The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to configure port channels in the Cisco Nexus 1000V.
This chapter includes the following sections:
•Information About Port Channels
•Prerequisites for Port Channels
•Verifying the Port Channel Configuration
•Port Channel Example Configuration
A port channel is an aggregation of multiple physical interfaces that creates a logical interface. You can bundle up to eight individual active links into a port channel to provide increased bandwidth and redundancy. Port channeling also load balances traffic across these physical interfaces. The port channel stays operational as long as at least one physical interface within the port channel is operational.
You can use static port channels, with no associated aggregation protocol, for a simplified configuration.
This section includes the following topics:
•Load Balancing Using Port Channels
•LACP
A port channel bundles physical links into a channel group to create a single logical link that provides the aggregate bandwidth of up to eight physical links. If a member port within a port channel fails, the traffic previously carried over the failed link switches to the remaining member ports within the port channel.
You can bundle up to eight ports into a static port channel without using any aggregation protocol.
Note The device does not support Port Aggregation Protocol (PAgP) for port channels.
Each port can be in only one port channel. All the ports in a port channel must be compatible; they must use the same speed and duplex mode (see the "Compatibility Checks" section). When you run static port channels with no aggregation protocol, the physical links are all in the on channel mode.
You can create port channels directly by creating the port channel interface, or you can create a channel group that acts to aggregate individual ports into a bundle. When you associate an interface with a channel group, the software creates a matching port channel automatically if the port channel does not already exist. In this instance, the port channel assumes the Layer 2 configuration of the first interface. You can also create the port channel first. In this instance, the Cisco Nexus 1000V creates an empty channel group with the same channel number as the port channel and takes the default Layer 2 configuration, as well as the compatibility configuration (see the "Compatibility Checks" section).
Note The port channel is operationally up when at least one of the member ports is up and is in the channeling state. The port channel is operationally down when all member ports are operationally down.
When you add an interface to a port channel group, the following compatibility checks are made before allowing the interface to participate in the port channel.
•Network layer
•(Link) speed capability
•Speed configuration
•Duplex capability
•Duplex configuration
•Port mode
•Access VLAN
•Trunk native VLAN
•Tagged or untagged
•Allowed VLAN list
•MTU size
•SPAN—cannot be a SPAN source or a destination port
•Storm control
To view the full list of compatability checks performed by the Cisco Nexus 1000V, use the following command:
show port-channel compatibility-parameters
You can only add interfaces configured with the channel mode set to on to static port channels. You can configure these attributes on an individual member port. If you configure a member port with an incompatible attribute, the Cisco Nexus 1000V suspends that port in the port channel.
Alternatively, you can force ports with incompatible parameters to join the port channel if the following parameters are the same:
•(Link) speed capability
•Speed configuration
•Duplex capability
•Duplex configuration
When the interface joins a port channel, some of its individual parameters are removed and replaced with the values on the port channel as follows:
•Bandwidth
•Delay
•Extended Authentication Protocol over UDP
•VRF
•IP address (v4 and v6)
•MAC address
•Spanning Tree Protocol
•NAC
•Service policy
•Quality of Service (QoS)
•Access control lists (ACLs)
The following interface parameters remain unaffected when the interface joins or leaves a port channel:
•Description
•CDP
•MDIX
•Rate mode
•Shutdown
•SNMP trap
Note When you delete the port channel, the software sets all member interfaces as if they were removed from the port channel.
The Cisco Nexus 1000V load balances traffic across all operational interfaces in a port channel by hashing the addresses in the frame to a numerical value that selects one of the links in the channel. Port channels provide load balancing by default. Port channel load balancing uses MAC addresses, IP addresses. or Layer 4 port numbers to select the link. Port channel load balancing uses either source or destination addresses or ports, or both source and destination addresses or ports.
You can configure the load balancing mode to apply to all port channels that are configured on the entire device or on specified modules. The per-module configuration takes precedence over the load- balancing configuration for the entire device. You can configure one load balancing mode for the entire device, a different mode for specified modules, and another mode for the other specified modules. You cannot configure the load balancing method per port channel.
You can configure the type of load balancing algorithm used. You can choose the load balancing algorithm that determines which member port to select for egress traffic by looking at the fields in the frame.
Note The default load balancing method is source MAC address.
You can configure one of the following methods to load balance across the port channel:
•Destination MAC address
•Source MAC address
•Source and Destination MAC address
•Destination IP address and VLAN
•Source IP address and VLAN
•Source and Destination IP address and VLAN
•Destination TCP/UDP port number
•Source TCP/UDP port number
•Source and Destination TCP/UDP port number
•Destination IP address and TCP/UDP port number
•Source IP address and TCP/UDP port number
•Source and Destination IP address and TCP/UDP port number
•Destination IP address, TCP/UDP port number and VLAN
•Source IP address, TCP/UDP port number and VLAN
•Source and Destinaiton IP address, TCP/UDP port number and VLAN
•Destination IP address
•Source IP address
•Source and Destination IP address
•VLAN only
•Source Virtual Port ID
When you configure source IP address load balancing, the source MAC address is used to balance traffic load. When you configure the destination MAC address load balancing method, traffic load is balanced using the destination MAC address.
The load balancing methods that use port channels do not apply to multicast traffic. Regardless of the method configured, multicast traffic uses the following methods for load balancing with port channels:
•Multicast traffic with Layer 4 information—Source IP address, source port, destination IP address, destination port
•Multicast traffic without Layer 4 information—Source IP address, destination IP address
•Non-IP multicast traffic—Source MAC address, destination MAC address
To configure port channel load balance, see the "Configuring Port Channel Load Balance" procedure.
Link Aggregation Control Protocol (LACP) lets you configure up to 16 interfaces into a port channel. A maximum of eight interfaces can be active, and a maximum of eight interfaces can be placed in a standby state. Figure 5-1 shows how individual links can be combined into LACP port channels and channel groups as well as function as individual links.
For the Cisco Nexus 1000V, LACP is enabled globally by deafult.
Note When you delete the port channel, the associated channel group is automatically deleted. All member interfaces revert to their original configuration.
This section includes the following topics:
•LACP-Enabled and Static Port Channels Differences
Figure 5-1 Individual Links Combined into a Port Channel
Individual interfaces in port channels are configured with channel modes. When you run static port channels with no aggregation protocol, the channel mode is always set to on.
You enable LACP for each channel by setting the channel mode for each interface to active or passive. You can configure either channel mode for individual links in the LACP channel group when you are adding the links to the channel group.
Table 5-1 describes the channel modes.
Both the passive and active modes allow LACP to negotiate between ports to determine if they can form a port channel based on criteria such as the port speed and the trunking state.The passive mode is useful when you do not know whether the remote system, or partner, supports LACP.
Ports can form an LACP port channel when they are in different LACP modes if the modes are compatible as in the following examples:
•A port in active mode can form a port channel successfully with another port that is in active mode.
•A port in active mode can form a port channel with another port in passive mode.
•A port in passive mode cannot form a port channel with another port that is also in passive mode, because neither port will initiate negotiation.
•A port in on mode is not running LACP and cannot form a port channel with another port that is in active or passive mode.
This section describes the LACP parameters in the following topics:
Each system that runs LACP has an LACP system priority value. You can accept the default value of 32768 for this parameter, or you can configure a value between 1 and 65535. LACP uses the system priority with the MAC address to form the system ID and also uses the system priority during negotiation with other devices. A higher system priority value means a lower priority.
Note The LACP system ID is the combination of the LACP system priority value and the MAC address.
Each port that is configured to use LACP has an LACP port priority. You can accept the default value of 32768 for the LACP port priority, or you can configure a value between 1 and 65535. LACP uses the port priority with the port number to form the port identifier.
LACP uses the port priority to decide which ports should be put in standby mode when there is a limitation that prevents all compatible ports from aggregating and which ports should be put into active mode. A higher port priority value means a lower priority for LACP. You can configure the port priority so that specified ports have a lower priority for LACP and are most likely to be chosen as active links, rather than hot-standby links.
LACP automatically configures an administrative key value equal to the channel-group number on each port configured to use LACP. The administrative key defines the ability of a port to aggregate with other ports. A port's ability to aggregate with other ports is determined by these factors:
•Port physical characteristics, such as the data rate and the duplex capability
•Configuration restrictions that you establish
You can dynamically redistribute the data traffic by using port channels. This redistribution may result from a removed or added link or a change in the load-balancing scheme. Traffic redistribution that occurs in the middle of a traffic flow can cause misordered frames.
LACP uses the Marker Protocol to ensure that frames are not duplicated or reordered due to this redistribution. The Marker Protocol detects when all the frames of a given traffic flow are successfully received at the remote end. LACP sends Marker PDUs on each of the port-channel links. The remote system responds to the Marker PDU once it receives all the frames received on this link prior to the Marker PDU. The remote system then sends a Marker Responder. Once the Marker Responders are received by the local system on all member links of the port channel, the local system can redistribute the frames in the traffic flow with no chance of misordering. The software supports only Marker Responders.
Table 5-2 summarizes the major differences between port channels with LACP enabled and static port channels.
Virtual port channel host mode (vPC-HM) allows member ports in a port channel to connect to two different upstream switches. With vPC-HM, ports are grouped into two subgroups for traffic separation. If CDP is enabled on the upstream switch, then the subgroups are automatically created using CDP information. If CDP is not enabled on the upstream switch, then you must manually create the subgroup on the interface.
As shown in Figure 5-2, in vPC-HM, member ports are assigned a subgroup ID (0 or 1)for traffic separation.
Figure 5-2 Using vPC-HM to Connect a Port Channel to Two Separate Upstream Switches
To configure an interface in vPC-HM, see the "Configuring a Port Channel that Connects to Two Upstream Switches" procedure.
vPC-HM can also be configured on the port profile. For more information, see the Cisco Nexus 1000V Port Profile Configuration Guide, Release 4.0(4)SV1(1).
Port channels provide high availability by load balancing traffic across multiple ports. If a physical port fails, the port channel is still operational if there is an active member in the port channel.
Port channels support stateful and stateless restarts. A stateful restart occurs on a supervisor switchover. After the switchover, the Cisco Nexus 1000V applies the runtime configuration after the switchover.
Port channeling has the following prerequisites:
•You are logged into the Cisco Nexus 1000V in EXEC mode.
•All ports for a single port channel must meet the compatibility requirements. See the "Compatibility Checks" section for more information on the compatibility requirements.
•You can use asymmetric port channel in host mode (vPC-HM) to configure a port channel even when the physical ports are connected to two different switches.
Port channeling has the following guidelines and restrictions:
•Port channels across modules are not supported.
•Port channels can be formed with multiple upstream links only when they satisfy the compatibility requirements and under the following conditions:
–the uplinks from the host are going to same upstream switch.
–the uplinks from the host are going to two upstream switches and are configured with vPC-HM.
•Port channels can be configured using a port-profile. For more information, see the Cisco Nexus 1000V Port Profile Configuration Guide, Release 4.0(4)SV1(1).
•You can configure up to 256 port channels,
•You can configure multiple port channels on a device.
•After you configure a port channel, the configuration that you apply to the port channel interface affects the port channel member ports. The configuration that you apply to the member ports affects only the member port where you apply the configuration.
•You must remove the port security information from a port before you can add that port to a port channel. Similarly, you cannot apply the port security configuration to a port that is a member of a channel group.
•Ports that belong to a port channel group can also be configured as private VLAN ports.
•All ports in the port channel must be in the same Cisco Nexus 1000V module; you cannot configure port channels across Cisco Nexus 1000V modules.
•Any configuration changes that you apply to the port channel is applied to every member interface of that port channel.
•Channel member ports cannot be a source or destination SPAN port.
•In order to support LACP when inband/aipc are also carried over the link, you must configure the following on the ports going towards the ESX host:
–spanning-tree portfast trunk
–spanning-tree bpdufilter enable
Note If you have a separate dedicated NIC for control traffic, these settings are not required.
•There should be at least two links connecting two switches when inband/aipc are also carried over the LACP channel.
This section includes the following topics:
•Configuring a Port Channel that Connects to a Single Upstream Switch
•Configuring a Port Channel that Connects to Two Upstream Switches
•Removing the Port Channel and Group
•Adding a Layer 2 Port to a Channel Group
•Removing a Port from a Channel Group
•Shutting Down and Restarting a Port Channel Interface
•Configuring a Port Channel Description
•Configuring Port Channel Load Balance
Note Be aware that the Cisco Nexus 1000V commands for this feature may differ from the Cisco IOS commands.
Use this procedure to configure a port channel whose member ports all connect to the same upstream switch.
If the member ports connect to two upstream switches, use the "Configuring a Port Channel that Connects to Two Upstream Switches" procedure.
Before beginning this procedure, you must know or do the following:
•When you create a port channel, an associated channel group is automatically created.
1 config t
2 interface port-channel channel-number
3 show port-channel summary
4 copy running-config startup-config
This example shows how to create a port channel:
n1000v# config t
n1000v(config)# interface port-channel 1
Use this procedure to add virtual port channel host mode (vPC-HM) to a port channel. In vPC-HM, the port channel member ports connect to two upstream switches, and the traffic must be managed in separate subgroups.
If the member ports connect to a single upstream switch, use the "Configuring a Port Channel that Connects to a Single Upstream Switch" procedure.
Before beginning this procedure, you must know or do the following:
•When you create a port channel, an associated channel group is automatically created.
•vPC-HM is only supported in port channels configured in the on mode. vPC-HM is not supported for LACP channels that use the active and passive modes.
•You know whether CDP is configured in the upstream switches. If so, then CDP creates a subgroup in each upstream switch to manage its traffic separately.
•If CDP is not configured in the upstream switch, then you must manually configure subgroups to manage the traffic flow on the separate switches.
•If you are using CDP with the default CDP timer (60 seconds), links that advertise that they are in service and then out of service in quick succession can take up to 60 seconds to be returned to service.
•If a subgroup has more than one member port, a port channel must be configured for the member ports of each sub group on the upstream switch.
•If vPC-HM is not configured when port channels connect to two different upstream switches, then the VMs behind the Cisco Nexus 1000V receive duplicate packets from the network for broadcast/unknown floods/multicast.
•vPC-HM can also be configured on the port profile. For more information, see the Cisco Nexus 1000V Port Profile Configuration Guide, Release 4.0(4)SV1(1).
1 config t
2 interface port-channel channel-number
3 sub-group cdp
4 Do one of the following
–If CDP is not configured for the upstream switch(es), then continue with the next step.
–If CDP is configured for the upstream switch(es), then go to Step 9.
5 exit
6 interface ethernet range
7 sub-group-id number
8 Repeat steps 6 and 7 for each port member connected to an upstream switch that is not configured for CDP.
9 show port-channel summary
10 copy running-config startup-config
|
|
|
---|---|---|
Step 1 |
config t Example: n1000v# config t n1000v(config)# |
Places you into the CLI Global Configuration Mode. |
Step 2 |
interface port-channel channel-number Example: n1000v(config)# interface port-channel 12 n1000v(config-if)# |
Places you into the Interface Configuration mode for the specified port channel. The allowable range is from 1 to 4096. If the channel group does not already exist, it is automatically created. |
Step 3 |
sub-group cdp Example: n1000v(config-if)# sub-group cdp n1000v(config-if)# |
Identifies the port channel as being in vPC-HM which requires that the traffic must be managed separately for each of the two upstream switches connected to the member ports. If it is configured in the upstream switches, CDP information is collected for this purpose. If CDP is not configured in the upstream switches, then you must configure subgroups manually. |
Step 4 |
Do one of the following: –If CDP is not configured for both upstream switch(es), then continue with the next step. –If CDP is configured for both upstream switch(es), then go to Step 9. |
|
Step 5 |
exit Example: n1000v(config-if)# exit n1000v(config)# |
Exits the Interface Configuration mode for the port channel and returns you to Global Configuration mode. |
Step 6 |
interface ethernet range Example: n1000v(config)# interface ethernet3/2-3 n1000v(config-if)# |
Places you into Interface Configuration mode for the specified interface range. |
Step 7 |
sub-group id number Example: n1000v(config-if)# sub-group-id 0 n1000v(config-if)# |
Configures the specified port channel members as vPC-HM so that the specified subgoup can manage traffic for one of the two upstream switches. Allowable subgroup numbers = 0 or 1 |
Step 8 |
Repeat Step 6 and Step 7 for each port member connected to an upstream switch that is not configured for CDP. |
|
Step 9 |
show port-channel summary Example: n1000v(config-if)# show port-channel summary |
(Optional) Displays the port channel configuration. |
Step 10 |
copy running-config startup-config Example: n1000v(config)# copy running-config startup-config |
(Optional) Saves the running configuration persistently through reboots and restarts by copying it to the startup configuration. |
Use this procedure to remove the port channel and delete the associated channel group.
Before beginning this procedure, you must know or do the following:
•For details about how the interface configuration changes when you delete a port channel, see the "Compatibility Checks" section .
Use this procedure to add a Layer 2 port to a channel group.
Before beginning this procedure, you must know or do the following:
•All Layer 2 member ports must run in full-duplex mode and at the same speed.
•If the port channel does not yet exist, it is automatically created when you create the channel group.
Note If you cannot add a particular interface to a particular port channel, an error message signals a compatibility problem.
1 config t
2 interface type slot/port
3 switchport
4 switchport mode trunk
5 switchport trunk {allowed vlan vlan-id | native vlan-id}
6 channel-group channel-number [mode {on | active | passive}]
7 show interface type slot/port
8 copy running-config startup-config
This example shows how to add the Layer 2 Ethernet interface 1/4 to channel group 5:
n1000v# config t
n1000v(config)# interface ethernet 1/4
n1000v(config-if)# switchport
n1000v(config-if)# channel-group 5
Use this procedure to remove a port from a channel group and return the port to its original configuration.
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
Use this procedure to shut down and restart a port channel interface.
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
•When you shut down a port channel interface, no traffic passes and the interface is administratively down.
1 config t
2 interface port-channel channel-number
3 shutdown | no shutdown
4 exit
5 show interface port-channel channel-number
6 copy running-config startup-config
This example shows how to bring up the interface for port channel 2:
n1000v# config t
n1000v(config)# interface port-channel 2
n1000v(config-if)# no shutdown
Use this procedure to configure a description for a port channel.
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
1 config t
2 interface port-channel channel-number
3 description
4 exit
5 show interface port-channel channel-number
6 copy running-config startup-config
This example shows how to add a description to port channel 2:
n1000v# config t
n1000v(config)# interface port-channel 2
n1000v(config-if)# description engineering
Use this procedure to configure the LACP mode for individual links in the LACP port channel. This setting indicates whether the link is allowed to operate with LACP.
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
•The default port channel mode is On.
•When you configure port channels with no associated aggregation protocol, all interfaces on both sides of the link remain in the on channel mode.
1 config t
2 interface type slot/port
3 channel-group number mode {active | on | passive}
4 show port-channel summary
5 copy running-config startup-config
This example shows how to set the LACP-enabled interface to the active port-channel mode for Ethernet interface 1/4 in channel group 5:
switch# config t
switch (config)# interface ethernet 1/4
switch(config-if)# channel-group 5 mode active
You can configure the speed and duplex settings for a port channel interface.
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
1 config t
2 interface port-channel channel-number
3 speed {10 | 100 | 1000 | auto}
4 duplex {auto | full | half}
5 exit
6 show interface port-channel channel-number
7 copy running-config startup-config
This example shows how to set port channel 2 to 100 Mbps:
n1000v# config t
n1000v(config)# interface port channel 2
n1000v(config-if)# speed 100
Use this procedure to configure port channel load balance for the entire device or one module.
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
•Module-based load balancing takes precedence over device-based load balancing.
•The default load balancing method is the source MAC address.
•For more information about port channel load balance, see the "Load Balancing Using Port Channels" section.
1 config t
2 port-channel load-balance ethernet {dest-ip-port | dest-ip-port-vlan | destination-ip-vlan | destination-mac | destination-port | source-dest-ip-port | source-dest-ip-port-vlan | source-dest-ip-vlan | source-dest-mac | source-dest-port | source-ip-port | source-ip-port-vlan | source-ip-vlan | source-mac | source-port | source-virtual-port-id | vlan-only}
3 show port-channel load-balance
4 copy running-config startup-config
This example shows how to configure source IP load balance for port channels on module 5:
n1000v# config t
n1000v(config)# port-channel load-balance ethernet source-ip module 5
Use this procedure to restore the default load balance method.
Use the following commands to display port channel configuration information.
For more information about command output, see the Cisco Nexus 1000V Command Reference, Beta 2 Release.
n1000v# show port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
1 Po1(SU) Eth NONE Eth3/2(P) Eth3/3(P) Eth3/4(P)
Eth3/5(P) Eth3/6(P)
0 2 2 VIRT UP UP 1 Trunk
Use the following commands to display port channel interface configuration information,
The following example shows how to create a port channel and add two Layer 2 interfaces to that port channel:
n1000v# config t
n1000v(config)# interface port-channel 5
n1000v(config-if)# interface ethernet 1/4
n1000v(config-if)# switchport
n1000v(config-if)# channel-group 5 mode active
n1000v(config-if)# interface ethernet 1/7
n1000v(config-if)# switchport
n1000v(config-if)# channel-group 5 mode
The following table lists the default settings for port channels.
For additional information related to implementing port channels, see the following sections:
|
|
---|---|
IEEE 802.3ad |
— |