Guest

Cisco Catalyst 2900 XL Series Switches

EtherChannel and Trunking Between Catalyst Layer 2 Switches and 2948G-L3/4908G-L3 Switches Configuration Example

Cisco - EtherChannel and Trunking Between Catalyst Layer 2 Switches and 2948G-L3/4908G-L3 Switches Configuration Example

Document ID: 24044

Updated: Nov 16, 2007

   Print

Introduction

This document describes the set-up of an EtherChannel and 802.1Q trunking between Catalyst 2950 and Catalyst 2948G-L3 switches. EtherChannel can be called Fast EtherChannel (FEC) or Gigabit EtherChannel (GEC) depending upon the speed of the interfaces or ports used to form the EtherChannel.

Note: The Catalyst 2950 switch supports only 802.1Q trunking, and does not support Inter-Switch Link Protocol (ISL) trunking. Catalyst 2948G-L3 and Catalyst 4908G-L3 switches share the same software image, so the Catalyst 2948G-L3 configuration used in this document also applies to the Catalyst 4908G-L3 switch.

In this configuration example, two Fast Ethernet interfaces on a Catalyst 2950 switch are bundled into a FEC with two Fast Ethernet interfaces from a Catalyst 2948G-L3 switch. FEC, GEC, port channel, and channel group refers to EtherChannel in this document.

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

This document describes the sample configuration from the switches and the output from the related show commands. For details and specific caveats or guidelines on individual switches, refer to the following documents:

Components Used

The information in this document is based on the software and hardware versions below.

  • Catalyst 2948G-L3 switch running Cisco IOS® Software 12.0(14)W5(20)

  • Catalyst 2950 switch running Cisco IOS Software 12.1(12c)EA1

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Background Theory

From a configuration standpoint, the Catalyst 2948G-L3 switch is a router. It uses a Cisco IOS command line and by default, all interfaces are routed interfaces.

The Catalyst 2948G-L3 switch does not extend your VLANs by default. Since all of the interfaces are routed interfaces, each interface has to belong to a different network or subnet. If you want two or more interfaces to belong to the same subnet, bridging needs to be configured on these interfaces.

The Catalyst 2948G-L3 switch does not support negotiation protocols found on other Catalyst switches, such as VLAN Trunk Protocol (VTP), Dynamic Trunking Protocol (DTP), and Port Aggression Protocol (PAgP). It is recommended that these protocols be turned off on the Catalyst 2950 interfaces that connect to the Catalyst 2948G-L3 switch.

On the Catalyst 2948G-L3 switch, all traffic received on the native VLAN on a trunk is routed in software. This means this traffic is sent to the CPU. When a great deal of traffic is sent on this VLAN, it can result in a high CPU load on the Catalyst 2948G-L3 switch and have an adverse effect on the performance of the network. It is advised to create a dummy VLAN (such as VLAN 99) which can be made the native VLAN for the trunk. All of the user traffic is sent over the other VLANs and these are routed in hardware, leading to a better performance.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .

Creating a Port Channel

When configuring the EtherChannel, it is recommended you create a port channel by following the steps below. This will avoid possible problems with Spanning-Tree Protocol (STP) during the configuration process. An STP loop can occur if one side is configured as a channel before the other side is configured as a channel. As a result, the switch can put the interfaces involved in the loop in Errordisabled status.The following steps are guidelines for this specific configuration scenario.

On the Catalyst 2948G-L3 switch:

  1. Configure the interfaces to be used in port channeling in administratively shut down mode.

  2. Create the port channel (channel group). The port channel carries different VLANs, so create a subinterface for each VLAN that is present on the trunk. On a 802.1Q trunk, all of the packets going over the trunk are tagged except the traffic on the native VLAN. Because of this, you need to distinguish the subinterface corresponding to the native VLAN by putting the keyword "native" at the end. As mentioned before, it is best to use a dummy VLAN that has no user traffic.

  3. The Catalyst 2948G-L3 switch has by default all routed ports. For the ports in 2948G-L3 to able to communicate on different VLANs on the 2950, you have to implement bridging. Interfaces (and subinterfaces) that belong to the same VLAN (network or subnet) have to be configured to belong to the same bridge group. To route between these different bridge groups, Integrated Routing and Bridging (IRB) must be enabled.

On the Catalyst 2950 switch:

  1. Configure the interfaces that will belong to the channel as a trunk and make sure the DTP is turned off. This is done by issuing the switchport nonegotiate command on the physical interfaces. Configure a dummy VLAN (VLAN 99 in this example) on the VLAN database that will be used as the native VLAN on the trunk. Unless otherwise specified, the native VLAN on a 802.1Q trunk is VLAN 1. You need to specify on both interfaces that you are using VLAN 99 as the native VLAN. This is done by issuing the switchport trunk native vlan 99 command.

  2. Create the port channel and be sure to set the channel mode to on (this turns off PAgP).

  3. Reenable the interfaces that were disabled earlier on the Catalyst 2948G-L3 switch by issuing the no shut command.

Network Diagram

This document uses the network setup shown in the diagram below.

172a.gif

Configurations

This document uses the configurations shown below.

Catalyst 2948G-L3
2948G-L3#show run 


!--- The following configuration shows how to configure Catalyst 2948G-L3
!--- for bridging and connect to a Catalyst 2950 with 802.1Q trunking
!--- over EtherChannel. For configuring interVLAN-routing on Catalyst 
!--- 2948G-L3, refer to Catalyst 2948G-L3 Sample Configurations.
 

Building configuration... 

Current configuration: 
! 
! 
version 12.0 
no service pad 
service timestamps debug uptime 
service timestamps log datetime 
no service password-encryption 
! 
hostname 2948G-L3 
! 
! 
ip subnet-zero 
! 

!--- Enable IRB when routing between different
!--- bridge groups is needed.
 
bridge irb 
! 

!--- Configure a logical interface for the EtherChannel.

interface Port-channel1 
no ip address 
no ip directed-broadcast 
hold-queue 300 in 
! 

!--- Create a subinterface for each VLAN on the port channel.
 
!
interface Port-channel1.1

!--- Specify the encapsulation and VLAN number.

 encapsulation dot1Q 1
 no ip redirects
 no ip directed-broadcast

!--- Add the subinterface to the appropriate bridge group. 
!--- All the interfaces (and subinterfaces) that belong to the  
!--- same VLAN (network or subnet) should be configured to fall 
!--- in the same bridge group.
 
 bridge-group 1
!

!--- Configure a subinterface for the second VLAN.
!--- This procedure must be repeated for every VLAN. 

! 
interface Port-channel1.2
 encapsulation dot1Q 2
 no ip redirects
 no ip directed-broadcast
 bridge-group 2
!

!--- Configure a subinterface for the native VLAN.
 
!
interface Port-channel1.99
 encapsulation dot1Q 99 native
 no ip redirects
 no ip directed-broadcast

!--- Note in this case you do not put any bridge group
!--- statements under this subinterface. A dummy VLAN has been chosen
!--- as the native VLAN on which you do not put any traffic,
!--- so there is no need to have this routed.
 

!
interface FastEthernet1
 no ip address
 no ip directed-broadcast

!--- Configure the port to channel 1.
 
 channel-group 1
!
interface FastEthernet2
 no ip address
 no ip directed-broadcast

!--- Configure the port to channel 1.
 
 channel-group 1
!
interface FastEthernet3
 no ip address
 no ip directed-broadcast

!--- The device connected on this interface belongs 
!--- to the same subnet (VLAN 1) as subinterface 1 on
!--- the port channel, so this interface has to be added to 
!--- bridge-group 1.



 bridge-group 1
!

!--- If there are any other interfaces that belong to
!--- the same VLAN (subnet), they all have to be added to
!--- the respective bridge group.

( .... Output is suppressed) 
!
!
! a routed interface for bridge-group 1 
interface BVI1
 ip address 1.1.1.1 255.255.255.0
 no ip directed-broadcast
 no ip route-cache cef
!
! a routed interface for bridge-group 2
interface BVI2
 ip address 2.2.2.1 255.255.255.0
 no ip directed-broadcast
 no ip route-cache cef
!
ip classless
!
! bridge 1 protocol ieee command enables bridging using the IEEE 802.1d spanning-tree 
bridge 1 protocol ieee
! The bridge 1 route ip command specifies that IP will be routed
 bridge 1 route ip
! bridge 2 protocol ieee command enables bridging using the IEEE 802.1d spanning-tree 
 bridge 2 protocol ieee
! bridge 2 route ip command specifies that IP will be routed
 bridge 2 route ip
!
line con 0
 transport input none
line aux 0
line vty 0 4
 login
!
end

Catalyst 2950
5-2950-24##show run
Building configuration...

Current configuration : 1986 bytes
!
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 5-2950-24#
!
!
!

!--- VLAN 2 is created for this lab set up, 
!--- and VLAN 1 is created by default.

vlan 2
ip subnet-zero

!--- For information on VTP, refer to 
!--- Understanding and Configuring VLAN Trunk Protocol (VTP)


vtp domain cisco
vtp mode transparent
!
spanning-tree extend system-id
!

!--- A logical port-channel interface is automatically created 
!--- when ports are grouped into a channel group.
 

!
interface Port-channel1

!--- The switchport trunk native vlan 99 command is 
!--- issued on the Fast Ethernet interface.

switchport trunk native vlan 99

!--- The switchport mode trunk command is
!---  issued on the Fast Ethernet interface.
 
 switchport mode trunk

!-- The switchport nonegotiate command is 
!--- issued on the Fast Ethernet interface.

 switchport nonegotiate
 no ip address
 flowcontrol send off
!
interface FastEthernet0/1

!--- Configure the port to be in trunking mode.
 
 switchport mode trunk

!--- Configure a dummy VLAN as the native VLAN. 
!--- For this example, VLAN 99 is used.

 switchport trunk native vlan 99

!--- Disable the DTP negotiation on this interface 
!--- (the Catalyst 2948G-L3 switch does not support these frames).
 
 switchport nonegotiate
 no ip address

!--- Configure the port to channel without PAgP.
 
 channel-group 1 mode on
!
interface FastEthernet0/2

!--- Configure the port to be in trunking mode.
 
 switchport mode trunk

!--- Configure a dummy VLAN as the native VLAN. 
!--- For this example, VLAN 99 is used.

 switchport trunk native vlan 99

!--- Disable the DTP negotiation on this interface 
!--- (the Catalyst 2948G-L3 switch does not support these frames).
 
 switchport nonegotiate
 no ip address

!--- Configure the port to channel without PAgP.
 
 channel-group 1 mode on
!
interface FastEthernet0/3

!--- The PC2 on this interface belongs to VLAN 2.

 switchport access vlan 2
 switchport mode access

 no ip address

!--- On the userports, enable portfast to increase 
!--- the STP convergence time.
 
 spanning-tree portfast
!
( .... Output is suppressed) 
!
interface Vlan1
 ip address 1.1.1.2 255.255.255.0
 no ip route-cache

!
ip http server
!
!
line con 0
line vty 5 15
!
end

Verify

This section provides information you can use to confirm your configurations are working properly.

Certain show commands are supported by the Output Interpreter Tool (registered customers only) , which allows you to view an analysis of show command output.

show Commands for Catalyst 2950

The following show commands verify the configuration for the Catalyst 2950 switch, as shown in the output below.

5-2950-24##show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/4, Fa0/5, Fa0/6, Fa0/7
                                                Fa0/8, Fa0/9, Fa0/10, Fa0/11
                                                Fa0/12, Fa0/13, Fa0/14, Fa0/15
                                                Fa0/16, Fa0/17, Fa0/18, Fa0/19
                                                Fa0/20, Fa0/21, Fa0/22, Fa0/23
                                                Fa0/24, Gi0/1, Gi0/2
2    VLAN0002                         active    Fa0/3
1002 fddi-default                     active    
1003 token-ring-default               active    
1004 fddinet-default                  active    
1005 trnet-default                    active    

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0   
2    enet  100002     1500  -      -      -        -    -        0      0   
1002 fddi  101002     1500  -      -      -        -    -        0      0   
1003 tr    101003     1500  -      -      -        -    -        0      0   
1004 fdnet 101004     1500  -      -      -        ieee -        0      0   
1005 trnet 101005     1500  -      -      -        ibm  -        0      0   
          
Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------


5-2950-24##show interfaces port-channel 1 trunk 

Port      Mode         Encapsulation  Status        Native vlan
Po1       on           802.1q         trunking      99

Port      Vlans allowed on trunk
Po1       1-4094

Port      Vlans allowed and active in management domain
Po1       1-2

Port      Vlans in spanning tree forwarding state and not pruned
Po1       1-2


5-2950-24##show interface port-channel 1 
Port-channel1 is up, line protocol is up 
  Hardware is EtherChannel, address is 0005.7428.0e02 (bia 0005.7428.0e02)
  MTU 1500 bytes, BW 200000 Kbit, DLY 1000 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Full-duplex, 100Mb/s
  input flow-control is off, output flow-control is off
  Members in this channel: Fa0/1 Fa0/2 
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:01, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue :0/40 (size/max)
  5 minute input rate 25000 bits/sec, 39 packets/sec
  5 minute output rate 39000 bits/sec, 59 packets/sec
     11609 packets input, 955786 bytes, 0 no buffer
     Received 11590 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 11583 multicast, 0 pause input
     0 input packets with dribble condition detected
     17396 packets output, 1442093 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out


5-2950-24##show interface port-channel 1 switchport 
Name: Po1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 99 (Inactive)
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001

Protected: false

Voice VLAN: none (Inactive)
Appliance trust: none


5-2950-24##show cdp neighbors 
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater


Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
5-2948G-L3       Fas 0/1            144         R T       Cat2948G  Port-channe1
5-2948G-L3       Fas 0/2            178         R T       Cat2948G  Fas 2
5-2948G-L3       Fas 0/1            178         R T       Cat2948G  Fas 1


PC2#ping 1.1.1.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

show Commands for Catalyst 2948G-L3

The following show commands verify the configuration for the Catalyst 2948-L3 switch, as shown in the output below.

5-2948G-L3#show interfaces port-channel 1 
Port-channel1 is up, line protocol is up 
  Hardware is FEChannel, address is 0001.43ff.1407 (bia 0000.0000.0000)
  MTU 1500 bytes, BW 200000 Kbit, DLY 100 usec, rely 255/255, load 1/255
  Encapsulation ARPA, loopback not set, keepalive set (10 sec)
  Half-duplex, Unknown Speed, Media type unknown
  ARP type: ARPA, ARP Timeout 04:00:00
    No. of active members in this channel: 2 
        Member 0 : FastEthernet1 
        Member 1 : FastEthernet2 
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Queueing strategy: fifo
  Output queue 0/40, 0 drops; input queue 0/300, 0 drops
  5 minute input rate 2000 bits/sec, 4 packets/sec
  5 minute output rate 1000 bits/sec, 1 packets/sec
     27033 packets input, 2083710 bytes, 0 no buffer
     Received 6194 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 watchdog, 0 multicast
     0 input packets with dribble condition detected
     12808 packets output, 1945983 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out


5-2948G-L3#show vlan

Virtual LAN ID:  1 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interfaces:  GigabitEthernet49
GigabitEthernet50.1
Port-channel1.1

 This is configured as native Vlan for the following interface(s) :
GigabitEthernet49
GigabitEthernet50

   Protocols Configured:   Address:              Received:        Transmitted:
           IP              10.10.10.1                   0                   0
        Bridging        Bridge Group 1               3418                   5

Virtual LAN ID:  2 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interfaces:  GigabitEthernet50.2
Port-channel1.2

   Protocols Configured:   Address:              Received:        Transmitted:
           IP              20.20.20.1                   0                   0
        Bridging        Bridge Group 2               3952                   9
          
Virtual LAN ID:  21 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interface:   GigabitEthernet49.1

   Protocols Configured:   Address:              Received:        Transmitted:

Virtual LAN ID:  99 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interface:   Port-channel1.99

 This is configured as native Vlan for the following interface(s) :
Port-channel1

   Protocols Configured:   Address:              Received:        Transmitted:


5-2948G-L3#show spanning-tree 

 Bridge group 1 is executing the IEEE compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, address 0001.43ff.1409
  Configured hello time 2, max age 20, forward delay 15
  We are the root of the spanning tree
  Topology change flag not set, detected flag not set
  Times:  hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15 
  Timers: hello 0, topology change 0, notification 0
  bridge aging time 300

Port 6 (FastEthernet3) of Bridge group 1 is forwarding
   Port path cost 19, Port priority 128
   Designated root has priority 32768, address 0001.43ff.1409
   Designated bridge has priority 32768, address 0001.43ff.1409
   Designated port is 6, path cost 0
   Timers: message age 0, forward delay 0, hold 0
   BPDU: sent 4107, received 2

Port 58 (Port-channel1.1 DOT1Q) of Bridge group 1 is forwarding
   Port path cost 12, Port priority 128
   Designated root has priority 32768, address 0001.43ff.1409
   Designated bridge has priority 32768, address 0001.43ff.1409
   Designated port is 58, path cost 0
   Timers: message age 0, forward delay 0, hold 0
   BPDU: sent 5240, received 502

          
 Bridge group 2 is executing the IEEE compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, address 0000.0c00.d08c
  Configured hello time 2, max age 20, forward delay 15
  Current root has priority 0, address 0010.0db1.804f
  Root port is 59 (Port-channel1.2), cost of root path is 50
  Topology change flag not set, detected flag not set
  Times:  hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15 
  Timers: hello 0, topology change 0, notification 0
  bridge aging time 300

Port 59 (Port-channel1.2 DOT1Q) of Bridge group 2 is forwarding
   Port path cost 12, Port priority 128
   Designated root has priority 0, address 0010.0db1.804f
   Designated bridge has priority 32770, address 0005.7428.0e00
   Designated port is 65, path cost 38
   Timers: message age 3, forward delay 0, hold 0
   BPDU: sent 1790, received 3964


PC1#ping 2.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Nov 16, 2007
Document ID: 24044