LACP port-channel down but Individual ports up

Similar Messages

• Port-channel "bouncing" but physical ports are not

  Refer to the attached PDF for topology diagram and configuration information.
  Here's the issue.  According to the logs on DC2-5548-P1 and DC2-5548-P2, port-channels Po3107 and Po3108 are going down numerous times.  However, in the same timeframe, the physical interfaces are not reporting any down/up events at all.  This issue began just a few days ago.  Before that, the systems were operating fine.
  NOTE: Po29 is the vPC peer link between P1 and P2.
  UPDATE:  I totally missed this in the logs somehow but the 5Ks are showing that the physical ports are bouncing.  "show interface" output shows the "interface reset" counter incrementing on the physical ports.  This problem started in two separate environments 9 minutes apart at approx 01:52 AM on the 16th of March.  I'm wondering if there was a power event of some sort which caused physical damage to the hosts.  Seems kind of odd that 3 servers started having similar issues within 9 minutes of each other in two 5K environments.

  Hi,
  Putting the EtherChannel to the "on" mode will force the ports to become bundled unconditionally but the true problem, then, is truly seeing if it works. The Cisco switch will happily keep the ports bundled and will even transmit data over these ports but how do we know if Oracle is happy with that and does the same?
  Personally, I would not recommend using the "on" mode precisely because of lack of any indication that things are operating just as they should, unless it can be shown without doubts that Oracle runs without LACP and uses a static EtherChannel.
  Best regards,
  Peter

• Lacp port channel shows down on one 5k

  I got one side of my lacp port channel down.
  the topology is shown but the left side is showing down
  20    Po20(SD)    Eth      LACP      Eth1/5(s)    Eth1/6(s) 
  # sh int port-channel 20
  port-channel20 is down (No operational members)
    Hardware: Port-Channel, address: 547f.eebb.644d (bia 547f.eebb.644d)
    Description: **To-VA-7004**
    MTU 1500 bytes, BW 100000 Kbit, DLY 10 usec
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA
    Port mode is trunk
    auto-duplex, 10 Gb/s
    Input flow-control is off, output flow-control is off
    Switchport monitor is off 
    EtherType is 0x8100 
    Members in this channel: Eth1/5, Eth1/6
    Last clearing of "show interface" counters never
    30 seconds input rate 80 bits/sec, 0 packets/sec
    30 seconds output rate 176 bits/sec, 0 packets/sec
    Load-Interval #2: 5 minute (300 seconds)
      input rate 112 bps, 0 pps; output rate 288 bps, 0 pps
    RX
      4286 unicast packets  785765 multicast packets  1493093 broadcast packets
      2283144 input packets  248607161 bytes
      13 jumbo packets  0 storm suppression bytes
      0 runts  0 giants  0 CRC  0 no buffer
      0 input error  0 short frame  0 overrun   0 underrun  0 ignored
      0 watchdog  0 bad etype drop  0 bad proto drop  0 if down drop
      0 input with dribble  0 input discard
      0 Rx pause
    TX
      0 unicast packets  3397636 multicast packets  0 broadcast packets
      3397636 output packets  399463036 bytes
      0 jumbo packets
      0 output errors  0 collision  0 deferred  0 late collision
      0 lost carrier  0 no carrier  0 babble 0 output discard
      0 Tx pause
    2 interface resets
  sh run interface port-channel 20 membership 
  !Command: show running-config interface port-channel20 membership
  !Time: Mon Feb  2 23:04:37 2015
  version 5.1(3)N2(1b)
  interface port-channel20
    description **To-VA-7004**
    switchport mode trunk
    switchport trunk allowed vlan 1,200-202,251
  interface Ethernet1/5
    description **TO-VA-7004-ETH3/45**
    switchport mode trunk
    switchport trunk allowed vlan 1,200-202,251
    channel-group 20 mode active
  interface Ethernet1/6
    description **To-VA-7004-ETH4/46**
    switchport mode trunk
    switchport trunk allowed vlan 1,200-202,251
    channel-group 20 mode active
  but on the right side everything is up, 
  20    Po20(SU)    Eth      LACP      Eth1/5(P)    Eth1/6(P) 

  It seems have a problem on interfaces => 20    Po20(SD)    Eth      LACP      Eth1/5(s)    Eth1/6(s) 
  Can you share us the status about interfaces 1/5 - 6 & 3/45, 4/45 of 7k?
  Do you have configured per Ethernet interfaces or on the Po ?

• Port-channel L2 problem with Fabric Interconnect and Nexus 7010

  Hi,
  i using port-channel from both fabric interconnect to N7k with 3 cables per Fabric Interconnect.
  but, my problem is when i creating port-channel, Fabric Interconnect don't support mode ON dan rate-mode share in Interface 10G Nexus 7010.
  I was trying :
  1. I using non dedicated port in Nexus 7010.
        - rate-mode share
        - channel-group 1 mode active
        - switchport mode trunk
  when i using this option, the port-channel in Nexus 7010 was suspended
  2. I using non dedicated port in Nexus 7010
       - rate-mode share
       - channel group 1 mode on
       - switchport mode trunk
  when i using this option, the port-channel in Nexus 7010 was came up, but in Fabric interconnect was failed.
  3. I using dedicated port in Nexus 7010
       - rate-mode share
       - channel group 1 mode active
       - switchport mode trunk
  when i using this option, the port-channel in Nexus 7010 was suspended
  4. I using dedicated port in Nexus 7010
       - rate-mode dedicated
       - channel group 1 mode active
       - switchport mode trunk
  when i using this option, the port-channel in Nexus 7010 was came up and running well.
  but, the problem is my costumer do not want using a dedicated rate-mode. if i using dedicated mode the only available port is 8 interfaces instead of 32 ports. i want to using rate-mode share in nexus 7010.
  is there any way to configuring port-channel using mode on in fabric interconnect ? i was trying using CLI to create port-channel in Fabric interconect but i cannot configure the channel group protocol.
  i attach the topology of N7K with Fabric interconnect.
  regards,
  Berwin H

  Hi Manish,
  the issue was solved, i was fix it last week.
  the solution is:
  i enable the license grace-priode (since my license is Enterprise so cannot create VDC) then i create a VDC (ex: VDC 2)  so i allocate the interface on all module
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin-top:0cm;
  mso-para-margin-right:0cm;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0cm;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  N7K-M132XP-12 to VDC 2. after that i delete VDC 2 then all interface back to VDC 1 (default vdc). then i enable the rate-mode share in dedicated port and bundle into port-channel and its working.
  i dont know why it must move to VDC first then it will working, maybe cisco can explain the reasons.
  So here the result of my port-channel :
  SVRN7KFARM-HO-01# show port-channel summary
  Flags:  D - Down        P - Up in port-channel (members)
          I - Individual  H - Hot-standby (LACP only)
          s - Suspended   r - Module-removed
          S - Switched    R - Routed
          U - Up (port-channel)
  Group Port-       Type     Protocol  Member Ports
        Channel
  1     Po1(SU)     Eth      LACP      Eth1/1(P)    Eth1/2(P)    Eth1/3(P)
                                       Eth1/4(P)    Eth1/25(P)  
  2     Po2(SU)     Eth      LACP      Eth1/9(P)    Eth1/10(P)   Eth1/11(P)
                                       Eth1/12(P)   Eth1/26(P)  
  3     Po3(SU)     Eth      LACP      Eth1/17(P)   Eth1/18(P)  
  4     Po4(SU)     Eth      NONE      Eth10/32(P)  Eth10/34(P)  Eth10/35(P)
                                       Eth10/36(P)
  Thanks.
  Berwin H

• Etherchannel showing down (SD) and ports are in "I" stand alone state

  Hi,
  Netapp server is connected to switch 6500 via trunk.
  I configured a portchannel but it showing as down.take a look ar below output..
  interface Port-channel248
  description Netapp-server-1 po248
  switchport
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 903
  switchport mode trunk
  switchport nonegotiate
  no ip address
  no shut
  interface GigabitEthernet3/33
  description server-1
    switchport
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 903
  switchport mode trunk
  switchport nonegotiate
  no ip address
  speed 1000
  udld port aggressive
  spanning-tree portfast
  channel-group 248 mode active
  no shut
  interface GigabitEthernet4/33
  description cnndcfasp002a-e5d
    switchport
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 903
  switchport mode trunk
  switchport nonegotiate
  no ip address
  speed 1000
  udld port aggressive
  spanning-tree portfast
  channel-group 248 mode active
  no shut
  Switch-6500#sh etherchannel summary
  Flags:  D - down        P - bundled in port-channel
          I - stand-alone s - suspended
          H - Hot-standby (LACP only)
          R - Layer3      S - Layer2
          U - in use      f - failed to allocate aggregator
          M - not in use, minimum links not met
          u - unsuitable for bundling
          w - waiting to be aggregated
  Number of channel-groups in use: 5
  Number of aggregators:           5
  Group  Port-channel  Protocol    Ports
  ------+-------------+-----------+-----------------------------------------------
  248    Po248(SD)       LACP      Gi3/33(I)  Gi4/33(I) 
  #sh etherchannel detail
  Group: 248
  Group state = L2
  Ports: 2   Maxports = 16
  Port-channels: 1 Max Port-channels = 16
  Protocol:   LACP
  Minimum Links: 0
                  Ports in the group:
  Port: Gi3/33
  Port state    = Up Sngl-port-Bndl Mstr Not-in-Bndl
  Channel group = 248         Mode = Active      Gcchange = -
  Port-channel  = null        GC   =   -         Pseudo port-channel = Po248
  Port index    = 0           Load = 0x00        Protocol =   LACP
  Flags:  S - Device is sending Slow LACPDUs   F - Device is sending fast LACPDUs.
          A - Device is in active mode.        P - Device is in passive mode.
  Local information:
                              LACP port     Admin     Oper    Port        Port
  Port      Flags   State     Priority      Key       Key     Number      State
  Gi3/33    SA      indep     32768         0xF8      0xF8    0x321       0x7D 
  Age of the port in the current state: 0d:02h:04m:58s
  Port: Gi4/33
  Port state    = Up Sngl-port-Bndl Mstr Not-in-Bndl
  Channel group = 248         Mode = Active      Gcchange = -
  Port-channel  = null        GC   =   -         Pseudo port-channel = Po248
  Port index    = 0           Load = 0x00        Protocol =   LACP
  Flags:  S - Device is sending Slow LACPDUs   F - Device is sending fast LACPDUs.
          A - Device is in active mode.        P - Device is in passive mode.
  Local information:
                              LACP port     Admin     Oper    Port        Port
  Port      Flags   State     Priority      Key       Key     Number      State
  Gi4/33    SA      indep     32768         0xF8      0xF8    0x421       0x7D 
  Age of the port in the current state: 0d:02h:04m:58s
                  Port-channels in the group:
  Port-channel: Po248    (Primary Aggregator)
  Age of the Port-channel   = 7d:16h:30m:16s
  Logical slot/port   = 14/3          Number of ports = 0
  Port state          = Port-channel Ag-Not-Inuse
  Protocol            =   LACP
  Any one please let me know what is the issue here...
  Thanks
  Gautham

  Exactly, the 6500 config is fine, probably the NETAPP is not active or passive and it's just ON that won't work
  show lacp 248 neighbor will show if you have a neighbor and if the LACP id is the same on both ports
  Core1#sh lacp 2 neighbor
  Flags:  S - Device is requesting Slow LACPDUs
          F - Device is requesting Fast LACPDUs
          A - Device is in Active mode       P - Device is in Passive mode
  Channel group 2 neighbors
  Partner's information:
            Partner Partner   LACP Partner  Partner   Partner  Partner     Partner
  Port      Flags   State     Port Priority Admin Key Oper Key Port Number Port State
  Gi1/7/10  SA      bndl      32768         0x0       0x1      0x11A       0x3D
  Gi2/7/10  SA      bndl      32768         0x0       0x1      0x31D       0x3D
  cheers

• FWSM Default port channel?

  I'm doing some L2 cleanups across mutliple 6509E environments and I've found something consistent that I can't find in documentation.
  On all my pairs of 6509s where I have FWSMs bundled (6509-A has FWSM-1 is Slot 1 and 6509-B has FWSM-2 in Slot 1) I also have a port channel 305. Obviously when I do a "show run" or "show int desc" I don't see anything in slot one. It's a service module. But the port channel is referencing ports 1/1-6. And it's all in service/up. I was about to delete this as I thought it was some leftover config (TEST 6509s) until I went and saw the same things on our PROD 6509s. Can anyone explain this or provide some documentation on it? Is it cosmetic? Necessary? Can I delete it as part of my audit cleanup? Don't want to mess with it even in TEST without some information. Nothing on google that's clear and I can't find anything on CCO.
  6509-1#sho etherch 305 summ
  Flags:  D - down        P - bundled in port-channel
          I - stand-alone s - suspended
          H - Hot-standby (LACP only)
          R - Layer3      S - Layer2
          U - in use      N - not in use, no aggregation
          f - failed to allocate aggregator
          M - not in use, no aggregation due to minimum links not met
          m - not in use, port not aggregated due to minimum links not met
          u - unsuitable for bundling
          d - default port
          w - waiting to be aggregated
  Number of channel-groups in use: 11
  Number of aggregators:           11
  Group  Port-channel  Protocol    Ports
  ------+-------------+-----------+-----------------------------------------------
  305    Po305(SU)        -        Gi1/1(P)       Gi1/2(P)       Gi1/3(P)      
                                   Gi1/4(P)       Gi1/5(P)       Gi1/6(P)      
  Last applied Hash Distribution Algorithm:   -
  6509-1#sho etherch 305 det 
  Group state = L2
  Ports: 6   Maxports = 8
  Port-channels: 1 Max Port-channels = 1
  Protocol:    -
  Minimum Links: 0
                  Ports in the group:
  Port: Gi1/1
  Port state    = Up Mstr In-Bndl
  Channel group = 305         Mode = On      Gcchange = -
  Port-channel  = Po305       GC   =   -         Pseudo port-channel = Po305
  Port index    = 0           Load = 0x41        Protocol =    -
  Age of the port in the current state: 46d:06h:53m:39s
  Port: Gi1/2
  Port state    = Up Mstr In-Bndl
  Channel group = 305         Mode = On      Gcchange = -
  Port-channel  = Po305       GC   =   -         Pseudo port-channel = Po305
  Port index    = 1           Load = 0x02        Protocol =    -
  Age of the port in the current state: 46d:06h:53m:39s
  Port: Gi1/3
  Port state    = Up Mstr In-Bndl
  Channel group = 305         Mode = On      Gcchange = -
  Port-channel  = Po305       GC   =   -         Pseudo port-channel = Po305
  Port index    = 2           Load = 0x04        Protocol =    -
  Age of the port in the current state: 46d:06h:53m:41s
  Port: Gi1/4
  Port state    = Up Mstr In-Bndl
  Channel group = 305         Mode = On      Gcchange = -
  Port-channel  = Po305       GC   =   -         Pseudo port-channel = Po305
  Port index    = 3           Load = 0x88        Protocol =    -
  Age of the port in the current state: 46d:06h:53m:41s
  Port: Gi1/5
  Port state    = Up Mstr In-Bndl
  Channel group = 305         Mode = On      Gcchange = -
  Port-channel  = Po305       GC   =   -         Pseudo port-channel = Po305
  Port index    = 4           Load = 0x10        Protocol =    -
  Age of the port in the current state: 46d:06h:53m:41s
  Port: Gi1/6
  Port state    = Up Mstr In-Bndl
  Channel group = 305         Mode = On      Gcchange = -
  Port-channel  = Po305       GC   =   -         Pseudo port-channel = Po305
  Port index    = 5           Load = 0x20        Protocol =    -
  Age of the port in the current state: 46d:06h:53m:41s
                  Port-channels in the group:
  Port-channel: Po305
  Age of the Port-channel   = 46d:06h:55m:56s
  Logical slot/port   = 14/11          Number of ports = 6
  GC                  = 0x00000000      HotStandBy port = null
  Port state          = Port-channel Ag-Inuse
  Protocol            =    -
  Fast-switchover     = disabled
  Load share deferral = disabled  
  Ports in the Port-channel:
  Index   Load   Port     EC state        No of bits
  ------+------+------+------------------+-----------
    0     41     Gi1/1    On    2
    1     02     Gi1/2    On    1
    2     04     Gi1/3    On    1
    3     88     Gi1/4    On    2
    4     10     Gi1/5    On    1
    5     20     Gi1/6    On    1
  Time since last port bundled:    46d:06h:53m:41s    Gi1/6
  Last applied Hash Distribution Algorithm:   -
  NOC-SW-ITEST-AGG1#

  The connection between the FWSM and the switch is a 6-GB 802.1Q trunking EtherChannel. This EtherChannel is automatically created when you install the FWSM.
  http://cisconetwork.org.ua/1587051893/ch04lev1sec1.html
  http://www.cisco.com/en/US/docs/security/fwsm/fwsm23/configuration/guide/switch.pdf
  Thanks
  Ajay

• Port-channel Problem between Fabric Interconnect and N7K vPC

  Dear all,
  I have a problem with Port-channel Uplink between Fabric Interconnect with N7K using vPC
  This is my network topology for UCS Deployment
  In N7K I has configured vPC for red link and green link, at Fabric Interconnect A I has configured Port-Channel with member is Port 1 and Port 2, uplink is red link. At Fabric Interconnect B, I has configured Port-Channel with member is Port 1 and Port 2, uplink is green link.
  The show interface port-channel on N7K is good, every port-channel is up and have all member. But At Fabric Interconnnect, when I see on UCS Manager, the status of Port-Channel on Fabic A and Fabric B is fault with Additional Info: No operational member. Although all link is link up and I has status of Port-Channel is enable on UCS Manager. When I see the Properties of Port 1, Port 2 on Port-channel, I see the membership status is : individual. This mean port-channel is not up and no membership in this configuration. I want to using port-channel for load balance and plus more bandwidth for uplink to 20Gig. I don't understand why ?
  Please help me resolve this problem, I has send the capture screen of UCS Manager when I show status of Port-channel and Port-member in port-channel in attach items.
  Anyone can help me to resolve this, thanks you very much. Please reference attach items for more detail about fault.
  Thanks,
  Trung.

  Thanks Matthew very much,
  I has resolved this problem. The reason of problem is miss match protocol of port-channel between N7K and Fabric Interconnect. The Fabric Interconnect always use LACP protocol, but N7K using Port-channel mode on, that why the port-channel failed. I has configured LACP for port-channel in N7K, it has resolved the problems.
  Thanks,
  Trung.

• FC port channels between MDS and UCS FI best practice?

  Hi,
  We would like to create FC port channels between our UCS FI's and MDS9250 switches.
  At the moment we have 2 separate 8Gbps links to the FI's.
  Are there any disadvantages or reasons to NOT do this?
  Is it a best practice?
  Thanks.

  As Walter said, having port-channels is best practice.  Here is a little more information on why.
  Let's take your example of two 8Gbps links, not in a port-channel ( and no static pinning ) for Fibre Channel connectivity:
  Hosts on the UCS get automatically assigned ( pinned ) to the individual uplinks in a round-robin fashion.
  (1)If you have some hosts that are transferring a lot of data, to and from storage, these hosts can end up pinned to the same uplink and could hurt their performance. 
  In a port-channel, the hosts are pinned to the port-channel and not individual links.
  (2)Since hosts are assigned to an individual link, if that link goes down, the hosts now have to log back into the fabric over the existing working link.   Now you would have all hosts sharing a single link. The hosts will not get re-pinned to a link until they leave and rejoin the fabric.  To get them load balanced again would require taking them out of the fabric and adding them back, again via log out, power off, reload, etc...
  If the links are in a port-channel, the loss of one link will reduce the bandwidth of course, but when the link is restored, no hosts have to be logged out to regain the bandwidth.
  Best regards,
  Jim

• FCoE Port Channels on Single Nexus 5K - possible?

  I'm looking for information regarding FCoE on a single Nexus 5548. I'm trying to set up a port channel from a Netapp filer's CNA adapters (2 twinax cables). I was told that for some reason port channels do not work on a single Nexus 5K design (i.e. no vPC), but I didn't know if that meant simply without the use of LACP. I've configured it in both fashions, and it seems that the VFCs do not want to come up, meaning that my filers cannot log in to the SAN. This behavior is what was described to me as what would happen if I tried doing a port channel in this way - basically I've bound the VFCs to the port channels, and since the port channels are composed of ports on the same switch, it just doesn't work. Seems odd that this would bet the case, though it would normally force me to simply buy a second N5K (sneaky sneaky).
  Any tips?

  That's not my issue. I'm using only one Nexus 5K, meaning that if I want to have a port channel running between the 5K and the Netapp filers, I have to bind the virtual fibre channel interfaces to that port channel. I believe that in doing so, when there are more than one links as a member of that port channel, the VFCs simply go down by design and will not come up. For some reason VFCs require to be bound to a single physical interface, whether that interfaces is a single phyiscal port or a port channel that's only configured to have one port in it.
  Either way, I had to configure the Netapp side to be active/passive. I've bound the VFCs to each port (total of 4, so 4 VFCs as well). No port channels are being used on the Nexus side. This is not ideal but it works.
  I would still like to see some documentation regarding the behavior of the VFCs when presented with multiple links in this way. Has anyone seen any documentation regarding this?

• Port Channel over L2 MPLS links

  Hello.
  I was hoping that someone could over some suggestions on best practice or recommendations for configuring port channel to bundle to layer 2 MPLS links that we have.
  We have racks in two geographically separated data centres, each rack has a stack of Cisco 3850 switches, and there are two 100Mbps layer 2 connections linking these stacks together.  The links are provided by our supplier and runs over their core network (I can get more info on their setup if need be).
  I had initially just configured a simple port channel bundling the two ports on "Switch A", and the same on "Switch B".  However I have since noticed that one of the ports was put into error disabled state, and I have my doubts that we ever had 200Mbps throughput over the portchannel.
  The logs showed:
  UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Gix/x/x, aggressive mode failure detected
  %PM-4-ERR_DISABLE: udld error detected on Gix/x/x, putting Gix/x/x in err-disable state
  How I understand is that one of ports recieved an unexpected (or incorrect) BPDU packet, and shut the port down as part of spanning tree process to stop a loop forming.
  For the time being I have removed the port channel config and re-opened all the ports, so I believe one of the ports is now in blocking state.
  Whilst redundancy for these links is great, ideally I would like to have the links bundled so I also get the benefit of higher throughput.
  Any thoughts are greatly appreciated.
  Thank you

  Hi,
  Thank you for your reply and suggestions.  I have been reading up on layer 2 protocol tunnelling and I'm not sure if this will work for us.  According to these guidelines for the catalyst 3550 (http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swtunnel.html#wp1006657) it states:
  •If you enable PAgP or LACP tunneling, we recommend that you also enable UDLD on the interface for faster link-failure detection.
  •Tunneling is not supported on trunk ports. If you enter the l2protocol-tunnel interface configuration command on a trunk port, the command is accepted, but Layer 2 tunneling does not take affect unless you change the port to a tunnel port or an access port.
  •EtherChannel port groups are compatible with tunnel ports when the 802.1Q configuration is consistent within an EtherChannel port group.
  (maybe its a different and is supported on 3850's)
  Also, I cant use layer 3 over this link as I am looking to extend VLANs over the link so devices and virtual machines in each of the datacentre are in the same subnet and broadcast domain.
  I will speak with the supplier to see what they are willing to do.
  Thanks again.

• Dlsw using port channel

  I have 2 dlsw router at head quater office, named dlswA and dlswB.
  From branches router, dlswA is a primary peer and dlswB is a backup peer.
  Both dlswA and B have 2 fast ethernet interfaces.
  The current configuration of dlswA and dlswB are 1 port as IP port and other port as sna/bridge port.
  With this configuration the problem is when SNA port at dlswA problem, then dlsw circuit will have the problem, because dlsw peer from branches still connected to dlswA.
  if I configure 2 fast ethernet port become a port channel. And configure IP and bridge group at port channel interface (IP and SNA at the same interfaces), so when the port channel is down, then branches will connect to dlswB as a backup peer
  Are the port channel configuration will solve the problem ? How about the stability of this configuration?

  Thank Matthias for your reply.
  Both of head end routers are on the same vlan and the host is using same mac address.
  As far as i know if from branch have 2 active peer with cost setup, there will loops posibility because both head end routers are using ethernet with same vlan and same host mac address.
  I test the port channel within my LAB using netbios, seem works as expected. when single port at port channel down, branch circuit still remain at dlswA router, when all port channel member down, the branch peering move to dlswB.
  Here are the config:
  hostname dlswA
  dlsw local-peer peer-id 192.168.255.1 promiscuous
  dlsw bridge-group 1
  interface Port-channel10
  ip address 192.168.255.1 255.255.255.248
  bridge-group 1
  interface FastEthernet0/0
  no ip address
  duplex auto
  speed auto
  channel-group 10
  interface FastEthernet0/1
  no ip address
  duplex auto
  speed auto
  channel-group 10
  end
  hostname dlswB
  dlsw local-peer peer-id 192.168.255.10 promiscuous
  dlsw bridge-group 1
  interface Port-channel11
  ip address 192.168.255.10 255.255.255.248
  bridge-group 1
  interface FastEthernet0/0
  no ip address
  duplex auto
  speed auto
  channel-group 11
  interface FastEthernet0/1
  no ip address
  duplex auto
  speed auto
  channel-group 11
  end
  Hostname Branch
  dlsw local-peer peer-id 172.16.0.1
  dlsw remote-peer 0 tcp 192.168.255.1
  dlsw remote-peer 0 tcp 192.168.255.10 backup-peer 192.168.255.1 linger 0
  dlsw bridge-group 1
  interface Loopback0
  ip address 172.16.0.1 255.255.255.255
  interface FastEthernet0/1
  no ip address
  duplex auto
  speed auto
  bridge-group 1
  But I'm not sure this scenario will work for sna application like ATM machine, and SNA SAA gateway.
  Please kindly advised, Is there any alternatif ?

• Interfaces in port-channel keep err-disabling because of keepalives

  Below is the current portchannel that I am having problems with.  The interfaces on Switch A keep going into an error disabled state because they receive their own loopback.  Cisco says to disable keepalives and that it will fix the problem, but I do not like the idea of disabling keepalives.  Has anyone found a solution other than disabling keepalives?  Notice that ios's are different, but am not convinced that this is the issue.  Also one is PoE and the other isn't.  Lastly, i found this article "Keepalives are sent on all interfaces by default in Cisco IOS Software Release 12.1EA-based software. In Cisco IOS Software Release 12.2SE-based software and later, keepalives are not sent by default on fiber and uplink interfaces".  I would think trunked interfaces in a port-channel would be uplink interfaces and if this is true, it should be sending out keepalives anyway since i am running the 12.2SE based ios.  Thanks for whatever input you may have.
  Switch A
  C3750E Boot Loader (C3750X-HBOOT-M) Version 12.2(53r)SE2, RELEASE SOFTWARE (fc1)
  System image file is "flash:/c3750e-universalk9-mz.122-55.SE3/c3750e-universalk9-mz.122-55.SE3.bin"
  cisco WS-C3750X-48P
  Port-channels in the group:
  Port-channel: Po52
  Age of the Port-channel   = 219d:04h:32m:49s
  Logical slot/port   = 10/39          Number of ports = 4
  GC                  = 0x00000000      HotStandBy port = null
  Port state          = Port-channel Ag-Inuse
  Protocol            =    -
  Port security       = Disabled
  Ports in the Port-channel:
  Index   Load   Port     EC state        No of bits
  ------+------+------+------------------+-----------
    0     00     Gi1/0/35 On                 0
    0     00     Gi1/0/36 On                 0
    0     00     Gi2/0/45 On                 0
    0     00     Gi2/0/46 On                 0
  %ETHCNTR-3-LOOP_BACK_DETECTED: Loop-back detected on GigabitEthernet1/0/35.
  %PM-4-ERR_DISABLE: loopback error detected on Gi1/0/35, putting Gi1/0/35 in err-disable state
  %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/35, changed state to down
  %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel39, changed state to down
  %LINK-3-UPDOWN: Interface Port-channel39, changed state to down
  Switch B
  C3750E Boot Loader (C3750X-HBOOT-M) Version 12.2(53r)SE2, RELEASE SOFTWARE (fc1)
  System image file is "flash:/c3750e-universalk9-mz.122-58.SE2/c3750e-universalk9-mz.122-58.SE2.bin"
  cisco WS-C3750X-48
  Port-channels in the group:
  Port-channel: Po52
  Age of the Port-channel   = 443d:18h:43m:06s
  Logical slot/port   = 10/39          Number of ports = 4
  GC                  = 0x00000000      HotStandBy port = null
  Port state          = Port-channel Ag-Inuse
  Protocol            =    -
  Port security       = Disabled
  Ports in the Port-channel:
  Index   Load   Port     EC state        No of bits
  ------+------+------+------------------+-----------
    0     00     Gi1/0/35 On                 0
    0     00     Gi1/0/36 On                 0
    0     00     Gi1/0/45 On                 0
    0     00     Gi1/0/46 On                 0

  PER CISCO
  Symptom:
  An interface on a Catalyst switch is errordisabled after detecting a loopback.
  Mar 7 03:20:40: %ETHCNTR-3-LOOP_BACK_DETECTED: Loop-back detected on
  GigabitEthernet0/2. The port is forced to linkdown.
  Mar 7 03:20:42: %LINK-5-CHANGED: Interface GigabitEthernet0/2, changed state
  to administratively down
  Mar 7 03:20:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface
  GigabitEthernet0/2, changed state to down
  Conditions:
  This might be seen on a Catalyst 2940, 2950, 2950-LRE, 2955, 2970, 3550, 3560
  or 3750 switch running 12.1EA or 12.2SE based code.
  Workaround:
  Disable keepalives by using the no keepalive interface command. This
  will prevent the port from being errdisabled, but it does not resolve the root
  cause of the problem. Please see section below for more information.
  Additional Information:
  The problem occurs because the keepalive packet is looped back to the port that
  sent the keepalive. There is a loop in the network. Although disabling the
  keepalive will prevent the interface from being errdisabled, it will not remove
  the loop.
  The problem is aggravated if there are a large number of Topology Change
  Notifications on the network. When a switch receives a BPDU with the Topology
  Change bit set, the switch will fast age the MAC Address table. When this
  happens, the number of flooded packets increases because the MAC Address table
  is empty.

• UCS: Migrating network to port channels

  Hello all,
  I've searched around for the answer, so forgive me if this question is has already been answered and I just missed it.
  The short and skinny is that because of the need to have a disjointed L2 network, without changing from EHM to Switch mode and on top of security polices (the two L2 networks are Corporate and DMZ), it was recommended that we switch to using port channels.
  Right now, I have two UCS 6120s in a cluster.  Each 6120 has two uplinks to a pair of Cisco 4948s, configured as standard trunk uplinks.
  I guess the actual question(s) is
  A) Can this be done without bringing down the entire network for the UCS?
  B) If it can, what is the best way to do it without interruption?
  I've searched for around and the only thing I've seen is the steps to make the changes in the UCS Manager, but from what I can tell it assumes it’s a new install of UCS and not something that's already in production.
  I already had the networking guys set up the port channels on two unused ports on the 4948s, so all I need to do is move the cables and setup the port channel in the UCSM.
  My plan of action is as follows:
  - disable the network uplinks on one of the 6120s, this should force all traffic to the other side (is that correct?)
  - move the network cables coming from the 6120 to the 4948 switche to the new ports set up as a port channel
  - create the port channel in the UCS manager
  - Enable uplink ports and enable port channel
  - Re-do the above steps for the other 6120.
  Is the above possible without causing an interruption?  Also during the transition, will there be a problem where one side is using a port channel and the other side is still using the regular trunk uplinks?
  Thanks for any suggestions or help.
  (This was neither short nor skinny)

  If you need setup UCS for disjointed L2 and you only have 2 LAN uplinks you are not going to be able to place those 2 into a port-channel and also be able to configure disjointed L2.
  Are you adding 2 additional uplinks to the ones you already have?
  If you aren't planning on adding 2 additional uplinks then you will need to use them as single links; 1 with corporate VLANs mapped and the other with DMZ VLANs mapped. You will do this for both Fabric Interconnect A and B so that each Fabric interconnect as 1 uplink for corporate and 1 for DMZ.
  This configuration requires UCS firmware 2.x
  Like you are planning you will do this on 1 fabric at a time.
  On Fabric A disable the 2 LAN uplinks so that all traffic is forced to go out Fabric B
  Use the UCS VLAN Manager to map the DMZ VLANs to the DMZ uplink and the corporate VLANs to the corporate uplink. You can SSH into UCS, type "connect nxos a" and type "show interface trunk" to verify the VLANs are mapped properly
  Make sure the 4948 switch is configured to trunk the correct VLANs over the correct links
  Enable the ports on Fabric A
  Do the same for Fabric B

• Port Channel Flag Details

  All,
  I created an etherchannel between a cat3750G and a cat6509. I ran a show etherchannel 5 detail and I noticed for my flags I got SC. Is this okay, I am wondering because I looked it up and it doesn't sound good but I could be reading it wrong. Thanks
  Group state = L2
  Ports: 2 Maxports = 8
  Port-channels: 1 Max Port-channels = 1
  Protocol: PAgP
  Ports in the group:
  Port: Gi1/0/25
  Port state = Up Mstr In-Bndl
  Channel group = 1 Mode = Desirable-NonSl Gcchange = 0
  Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
  Port index = 0 Load = 0x00 Protocol = PAgP
  Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
  A - Device is in Auto mode. P - Device learns on physical port.
  d - PAgP is down.
  Timers: H - Hello timer is running. Q - Quit timer is running.
  S - Switching timer is running. I - Interface timer is running.
  Local information:
  Hello Partner PAgP Learning Group
  Port Flags State Timers Interval Count Priority Method Ifindex
  Gi1/0/25 SC U6/S7 H 30s 1 128 Any 5001
  Partner's information:
  Partner Partner Partner Partner Group
  Port Name Device ID Port Age Flags Cap.
  Gi1/0/25 CAT_6509_HQ 000c.cfd0.dc00 Gi2/4 7s SC 10001
  Age of the port in the current state: 01d:08h:58m:36s
  Port: Gi1/0/26
  Port state = Up Mstr In-Bndl
  Channel group = 1 Mode = Desirable-NonSl Gcchange = 0
  Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
  Port index = 0 Load = 0x00 Protocol = PAgP
  Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
  A - Device is in Auto mode. P - Device learns on physical port.
  d - PAgP is down.
  Timers: H - Hello timer is running. Q - Quit timer is running.
  S - Switching timer is running. I - Interface timer is running.
  Local information:
  Hello Partner PAgP Learning Group
  Port Flags State Timers Interval Count Priority Method Ifindex
  Gi1/0/26 SC U6/S7 H 30s 1 128 Any 5001
  Partner's information:
  Partner Partner Partner Partner Group
  Port Name Device ID Port Age Flags Cap.
  Gi1/0/26 CAT_6509_HQ 000c.cfd0.dc00 Gi2/3 6s SC 10001
  Age of the port in the current state: 01d:09h:04m:31s
  Port-channels in the group:
  Port-channel: Po5
  Age of the Port-channel = 01d:09h:25m:21s
  Logical slot/port = 10/1 Number of ports = 2
  GC = 0x00010001 HotStandBy port = null
  Port state = Port-channel Ag-Inuse
  Protocol = PAgP
  Ports in the Port-channel:
  Index Load Port EC state No of bits
  ------+------+------+------------------+-----------
  0 00 Gi1/0/25 Desirable-NonSl 0
  0 00 Gi1/0/26 Desirable-NonSl 0

  Looks perfect , both are up , master in bundle and they see each and have negotiated the etherchannel properly . You can also do a show etherchannel summary to I believe which gives you a compact reading on the channel.

• Port Channel 5548 with 6509

  My company just purchased a Nexus 5548.  I've been fooling around with the configurations and just getting familiar with this equipment.  I've already configured a port channel using 2 10gig ports on our 3850 and its working fine.
  Now, I'm trying to configure a second port channel with our 6509 1gig ports. Ports comes up. But I cannot communicate between these 2 devices.
  Show CDP Neigh shows the other devices. Show Etherchannel summary is blank
  This is the config on the 6509
  interface Port-channel22
   switchport
   switchport trunk encapsulation dot1q
   switchport mode trunk
  interface GigabitEthernet9/7
    switchport
   switchport trunk encapsulation dot1q
   switchport mode trunk
   channel-group 22 mode on (I also tried using Active and desirable)
  Config on 5548
  Inteface Port-Channel 2
  switchport
   switchport mode trunk
   speed 1000
  interface ethernet1/32
   switchport mode trunk
   speed 1000
   channel-group 22 mode on
  I also have feature Lacp , interface vlan and vlan dot1q tag native enabled
  Any ideas why I cannot communicate between these devices? 

  This is what is showing on the 5548
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-SPEED: Interface Ethernet1/32, operat
  ional speed changed to 1 Gbps
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_DUPLEX: Interface Ethernet1/32, op
  erational duplex mode changed to Full
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface Etherne
  t1/32, operational Receive Flow Control state changed to off
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface Etherne
  t1/32, operational Transmit Flow Control state changed to off
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-SPEED: Interface port-channel2, opera
  tional speed changed to 1 Gbps
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_DUPLEX: Interface port-channel2, o
  perational duplex mode changed to Full
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface port-ch
  annel2, operational Receive Flow Control state changed to off
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface port-ch
  annel2, operational Transmit Flow Control state changed to off
  2015 Mar 18 08:18:09 DC-5548-01 %ETH_PORT_CHANNEL-5-PORT_UP: port-channel2: Ethe
  rnet1/32 is up
  2015 Mar 18 08:18:09 DC-5548-01 %ETH_PORT_CHANNEL-5-FOP_CHANGED: port-channel2:
  first operational port changed from none to Ethernet1/32
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_UP: Interface Ethernet1/32 is up i
  n mode trunk
  2015 Mar 18 08:18:09 DC-5548-01 %ETHPORT-5-IF_UP: Interface port-channel2 is up
  in mode trunk
  My 6509 does not show anything. Now when I do  a show etherchannel summary on the 6509, the protocol is lacp.