01(vlan-10)# tagged Trk1
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# tagged Trk1
 Switch01(vlan-20)# exit
 Switch01(config)# write mem 
 Switch01(config)# 

 
 Switch02> enable
 Password:xxxxx
 Switch02# configure terminal
 Switch02(config)# vlan 10 name Admin
 Switch02(config)# vlan 20 name Data
 Switch02(config)# vlan 10
 Switch02(vlan-10)# untagged 4
 Switch02(vlan-10)# exit
 Switch02(config)# vlan 20
 Switch02(vlan-20)# untagged 20
 Switch02(vlan-20)# exit
 Switch01(config)# trunk 21,23 Trk1 LACP
 Switch01(config)# vlan 10
 Switch01(vlan-10)# tagged Trk1
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# tagged Trk1
 Switch01(vlan-20)# exit
 Switch02(config)# write mem
 Switch02(config)#

[/box]

Scenario 4 Setup VLANs via HP Trunks and Cisco Port Channels

Now we have gone full circle, we know what all the differences are, the final part is to get them to talk to each other. So I’ll set up a two cable HP Trunk, and connect it to Cisco LACP port channel, and then finally add in the VLAN traffic.

[box]

Switch01> enable
 Password:xxxxx
 Switch01# configure terminal
 Switch01(config)# vlan 10 name Admin
 Switch01(config)# vlan 20 name Data
 Switch01(config)# vlan 10
 Switch01(vlan-10)# untagged 6
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# untagged 16
 Switch01(vlan-20)# exit
 Switch01(config)# trunk 21,23 Trk1 LACP
 Switch01(config)# vlan 10
 Switch01(vlan-10)# tagged Trk1
 Switch01(vlan-10)# exit
 Switch01(config)# vlan 20
 Switch01(vlan-20)# tagged Trk1
 Switch01(vlan-20)# exit
 Switch01(config)# write mem 
 Switch01(config)# 

 
 Switch02>
 Switch02>enable
 Password: xxxxxxx
 Switch02#configure terminal
 Enter configuration commands, one per line. End with CNTL/Z.
 Switch02(config)#vlan 10
 Switch02(config-vlan)#name Admin
 Switch02(config-vlan)#exit
 Switch02(config)#vlan 20
 Switch02(config-vlan)#name Data
 Switch02(config-vlan)#exit
 Switch02(config)#int f0/2
 Switch02(config-if)#switchport mode access
 Switch02(config-if)#switchport access vlan 10
 Switch02(config-if)#exit
 Switch02(config)# interface range fa0/23 - 24
 Switch02(config-if-range)# spanning-tree portfast trunk
 %Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

Switch02(config-if-range)# channel-protocol lacp
 Switch02(config-if-range)# channel-group 1 mode active
 Creating a port-channel interface Port-channel 1
 Switch02(config-if-range)# interface port-channel 1
 Switch02(config-if)# switchport mode trunk
 Switch02(config-if-range)#switchport trunk allowed vlan 1,10,20
 Switch02(config-if)#exit
 Switch02(config)#exit
 Switch02#write mem
 Building configuration...
 [OK]
 Switch02#

[/box]

Setting up VLANs on older Cisco Switches

Here’s an example using the older vlan database commands.

[box]

Switch01>
 Switch01>enable
 Password: 
 Switch01#
 Switch01#vlan database
 Switch01(vlan)#vlan 10 name Admin
 VLAN 10 modified:
 Name: Admin
 Switch01(vlan)#vlan 20 name Data
 VLAN 20 modified:
 Name: Data
 Switch01(vlan)#exit
 APPLY completed.
 Exiting....
 Switch01#configure terminal
 Enter configuration commands, one per line. End with CNTL/Z.
 Switch01(config)#int f0/2
 Switch01(config-if)#switchport mode access 
 Switch01(config-if)#switchport access vlan 10
 Switch01(config-if)#exit
 Switch01(config)#int f0/16
 Switch01(config-if)#switchport mode access
 Switch01(config-if)#switchport access vlan 20
 Switch01(config-if)#exit
 Switch01(config)#int f0/23
 Switch01(config-if)#switchport mode trunk
 Switch01(config-if)#switchport trunk encapsulation dot1q 
 Switch02(config-if-range)#switchport trunk allowed vlan 1,10,20
 Switch01(config-if)#exit
 Switch01(config)#exit
 Switch01#write mem
 Building configuration...
 
 Switch01#[/box]

 

Related Articles, References, Credits, or External Links

Thanks to Valentin Bajramifor the feedback