- Index
- Preface
- Product Overview
- Virtual Switching Systems (VSS)
- Layer 2 LAN Port Configuration
- Flex Links
- EtherChannels
- IEEE 802.1ak MVRP and MRP
- VLAN Trunking Protocol (VTP)
- VLANs
- Private VLANs (PVLANs)
- Private Hosts
- IEEE 802.1Q Tunneling
- Layer 2 Protocol Tunneling
- Spanning Tree Protocols (STP, MST)
- Optional STP Features
- IP Unicast Layer 3 Switching
- Multiprotocol Label Switching (MPLS)
- MPLS VPN Support
- Ethernet over MPLS (EoMPLS)
- Virtual Private LAN Services (VPLS)
- Ethernet Virtual Connections (EVC)
- Layer 2 over Multipoint GRE (L2omGRE)
- IPv4 Multicast Layer 3 Features
- IPv4 Multicast IGMP Snooping
- IPv4 PIM Snooping
- IPv4 Multicast VLAN Registration (MVR)
- IPv4 IGMP Filtering
- IPv4 Router Guard
- IPv4 Multicast VPN Support
- IPv6 Multicast Layer 3 Features
- IPv6 MLD Snooping
- NetFlow Hardware Support
- Call Home
- System Event Archive (SEA)
- Backplane Platform Monitoring
- Local SPAN, RSPAN, and ERSPAN
- SNMP IfIndex Persistence
- Top-N Reports
- Layer 2 Traceroute Utility
- Mini Protocol Analyzer
- PFC QoS Overview
- PFC QoS Guidelines and Restrictions
- PFC QoS Classification, Marking, and Policing
- PFC QoS Policy Based Queueing
- PFC QoS Global and Interface Options
- AutoQoS
- MPLS QoS
- PFC QoS Statistics Data Export
- Cisco IOS ACL Support
- Cisco TrustSec (CTS)
- AutoSecure
- MAC Address-Based Traffic Blocking
- Port ACLs (PACLs)
- VLAN ACLs (VACLs)
- Policy-Based Forwarding (PBF)
- Denial of Service (DoS) Protection
- Control Plane Policing (CoPP)
- Dynamic Host Configuration Protocol (DHCP) Snooping
- IP Source Guard
- Dynamic ARP Inspection (DAI)
- Traffic Storm Control
- Unknown Unicast and Multicast Flood Control
- IEEE 802.1X Port-Based Authentication
- Configuring Web-Based Authentication
- Port Security
- Lawful Intercept
- Online Diagnostic Tests
- Migrating From a 12.2SX QoS Configuration
- Prerequisites for EtherChannels
- Restrictions for EtherChannels
- Information About EtherChannels
- Default Settings for EtherChannels
- How to Configure EtherChannels
- Configuring Port Channel Logical Interfaces
- Configuring Channel Groups
- Configuring the LACP System Priority and System ID
- Configuring EtherChannel Load Balancing
- Configuring the EtherChannel Hash-Distribution Algorithm
- Configuring the EtherChannel Min-Links Feature
- Configuring LACP 1:1 Redundancy
- Configuring LACP Port-Channel Standalone Disable
EtherChannels
- Prerequisites for EtherChannels
- Restrictions for EtherChannels
- Information About EtherChannels
- Default Settings for EtherChannels
- How to Configure EtherChannels
Note ● For complete syntax and usage information for the commands used in this chapter, see these publications:
http://www.cisco.com/en/US/products/ps11845/prod_command_reference_list.html
- Cisco IOS Release 15.0SY supports only Ethernet interfaces. Cisco IOS Release 15.0SY does not support any WAN features or commands.
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html
Participate in the Technical Documentation Ideas forum
Prerequisites for EtherChannels
Restrictions for EtherChannels
- LACP EtherChannels and the 802.1ad provider-bridge mode are mutually exclusive. LACP EtherChannels cannot transmit traffic when the 802.1ad provider-bridge mode is enabled.
- LACP 1:1 redundancy must be enabled at both ends of the LACP EtherChannel.
- LACP does not support half-duplex links. Half-duplex links in an LACP EtherChannel are put in the suspended state.
- When EtherChannel interfaces are configured improperly, they are disabled automatically to avoid network loops and other problems.
- Frames with SAP/SNAP encapsulation are load-balanced as Layer 2 traffic.
- The commands in this chapter can be used on all Layer 2 Ethernet ports, including the ports on the supervisor engine and a redundant supervisor engine.
- All Layer 2 Ethernet ports on all modules, including those on a redundant supervisor engine, support EtherChannels (maximum of eight LAN ports) with no requirement that the LAN ports be physically contiguous or on the same module.
- Configure all LAN ports in an EtherChannel to use the same EtherChannel protocol; you cannot run two EtherChannel protocols in one EtherChannel.
- Configure all LAN ports in an EtherChannel to operate at the same speed and in the same duplex mode.
- Enable all LAN ports in an EtherChannel. If you shut down a LAN port in an EtherChannel, it is treated as a link failure and its traffic is transferred to one of the remaining ports in the EtherChannel.
- An EtherChannel will not form if any of the LAN ports is a Switched Port Analyzer (SPAN) destination port.
- For Layer 3 EtherChannels, assign Layer 3 addresses to the port channel logical interface, not to the LAN ports in the channel.
- For Layer 2 EtherChannels:
– Assign all LAN ports in the EtherChannel to the same VLAN or configure them as trunks.
– If you configure an EtherChannel from trunking LAN ports, verify that the trunking mode is the same on all the trunks. LAN ports in an EtherChannel with different trunk modes can operate unpredictably.
– An EtherChannel supports the same allowed range of VLANs on all the LAN ports in a trunking Layer 2 EtherChannel. If the allowed range of VLANs is not the same, the LAN ports do not form an EtherChannel.
– If the allowed range of VLANs is configured on the EtherChannel before adding the member interfaces, the list of allowed VLANs does not propagate to the interfaces thereby causing compatibility issues between the member and the port channel.
– LAN ports with different STP port path costs can form an EtherChannel as long they are compatibly configured with each other. If you set different STP port path costs, the LAN ports are not incompatible for the formation of an EtherChannel.
– An EtherChannel will not form if protocol filtering is set differently on the LAN ports.
– Configure static MAC addresses on the EtherChannel only and not on physical member ports of the EtherChannel.
- After you configure an EtherChannel, the configuration that you apply to the port channel interface affects the EtherChannel. The configuration that you apply to the LAN ports affects only the LAN port where you apply the configuration.
- Cisco IOS Release 15.0SY does not support ISL trunk encapsulation. If a non-trunking Layer 2 EtherChannel includes member ports that that are not capable of ISL trunk encapsulation, the switchport trunk encapsulation dot1q command is added to the port-channel interface. The command has no affect when the switchport mode is “access” ( CSCta45114).
- When QoS is enabled, enter the no platform qos channel-consistency port-channel interface command to support EtherChannels that have ports with and without strict-priority queues.
Information About EtherChannels
- EtherChannel Feature Overview
- Information about EtherChannel Configuration
- Information about Port Channel Interfaces
- Information about LACP 1:1 Redundancy
- Information about Load Balancing
EtherChannel Feature Overview
An EtherChannel bundles individual Ethernet links into a single logical link that provides the aggregate bandwidth of up to eight physical links.
Cisco IOS Release 15.0SY supports a maximum of 256 EtherChannels. You can form an EtherChannel with up to eight compatibly configured LAN ports on any switching module. All LAN ports in each EtherChannel must be the same speed and must all be configured as either Layer 2 or Layer 3 LAN ports.
Note The network device to which a switch is connected may impose its own limits on the number of ports in an EtherChannel.
If a segment within an EtherChannel fails, traffic previously carried over the failed link switches to the remaining segments within the EtherChannel. When a failure occurs, the EtherChannel feature sends a trap that identifies the switch, the EtherChannel, and the failed link. Inbound broadcast and multicast packets on one segment in an EtherChannel are blocked from returning on any other segment of the EtherChannel.
Information about EtherChannel Configuration
EtherChannel Configuration Overview
You can configure EtherChannels manually or you can use the Port Aggregation Control Protocol (PAgP) or the Link Aggregation Control Protocol (LACP) to form EtherChannels. The EtherChannel protocols allow ports with similar characteristics to form an EtherChannel through dynamic negotiation with connected network devices. PAgP is a Cisco-proprietary protocol and LACP is defined in IEEE 802.3ad.
PAgP and LACP do not interoperate with each other. Ports configured to use PAgP cannot form EtherChannels with ports configured to use LACP. Ports configured to use LACP cannot form EtherChannels with ports configured to use PAgP. Neither interoperates with ports configured manually.
Table 1-1 lists the user-configurable EtherChannel modes.
Table 1-2 lists the EtherChannel member port states.
|
|
---|---|
The port is part of an EtherChannel and can send and receive BPDUs and data traffic. |
|
The port is not part of an EtherChannel. The port can receive BPDUs but cannot send them. Data traffic is blocked. |
|
The port is not bundled in an EtherChannel. The port functions as a standalone data port. The port can send and receive BPDUs and data traffic. Note When one end of an EtherChannel has more members than the other, the unmatched ports enter the standalone state. In a topology that is not protected from Layer 2 loops by the spanning tree protocol (STP), a port in the standalone state can cause significant network errors. You can enter the port-channel standalone-disable interface configuration mode command to put ports into the suspended state instead of the standalone state. See the “Configuring LACP Port-Channel Standalone Disable” section. |
Information about Manual EtherChannel Configuration
Manually configured EtherChannel ports do not exchange EtherChannel protocol packets. A manually configured EtherChannel forms only when you configure all ports in the EtherChannel compatibly.
Information about PAgP EtherChannel Configuration
PAgP supports the automatic creation of EtherChannels by exchanging PAgP packets between LAN ports. PAgP packets are exchanged only between ports in auto and desirable modes.
The protocol learns the capabilities of LAN port groups dynamically and informs the other LAN ports. Once PAgP identifies correctly matched Ethernet links, it facilitates grouping the links into an EtherChannel. The EtherChannel is then added to the spanning tree as a single bridge port.
Both the auto and desirable modes allow PAgP to negotiate between LAN ports to determine if they can form an EtherChannel, based on criteria such as port speed and trunking state. Layer 2 EtherChannels also use VLAN numbers.
LAN ports can form an EtherChannel when they are in different PAgP modes if the modes are compatible. For example:
- A LAN port in desirable mode can form an EtherChannel successfully with another LAN port that is in desirable mode.
- A LAN port in desirable mode can form an EtherChannel with another LAN port in auto mode.
- A LAN port in auto mode cannot form an EtherChannel with another LAN port that is also in auto mode, because neither port will initiate negotiation.
Information about IEEE 802.3ad LACP EtherChannel Configuration
LACP supports the automatic creation of EtherChannels by exchanging LACP packets between LAN ports. LACP packets are exchanged only between ports in passive and active modes.
The protocol learns the capabilities of LAN port groups dynamically and informs the other LAN ports. Once LACP identifies correctly matched Ethernet links, it facilitates grouping the links into an EtherChannel. The EtherChannel is then added to the spanning tree as a single bridge port.
Both the passive and active modes allow LACP to negotiate between LAN ports to determine if they can form an EtherChannel, based on criteria such as port speed and trunking state. Layer 2 EtherChannels also use VLAN numbers.
LAN ports can form an EtherChannel when they are in different LACP modes as long as the modes are compatible. For example:
- A LAN port in active mode can form an EtherChannel successfully with another LAN port that is in active mode.
- A LAN port in active mode can form an EtherChannel with another LAN port in passive mode.
- A LAN port in passive mode cannot form an EtherChannel with another LAN port that is also in passive mode, because neither port will initiate negotiation.
LACP uses the following parameters:
- LACP system priority—You must configure an LACP system priority on each switch running LACP. The system priority can be configured automatically or through the CLI (see the “Configuring the LACP System Priority and System ID” section). LACP uses the system priority with the switch MAC address to form the system ID and also during negotiation with other systems.
Note The LACP system ID is the combination of the LACP system priority value and the MAC address of the switch.
- LACP port priority—You must configure an LACP port priority on each port configured to use LACP. The port priority can be configured automatically or through the CLI (see the “Configuring Channel Groups” section). LACP uses the port priority with the port number to form the port identifier. LACP uses the port priority to decide which ports should be put in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating.
- LACP administrative key—LACP automatically configures an administrative key value equal to the channel group identification number on each port configured to use LACP. The administrative key defines the ability of a port to aggregate with other ports. A port’s ability to aggregate with other ports is determined by these factors:
– Port physical characteristics, such as data rate, duplex capability, and point-to-point or shared medium
– Configuration restrictions that you establish
On ports configured to use LACP, LACP tries to configure the maximum number of compatible ports in an EtherChannel, up to the maximum allowed by the hardware (eight ports). If LACP cannot aggregate all the ports that are compatible (for example, the remote system might have more restrictive hardware limitations), then all the ports that cannot be actively included in the channel are put in hot standby state and are used only if one of the channeled ports fails. You can configure an additional 8 standby ports (total of 16 ports associated with the EtherChannel).
Information about LACP 1:1 Redundancy
The LACP 1:1 redundancy feature supports an EtherChannel configuration with one active link and fast switchover to a hot standby link. The link connected to the port with the lower port priority number (and therefore a higher priority) will be the active link, and the other link will be in a hot standby state. If the active link goes down, LACP performs fast switchover to the hot standby link to keep the EtherChannel up. When the failed link becomes operational again, LACP performs another fast switchover to revert to the original active link.
Information about Port Channel Interfaces
A port-channel interface bundles multiple physical links into a channel group to create a single logical link. You can configure a maximum of 512 port-channel interfaces, numbered from 1 to 512 in VSS mode. In the stand-alone, the max number of port channel interfaces is 256, numbered from 1 to 256. The configuration that you apply to the port channel interface affects all LAN ports assigned to the port channel interface.
You can create port channels directly by creating the port channel interface, or you can create a channel group that acts to aggregate individual ports into a bundle. When you associate an interface with a channel group, a matching port channel automatically create if the port channel does not already exist. In this instance, the port channel assumes the Layer 2 configuration of the first interface. You can also create the port channel first.
After you configure a port channel, the configuration that you apply to the port channel interface affects the port channel member ports. The configuration that you apply to the member ports affects only the member port where you apply the configuration. Any configuration changes that you apply to the port channel is applied to every member interface of that port channel.
Information about Load Balancing
An EtherChannel balances the traffic load across the links in an EtherChannel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel.
EtherChannel load balancing can use MAC addresses or IP addresses. EtherChannel load balancing can also use Layer 4 port numbers. EtherChannel load balancing can use either source or destination or both source and destination addresses or ports. The selected mode applies to all EtherChannels configured on the switch. EtherChannel load balancing can use MPLS Layer 2 information.
Use the option that provides the balance criteria with the greatest variety in your configuration. For example, if the traffic on an EtherChannel is going only to a single MAC address and you use the destination MAC address as the basis of EtherChannel load balancing, the EtherChannel always chooses the same link in the EtherChannel; using source addresses or IP addresses might result in better load balancing.
Default Settings for EtherChannels
How to Configure EtherChannels
- Configuring Port Channel Logical Interfaces
- Configuring Channel Groups
- Configuring the LACP System Priority and System ID
- Configuring EtherChannel Load Balancing
- Configuring the EtherChannel Hash-Distribution Algorithm
- Configuring the EtherChannel Min-Links Feature
- Configuring LACP 1:1 Redundancy
- Configuring LACP Port-Channel Standalone Disable
Note Make sure that the LAN ports are configured correctly (see the “Restrictions for EtherChannels” section).
Configuring Port Channel Logical Interfaces
Note To move an IP address from a Layer 3 LAN port to an EtherChannel, you must delete the IP address from the Layer 3 LAN port before configuring it on the port channel logical interface.
To create a port channel interface for a Layer 3 EtherChannel, perform this task:
|
|
|
---|---|---|
The group_number can be 1 through 256, up to a maximum of 256 port-channel interfaces in standalone mode. In VSS-mode the group number can be through 1 through 512, up to a maximum of 512 port channel-interfaces.This example shows how to create port channel interface 1:
This example shows how to verify the configuration of port channel interface 1:
Configuring Channel Groups
Note For Cisco IOS to create port channel interfaces for Layer 2 EtherChannels, the Layer 2 LAN ports must be connected and functioning.
To configure channel groups, perform this task for each LAN port:
|
|
|
---|---|---|
Ensures that there is no IP address assigned to the LAN port. |
||
(Optional) On the selected LAN port, restricts the channel-group command to the EtherChannel protocol configured with the channel-protocol command. |
||
Router(config-if)# channel-group group_number mode { active | auto | desirable | on | passive } |
Configures the LAN port in a port channel and specifies the mode (see Table 1-1). group_number : The port channel associated with this channel group is automatically created if the port channel does not already exist. mode : PAgP supports only the auto and desirable modes. LACP supports only the active and passive modes. |
|
(Optional for LACP) Valid values are 1 through 65535. Higher numbers have lower priority. The default is 32768. |
||
Router(config-if)# do show interface port-channel group_number |
(Optional) Displays the interface configuration information of the specified port channel. Note: The output of this command shows that the newly created port channel interface will be in shutdown state. |
|
Brings the port channel and its members up and all the configuration changes that you apply to the port channel is applied to every member interface of that port channel. |
||
This example shows how to configure Gigabit Ethernet ports 5/6 and 5/7 into port channel 2 with PAgP mode desirable :
Note See the “How to Configure a Range of Interfaces” section on page 11-2 for information about the range keyword.
This example shows how to verify the configuration of port channel interface 2:
This example shows how to verify the configuration of Gigabit Ethernet port 5/6:
This example shows how to verify the configuration of port channel interface 2 after the LAN ports have been configured:
Configuring the LACP System Priority and System ID
The LACP system ID is the combination of the LACP system priority value and the MAC address of the switch.
To configure the LACP system priority and system ID, perform this task:
|
|
|
---|---|---|
(Optional for LACP) Valid values are 1 through 65535. Higher numbers have lower priority. The default is 32768. |
||
This example shows how to configure the LACP system priority:
This example shows how to verify the configuration:
The system priority is displayed first, followed by the MAC address of the switch.
Configuring EtherChannel Load Balancing
To configure EtherChannel load balancing, perform this task:
|
|
|
---|---|---|
(Optional) Enables the ability to specify the load-balancing method on a per-module basis. |
||
Router(config)# port-channel load-balance method [ module slot ] |
Configures the EtherChannel load-balancing method. The method is globally applied to all port channels. Optionally, you can configure the load-balancing method for a specific module. The default method is src-dst-ip. |
|
The load-balancing method keywords indicate the following information:
- dst-ip —Destination IP addresses
- dst-mac —Destination MAC addresses
- dst-mixed-ip-port —Destination IP address and TCP/UDP port
- dst-port —Destination Layer 4 port
- mpls —Load balancing for MPLS packets
- src-dst-ip —(Default) Source and destination IP addresses
- src-dst-mac —Source and destination MAC addresses
- src-dst-mixed-ip-port —Source and destination IP address and TCP/UDP port
- src-dst-port —Source and destination Layer 4 port
- src-ip —Source IP addresses
- src-mac —Source MAC addresses
- src-mixed-ip-port —Source IP address and TCP/UDP port
- src-port —Source Layer 4 port
- vlan-dst-ip —VLAN number and destination IP address
- vlan-dst-mixed-ip-port —VLAN number and destination IP address and TCP/UDP port
- vlan-src-dst-ip —VLAN number and source and destination IP address
- vlan-src-dst-mixed-ip-port —VLAN number and source and destination IP address and TCP/UDP port
- vlan-src-ip —VLAN number and source IP address
- vlan-src-mixed-ip-port —VLAN number and source IP address and TCP/UDP port
The optional module keyword allows you to specify the load-balancing method for a specific module. This capability is supported only on DFC-equipped switching modules. You must enable per-module load balancing globally before configuring the feature on a module.
This example shows how to configure EtherChannel to use source and destination IP addresses:
Router(config)# port-channel load-balance src-dst-ip
Router(config)# end
This example shows how to verify the configuration:
Source XOR Destination IP address
Configuring the EtherChannel Hash-Distribution Algorithm
When you add a port to an EtherChannel or delete a port from an EtherChannel, the fixed algorithm updates the port ASIC for each port in the EtherChannel, which causes a short outage on each port.
The default adaptive algorithm does not need to update the port ASIC for existing member ports. You can configure a global value for the adaptive algorithm. You can also specify the algorithm for individual port channels.
When you change the algorithm, the change is applied at the next member link event (link down, link up, addition, deletion, no shutdown, and shutdown). When you enter the command to change the algorithm, the command console issues a warning that the command does not take effect until the next member link event.
Note ● Some external devices require the fixed algorithm. For example, the service control engine (SCE) requires incoming and outgoing packets to use the same port.
- If you change the load-balancing method, EtherChannel ports on DFC-equipped switching modules or on an active supervisor engine in a dual supervisor engine configuration will flap.
Configuring the Hash-Distribution Algorithm Globally
To configure the load-sharing algorithm globally, perform this task:
|
|
|
---|---|---|
Router(config)# port-channel hash-distribution { adaptive | fixed } |
||
This example shows how to globally set the hash distribution to adaptive:
Configuring the Hash-Distribution Algorithm for a Port Channel
To configure the hash-distribution algorithm for a specific port channel, perform this task:
|
|
|
---|---|---|
Router(config-if)# port-channel port hash-distribution { adaptive | fixed } |
||
This example shows how to set the hash distribution algorithm to adaptive on port channel 10:
Configuring the EtherChannel Min-Links Feature
The EtherChannel min-links feature is supported on LACP EtherChannels. This feature allows you to configure the minimum number of member ports that must be in the link-up state and bundled in the EtherChannel for the port channel interface to transition to the link-up state. You can use the EtherChannel min-links feature to prevent low-bandwidth LACP EtherChannels from becoming active. This feature also causes LACP EtherChannels to become inactive if they have too few active member ports to supply your required minimum bandwidth. In addition, when LACP max-bundle values are specified in conjunction with min-links, the configuration is verified and an error message is returned if the min-links value is not compatible with (equal to or less than) the max-bundle value.
To configure the EtherChannel min-links feature, perform this task:
|
|
|
---|---|---|
Configures the minimum number of member ports that must be in the link-up state and bundled in the EtherChannel for the port channel interface to transition to the link-up state. |
||
Note Although the EtherChannel min-links feature works correctly when configured only on one end of an EtherChannel, for best results, configure the same number of minimum links on both ends of the EtherChannel.
This example shows how to configure port channel interface 1 to be inactive if fewer than two member ports are active in the EtherChannel:
Configuring LACP 1:1 Redundancy
To configure the LACP 1:1 redundancy feature, perform this task:
|
|
|
---|---|---|
Enables the LACP 1:1 redundancy feature on the EtherChannel. |
||
Sets the maximum number of active member ports to be one. The only value supported with LACP 1:1 redundancy is “1”. |
||
Note LACP 1:1 redundancy must be enabled at both ends of the LACP EtherChannel.
This example shows how to configure an LACP EtherChannel with 1:1 redundancy. Because Gigabit Ethernet port 5/6 is configured with a higher port priority number (and therefore a lower priority) than the default of 32768, it will be the standby port.
Configuring LACP Port-Channel Standalone Disable
To disable the standalone EtherChannel member port state on a port channel (see Table 1-2), perform this task on the port channel interface:
|
|
|
---|---|---|
This example shows how to disable the standalone EtherChannel member port state on port channel 42:
This example shows how to verify the configuration:
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html
Participate in the Technical Documentation Ideas forum