2.9 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel: Static, PAgP, LACP

Welcome back, I just finished my lunch. Do some facebooking and whooah! I just read a job post for NOC engineer in Concentrix-Google and the salary really motivates me. It’s not because I chase after money but then I just would like to maximize my skill potential and as well pocket potential. The job requirements needs to have at least 1 year network-related experience preferably with ISP( I said aha!, I will just use my company for experience, just kidding) and other requirements are deep knowledge with OSPF,BGP, ISIS, MPLS, LACP and etc.

And there you go! We will be dealing with PAgP and LACP. Since the concept is just very easy, we will be dealing with configuration as well and also so that we can have a review with other STP concepts.

 

I have here a network topology that we will configure etherchannel later. As you can see, we implement redundancy in the event of link failure. STP is enabled by default to prevent broadcast storm. I also configured portfast and BPDU guard for immediate transitioning of ports from blocking to forwarding state since those ports doesn’t cause switching loops. But the number one issue once again is the convergence time of STP.  Remember STP runs either 50 seconds or 19 seconds for RSTP. Our primary goal is to implement IMMEDIATE action as if we don’t feel any network failure in the event it happen so. Always remember that if you are a gamer and just 5 second delay in the network may cause you’re gaming status( MMR) down. This also applies even in corporate networks. Etherchannel or link aggregation is the solution for this. According to Merriam-Webster, aggregation means collection of units or particles into a body, mass, or amount. As a networking term, this refers to bundling of two links resulting to less downtime due to STP convergence and also to increase the speed of the network.

snnnn

Before we go to configuration, I have here a switch to switch network wherein there are redundant links to support network failure. Come to imagine, in the event of network failure, we need to wait for at worst as 50 seconds for the second link to cover up the failing link as it needs to transition from blocking to forwarding state.

LACP anf PAGP are solutions for this.

LACP – Link Aggregation Control Protocol – industry standard

PAGP – Port Aggregation Protocol- Cisco proprietary

There negotiation modes just like DTP trunking negotiation modes which is almost the same for both protocols wherein:

PAGP has auto( again doesn’t send updates or like a dead kid) and desirable ( the active one who would like send updates

LACP has active ( counterpart of desirable) and passive ( counterpart of  auto and the opposite of active

Bundling of links will be enabled with the following bundling negotiation modes are combined:

1.) active to active for LACP

2.) desirable to desirable for PAGP

3.) active to passive ( vice versa) for LACP

4.) auto to desirable ( vice versa) for PAGP

Bundling will not work for the following combination:

1.) Passive to Passive for LACP

2.) Auto to Auto for PAGP

Bundling mode to turn off negotiation protocol is ON\

it means that it will not use any protocol( LACP and PAGP)

 

Configuration:

12-24a

What I did are the following:

1.) Configure PVST first just for VLAN 1 and make SW2 as primary root bridge and SW1 as secondary root bridge.

2.) Configure Portfast and BPDU guard for SW1 and SW3 port which are connected to PC0 and PC1 respectively

3.) Assign IP addresses to PC0 and PC1.

PC0 192.168.1.5

PC1 192.168.1.10

Primary Configuration:

 

enable
conf t
line console 0
password cisco
logging sync
exec-timeout 20 30
login
exit
line vty 0 15
password cisco
logging sync
exec-timeout 20 30
login
exit
hostname SW2
enable secret class
service password-encryption
no ip domain-lookup
banner motd “AUTHORIZED ACCESS ONLY”
do wr

vtp version 2
vtp domain CCNA
vtp password FAST
vtp mode server
!
vtp version 2
vtp domain CCNA
vtp password FAST
vtp mode client

en
conf t
vlan 5
name cisco5
exit
en
conf t
vlan 10
name cisco10
exit

en
conf t
vlan 15
name cisco15
exit

@W1
en
conf t
int range fa 0/1-4
switchport mode trunk
switchport trunk allowed vlan 1,5,10,15,20,25,30,35,40,45
exit

@2
en
conf t
int range fa 0/9-10
switchport mode trunk
switchport trunk allowed vlan 1,5,10,15,20,25,30,35,40,45
exit
en
conf t
int range fa 0/5-6
switchport mode trunk
switchport trunk allowed vlan 1,5,10,15,20,25,30,35,40,45
exit
@3
en
conf t
int range fa 0/7-10
switchport mode trunk
switchport trunk allowed vlan 1,5,10,15,20,25,30,35,40,45
exit
@S1
en
conf t
int fa 0/5
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
exit

@s3

en
conf t
int fa 0/1
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
exit

 
@ SW2
en
conf t
spanning-tree vlan 1 root primary
exit

@SW1
en
conf t
spanning-tree vlan 1 root secondary
exit

Verify:

a.)SW2 as primary root bridge and SW1 as secondary root bridge.

12-24c.PNG

12-24e

12-24d.PNG

2.) Verify configuration of Portfast and BPDU guard for SW1 and SW3 port which are connected to PC0 and PC1 respectively

12-24f.PNG

12-24g

 

3.) Verify:

Assign IP addresses to PC0 and PC1.

PC0 192.168.1.5

PC1 192.168.1.10

 

12-24h.PNG

12-24j

Alright, so let me just highlight the need of link aggregation, you will see below the port designation of SW3

 

You will see that the highlighted interfaces fa 0/1 is the one connected to PC and fa 0/9 is the root port of SW3, we will shut fa 0/9 and check what will happen, our goal is to have a successful ping from PC0 to PC1

12-24l

 

Successful Ping from PC0 to PC1

 

 

12-24n.PNG

shutting interface fa0/9 –> the main path from PC0 to PC1 but apologies from the mistake on labeling

The highlighted one should be 192.168.1.10

12-24o

We will shut fa 0/9

12-24p.PNG

Recovery:

12-24q.PNG

It only shows that I have no talent with timing hahahha. When we shut the interface, based on the image above, it takes more than 20 seconds for the response to get back, but theoretically , it takes 20 seconds, im not just good with timing. hehehehhe

 

 

*******************************************************

LACP AND PAGP configuration

12-24r.PNG

In configuration of LACP and PAGP, we assign port channels containing the bundled interfaces, and the negotiation mode of that port whether it is active/desirable or passive/auto. Be reminded that bundling of interfaces will take effect so long that one of the logical port interfaces that we configured is either active or desirable.

LACP configuration @ SW1
conf t
int range fa 0/1-2
shutdown
! it is the best practice to turn off first the interface !because it may lead for the etherchannel not to turn on
channel-protocol lacp
! syntax for setting the protocol
channel-group 1 mode active
! syntax for creating port channel 1 and setting the !negotiation mode
no shut
exit
verify:

show etherchannel summary

12-24s

If you will understand what you see on the show commands above, you will see above the legend S and D stands for layer 2 and down status  which are the status of PO1 or port channel 1 because the other end is not yet configured. You will see as well ” I” as stand-alone for interfaces fa 0/1 and fa 0/2 which means that those interfaces are not yet bundled.

Let’s continue the configuration:

@SW2

conf t
int range fa 0/5-6
shutdown
! it is the best practice to turn off first the interface !because it may lead for the etherchannel not to turn on
channel-protocol lacp
! syntax for setting the protocol
channel-group 1 mode passive
! syntax for creating port channel 1 and setting the !negotiation mode
no shut
exit

verify :

12-24u

And there you go, we see that Po1 is u p and interfaces fa 0/5 and fa0/6 are now in in-port channel which means that they are bundled in port 1

12-24v

Going back to SW1 above, we would see the existence of Po1 and as well fa0/1 and fa 0/2 are already removed because they are bundled as Po1.

PAgP configuration:

@ SW1 PAgP desirable

conf t
int range fa 0/3-4
shutdown
! it is the best practice to turn off first the interface !because it may lead for the etherchannel not to turn on
channel-protocol pagp
! syntax for setting the protocol
channel-group 2 mode desirable
! syntax for creating port channel 1 and setting the !negotiation mode
no shut
exit

@SW2 PAgP auto

conf t
int range fa 0/7-8
shutdown
! it is the best practice to turn off first the interface !because it may lead for the etherchannel not to turn on
channel-protocol pagp
! syntax for setting the protocol
channel-group 2 mode auto
! syntax for creating port channel 1 and setting the !negotiation mode
no shut
exit

 

Verification commands:

sh etherchannel summary

sh vlan br

sh interfaces trunk

 

12-24w

12-24x.PNG

 

12-24y

Lastly, configuring the last link on “ON”status, it means that it will not use any protocol( LACP and PAGP)

@SW2
conf t
int range fa 0/9-10
shutdown
channel-group 4 mode ON
no shut
exit

@SW3
conf t
int range fa 0/9-10
shutdown
channel-group 5 mode ON
no shut
exit

Validation:

12-24z

12-24za

If you observed that on SW2, there is port1, it was because I added port 1 during the configuration and realize that it is incorrect, anyways it is down and no other interfaces bundled.

Allright, so let’s try to check the significance of etherchannel to reduce convergence time. We did a while ago that we shut fa 0/9 which is the root port or the path of PC0 to PC1, we will do the same thing with the ethechannel configuration. Game!

12-24ze.PNG

ping command was set on the image above

12-24zf.PNG

Apologies, it must be shut instead of no shut because I would like to turn off int fa 0/9

12-24zg.PNG

On the image above, we see that there are no changes when we turned off the interface.

 

12-24zhk

After almost 30 seconds since we turned off the interface, there are no changes.

12-24zh.PNG

We waited for about minute but still there are no changes.

12-24zm

Just to prove that I am not fooling you, heheheh, on port 5, the interface fa0/9 is down.

*********************End of Blog- Merry Christmas***************************

 

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s