Presentation is loading. Please wait.

Presentation is loading. Please wait.

VLAN Design Etherchannel. Review: Private VLANS  Used by Service providers to deploy host services and network access where all devices reside in the.

Similar presentations


Presentation on theme: "VLAN Design Etherchannel. Review: Private VLANS  Used by Service providers to deploy host services and network access where all devices reside in the."— Presentation transcript:

1 VLAN Design Etherchannel

2 Review: Private VLANS  Used by Service providers to deploy host services and network access where all devices reside in the same subnet but only communicate to a default gateway, backup servers, or another network.  Catalyst 6500/4500/3650 switches implement private PVLANs, whereas the 2950 and 3550 support “protected ports,” which is functionality similar to PVLANs on a per- switch basis.  Advantages of pVLANs include: 1. Provides Security 2. Reduces the number of IP subnets 3. Reduces the VLANs’ utilisation by isolating traffic between network devices residing in the same VLAN

3 Private VLANs R1 Fa0/1 Fa0/2 Fa0/3 Primary VLAN 100 (Promiscuous) Secondary VLAN 10 (Community) Fa0/4 Fa0/5 Fa0/6 Fa0/7 Secondary VLAN 20 (Community) Secondary VLAN 30 (Isolated) No Yes No 192.168.10.1/24 192.168.10.2/24 192.168.10.3/24 192.168.10.4/24 192.168.10.5/24 192.168.10.6/24 192.168.10.7/24

4 Private VLAN Configuration  DLS2(config)#vtp mode transparent  DLS2(config)#vlan 10  DLS2(config-vlan)#private-vlan community  DLS2(config)#vlan 20  DLS2(config-vlan)#private-vlan community  DLS2(config)#vlan 30  DLS2(config-vlan)#private-vlan isolated  DLS2(config-vlan)#exit  DLS2(config)#vlan 100  DLS2(config-vlan)#private-vlan primary  DLS2(config-vlan)#private-vlan association 10,20,30 Create Private VLANs:

5 Private VLAN Configuration  DLS2(config)#int fa0/1  DLS2(config)# switchport mode private-vlan promiscuous  DLS2(config)# switchport private-vlan mapping 100 10,20,30  DLS2(config)# int fa0/2  DLS2(config)# switchport mode private-vlan host  DLS2(config)# switchport private-vlan host-association 100 10 Populate Private VLANs: Verify Private VLANs: S1#show vlan private-vlan S1#show interface switchport fa0/2

6 All the links between access and distribution switches are bundled into EtherChannel and in forwarding mode. Link Aggregation With EtherChannel EtherChannel is a technology that was originally developed by Cisco as a LAN switch-to-switch technique of grouping several Fast or Gigabit Ethernet ports into one logical channel. STP with no EtherChannel STP with EtherChannel

7 Link Aggregation With EtherChannel S1S3 S2 Allows for the creation of a very-high- bandwidth logical link Load balances amongst the physical links involved Provides automatic failover Simplifies subsequent logical configuration (configuration is per logical link instead of per physical link) EtherChannel bundles individual Ethernet links into a single logical link that provides bandwidth up to 1600 Mbps (Fast EtherChannel, full duplex) or 16 Gbps (Gigabit EtherChannel) between two Cisco Catalyst switches. All interfaces in each EtherChannel must be the same speed and duplex, and both ends of the channel must be configured as either a Layer 2 or Layer 3 interface.

8 EtherChannel Load Balancing S1S3 S2 Po1 Po2Po3 S1(config)#port-channel load-balance src-dst-port EtherChannel balances the traffic load across the links in a channel by XORing last part of the addresses in the frame to a numerical value that selects one of the links in the channel. EtherChannel load balancing on L2-only switches can use either source-MAC or destination-MAC address forwarding. src-mac: Source MAC address dst-mac: Destination MAC address src-dst-mac: Source and destination MAC addresses src-ip: Source IP address dst-ip: Destination IP address src-dst-ip: Source and destination IP addresses (default) src-port: Source TCP/User Datagram Protocol (UDP) port dst-port: Destination TCP/UDP port src-dst-port: Source and destination TCP/UDP ports Fa0/1 Fa0/2

9 Configuring EtherChannel  Cisco’s proprietary Port Aggregation Protocol (PAgP) and the IEEE standard Link Aggregation Protocol (LACP) automatically create bundled Ethernet links.  PAgP packets are sent between Fast EtherChannel-capable ports in order to negotiate the forming of a channel. When PAgP identifies matched Ethernet links, PAgP groups the links into an EtherChannel. The EtherChannel is then added to the spanning tree as a single bridge port.  Link Aggregation Control Protocol (LACP) is part of an IEEE specification (802.3ad) that allows several physical ports to be bundled together to form a single logical channel. LACP allows a switch to negotiate an automatic bundle by sending LACP packets to the peer.  LACP performs a similar function as Port Aggregation Protocol (PAgP) with Cisco EtherChannel. Because LACP is an IEEE standard, it can be used to facilitate EtherChannels in mixed switch environments.

10 EtherChannel Configuration Commands PAgP LACP

11 EtherChannel support: no requirement that interfaces in the EtherChannel be physically contiguous or on the same module. Speed and duplex: Configure all interfaces in an EtherChannel to operate at the same speed and in the same duplex mode. Switched port analyzer (SPAN): An EtherChannel does not form if one of the interfaces is a SPAN destination port. Layer 3 EtherChannels: Assign Layer 3 addresses to the port-channel logical interface, not to the physical interfaces in the channel. VLAN match: All interfaces in the EtherChannel bundle must be assigned to the same VLAN or be configured as a trunk. Range of VLANs: An EtherChannel supports the same allowed range of VLANs on all the interfaces in a trunking Layer 2 EtherChannel. STP path cost: Interfaces with different STP port path costs can form an EtherChannel as long as they are otherwise compatibly configured. Port channel vs interface configuration: any configuration that applied to the port-channel interface affects the EtherChannel. Any configuration applied to the physical interfaces affects only the specific interface. EtherChannel Considerations

12 Link Aggregation With PAgP S1S3 S2 Po1 Po2Po3 S1(config-if-range )#interface range fa0/1 – 2 S1(config-if-range )#channel-protocol pagp S1(config-if-range )#channel-group 1 mode on S1#sh etherchannel summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+------------------------------------------- 1 Po1(SU) PAgP Fa0/1(P) Fa0/2(P) Fa0/1 Fa0/2

13 Link Aggregation With PAgP S1S3 S2 Po1 Po2Po3 S1#sh etherchannel summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+------------------------------------------- 1 Po1(RU) PAgP Fa0/1(P) Fa0/2(P) Fa0/1 Fa0/2 S1(config)# interface range fa0/1 - 2 S1(config-if-range)# no switchport S1(config-if-range)# channel-group 1 mode desirable S1(config-if-range)# interface port-channel 1 S1(config-if)# no switchport S1(config-if)# ip address 10.0.0.1 255.255.255.0

14 S2S1 Po1 Link Aggregation With LACP Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/1 Fa0/2 Fa0/3 Fa0/4 S1(config)# lacp system-priority 100 S1(config-if-range )#interface range fa0/1 – 2 S1(config-if-range )#channel-protocol lacp S1(config-if-range )#channel-group 1 mode active S1(config-if-range )#lacp port-priority 100 S1(config-if-range )# interface range fa0/3-4 S1(config-if-range )#channel-protocol lacp S1(config-if-range )#channel-group 1 mode active Default System Priority = 32768 LACP requires one switch to make all the decisions about the LACP channels. This is based on the lowest MAC address if default system priority is not configured.


Download ppt "VLAN Design Etherchannel. Review: Private VLANS  Used by Service providers to deploy host services and network access where all devices reside in the."

Similar presentations


Ads by Google