Port-channel max-bundle option

Hello,
if i have a port-channel with 4 ports in it with LACP. And i want to make two ports as a backup with max bundle command. Do that 'backuped' ports will be just "unselected" from etherchannel, o ir will be physical down ? Thanks
I don't have the LAB yet, so i cant try by myself..

Hi,
The additional 2 ports will be in LACP inactive mode.
HTH

Similar Messages

ASA5550 port channel configuration ERROR: nameif not allowed on empty etherchannel interface

Hi All,
I am having problem when configure port channel on asa5550
IOS ver asa914-k8.bin also in ver 9.02   and 8.47.
Please let me know how can I solve this problem.
UK-LON-FW(config)# int port-channel 3
UK-LON-FW(config-if)# vlan 245
                       ^
ERROR: % Invalid input detected at '^' marker.
UK-LON-FW(config-if)# nameif secure
ERROR: nameif not allowed on empty etherchannel interface.
UK-LON-FW(config-if)#
here is my interfaces configuration:
interface GigabitEthernet0/0
description fw1:G0/0 to uk-lon-gw1:e1/8 fw2:G0/0 to uk-lon-gw2:e1/9 outside zone
channel-group 1 mode on
no nameif
no security-level
no ip address
interface GigabitEthernet0/1
description fw1:G0/1 to uk-lon-gw2:e1/8 fw2:G0/1 to uk-lon-gw1:e1/9 outside zone
channel-group 1 mode on
no nameif
no security-level
no ip address
interface GigabitEthernet0/2
description fw1:G0/2 to uk-lon-sw1a:1 fw2:G0/2 to uk-lon-sw1a:2 dmz
channel-group 2 mode on
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
description fw1:G0/3 to uk-lon-sw1b: fw2:G0/3 to uk-lon-sw1b:2 dmz
channel-group 2 mode on
no nameif
no security-level
no ip address
interface Management0/0
management-only
nameif management
security-level 0
ip address 10.10.51.18 255.255.254.0
interface GigabitEthernet1/0
description fw1:G1/0 to uk-lon-sw1a:3 fw2:G1/0 to uk-lon-sw1a:4 secure zone
no nameif
no security-level
no ip address
interface GigabitEthernet1/1
description fw1:G1/1 to uk-lon-sw1b:3 fw2:G1/1 to uk-lon-sw1b:4 secure zone
no nameif
no security-level
no ip address
interface GigabitEthernet1/2
description LAN Failover Interface
no nameif
no security-level
no ip address
interface GigabitEthernet1/3
description STATE Failover Interface
no nameif
no security-level
no ip address
interface Port-channel1
description outside zone
no nameif
no security-level
no ip address
interface Port-channel1.5
description outside zone Bundle FW:G0/0-G0/1 connect to GW1:e1/8-GW2:e1/8
vlan 5
nameif outside
security-level 0
ip address 216.239.105.5 255.255.255.128 standby 216.239.105.6
interface Port-channel2
description dmz Bunlde uk-lon-fw:G0/2-3 to sw1a:1-2 sw1b:1-2
no nameif
no security-level
no ip address
interface Port-channel2.105
description dmz
vlan 105
nameif dmz
security-level 50
ip address 216.239.105.193 255.255.255.192 standby 216.239.105.194
interface Port-channel3
description secure zone Bunlde uk-lon-fw:G1/0-1 to sw1a:3-3 sw1b:3-4
no nameif
security-level 100
ip address 10.254.105.1 255.255.255.0 standby 10.254.105.2
UK-LON-FW(config-if)#

Hi Marvin,
Thank you for your answer. I did everything but it did not work. Turn out it is a bug ver 8.45 will let you created the sub logical interface but actually it did not work right. Verson 9.x doesn't let you create more than 2 port channel (limitation of ASA5550 hardware).
https://tools.cisco.com/bugsearch/bug/CSCtq62715/?reffering_site=dumpcr
Also, you can see the 8.4 release notes were you can see that it is not supported:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/release/notes/asarn84.html#pgfId-522232
Interface Features
EtherChannel support (ASA 5510 and higher)
You can configure up to 48 802.3ad EtherChannels of eight active interfaces each.
Note You cannot use interfaces on the 4GE SSM, including the integrated 4GE SSM in slot 1 on the ASA 5550, as part of an EtherChannel.
We introduced the following commands: channel-group , lacp port-priority , interface port-channel , lacp max-bundle , port-channel min-bundle , port-channel load-balance , lacp system-priority , clear lacp counters , show lacp , show port-channel .

Port Channel over L2 MPLS links

Hello.
I was hoping that someone could over some suggestions on best practice or recommendations for configuring port channel to bundle to layer 2 MPLS links that we have.
We have racks in two geographically separated data centres, each rack has a stack of Cisco 3850 switches, and there are two 100Mbps layer 2 connections linking these stacks together. The links are provided by our supplier and runs over their core network (I can get more info on their setup if need be).
I had initially just configured a simple port channel bundling the two ports on "Switch A", and the same on "Switch B". However I have since noticed that one of the ports was put into error disabled state, and I have my doubts that we ever had 200Mbps throughput over the portchannel.
The logs showed:
UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Gix/x/x, aggressive mode failure detected
%PM-4-ERR_DISABLE: udld error detected on Gix/x/x, putting Gix/x/x in err-disable state
How I understand is that one of ports recieved an unexpected (or incorrect) BPDU packet, and shut the port down as part of spanning tree process to stop a loop forming.
For the time being I have removed the port channel config and re-opened all the ports, so I believe one of the ports is now in blocking state.
Whilst redundancy for these links is great, ideally I would like to have the links bundled so I also get the benefit of higher throughput.
Any thoughts are greatly appreciated.
Thank you

Hi,
Thank you for your reply and suggestions. I have been reading up on layer 2 protocol tunnelling and I'm not sure if this will work for us. According to these guidelines for the catalyst 3550 (http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swtunnel.html#wp1006657) it states:
•If you enable PAgP or LACP tunneling, we recommend that you also enable UDLD on the interface for faster link-failure detection.
•Tunneling is not supported on trunk ports. If you enter the l2protocol-tunnel interface configuration command on a trunk port, the command is accepted, but Layer 2 tunneling does not take affect unless you change the port to a tunnel port or an access port.
•EtherChannel port groups are compatible with tunnel ports when the 802.1Q configuration is consistent within an EtherChannel port group.
(maybe its a different and is supported on 3850's)
Also, I cant use layer 3 over this link as I am looking to extend VLANs over the link so devices and virtual machines in each of the datacentre are in the same subnet and broadcast domain.
I will speak with the supplier to see what they are willing to do.
Thanks again.

Sg300-28 port-channel options

i have an sg300-28 running the latest firmware, and would like some insight on port-channel options. below are the port configs i have for a LAG to my router. i am currently using 802.3ad with LACP. my router is a linux machine pulling duty as a basic (no dynamic routing) router, firewall and internet gateway. the bonding options on the routers side explained at
http://docs.fedoraproject.org/en-US/Fedora/16/html/System_Administrators_Guide/sec-Using_Channel_Bonding.html. the mode is 4 or 802.3ad and the xmit_hash_policy is 2 or layer2+3. i also have 2 servers setup in a similar fashion with 2 interfaces in a LAG.
when i run a bandwidth test, iperf, between the two servers, i only get 900+ mbps which indicates that the GB ports are running fine. this also indicates to me that the traffic is not being "striped" across the port-channeled interfaces, thereby giving me the aggregated bandwidth of all interfaces in the LAG. i have found no options to use the balance-xor mode to create port-channels, which as i understand it, would aggregate the total bandwidth of all interfaces in the LAG. is the sg300 capable of creating a LAG that will combine the throughput of all the members of the LAG? for example, create a 2 GB pipe when 2 interfaces are port-channeled? is the balance-xor mode what would do this (regardless of the sg300's ability to do this)
interface gigabitethernet25
description "Port Channel to Router"
channel-group 1 mode auto
lldp notifications enable
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
lldp management-address automatic
interface gigabitethernet26
description "Port Channel to Router"
channel-group 1 mode auto
lldp notifications enable
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
lldp management-address automatic
interface gigabitethernet27
description "Port Channel to Router"
channel-group 1 mode auto
lldp notifications enable
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
lldp management-address automatic
interface gigabitethernet28
description "Port Channel to Router"
channel-group 1 mode auto
lldp notifications enable
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
lldp management-address automatic
interface Port-channel1
description "Port Channel to Router"
switchport mode general
switchport general allowed vlan add 2-3,25,37,50,52,253-255 tagged
switchport general pvid 255

Hi Brendan,
You said "i only get 900+ mbps which indicates that the GB ports are running fine. this also indicates to me that the traffic is not being "striped" across the port-channeled interfaces, thereby giving me the aggregated bandwidth of all interfaces in the LAG. i have found no options to use the balance-xor mode to create port-channels, which as i understand it, would aggregate the total bandwidth of all interfaces in the LAG."
As the Admin guide says on page 130, http://www.cisco.com/en/US/docs/switches/lan/csbms/sf30x_sg30x/administration_guide/78-19308-01.pdf
Load Balancing
Traffic forwarded to a LAG is load-balanced across the active member ports, thus achieving an effective bandwidth close to the aggregate bandwidth of all the active member ports of the LAG.
Traffic load balancing over the active member ports of a LAG is managed by a hash-based distribution function that distributes Unicast and Multicast traffic based on Layer 2 or Layer 3 packet header information.
The switch supports two modes of load balancing:
By MAC Addresses—Based on the destination and source MAC addresses of all packets.
By IP and MAC Addresses—Based on the destination and source IP addresses for IP packets, and destination and source MAC addresses for
non-IP packets.
   So, an IP host running running IPERF maybe checking unicast throughput between the two IP hosts. There will be a Source and Desination IP address in that test. The switch will direct the traffic over one of the LAG port members . It wont Round robin the unicast traffic over multiple LAG ports, if the Source and Desination IP address of the traffic is the same. .
If the PC running IPerf, had another concurrent IPerf session to another or different IP host, the hash algorithm on the switch may direct that stream , maybe, over a different physical LAG interface.
So your comment about achieving 900+mbps sounds normal   Yes LAG spreads the load, the benefit comes when lots of hosts on both sides of the switches.
You hay find with just two hosts on either side of a LAG, that the switch may run the traffic between two hosts over just one member of the LAG group.
regards Dave

What can be the max difference in cable lengths that we can have between the ISLs in a port-channel between MDS switches?

Hello All
What can be the max difference in cable lengths that we can have between the ISLs in a port-channel between MDS switches? Do we have any documentation?
Thanks
Chetan

competitive solution instead recommends a distance variance of 30 meters or less among ISLs within a trunk. If the distance variance is greater than 30 meters, undesired and degraded performance will occur. For example, if a trunk has a distance of 100 kilometers, the competitive trunking solution allows a cable length variance of only 0.03 percent!
ref;
http://www.cisco.com/c/en/us/products/collateral/storage-networking/mds-9500-series-multilayer-directors/white_paper_c11-534878.html
hth
regards
inayath
**********PLZ dont forget to rate if this info is helpfull.

VSS port channel options

Hi,
I am converting 2 6500 chassis to VSS, currently they are configured as primary & backup. Downstream switch have 4 uplinks, 2 to each chassis with port channels. After I convert to VSS I will have all 4 ports connecting to downstream switch in a port channel, can I keep 2 separate port channels on downstream switch or will it cause issues ?
thanks
hasrat

Hi Hazrat,
I agree with Reza. By the way what is at your mind in keeping 2 seperate port-channels to one device?(please note after VSS logically it is one switch). One of the Port-channel will not be used at all since spanning tree will block it. So as Reza said bundle them in all one.
Thanks,
Madhu

Port-channel bundled/unbundled

Is this bundled or not bundled, is what I'm trying to confirm.
I get two conflicting messages about, if the port-channel bundle is working or not working. (There is traffic on two channels intended to bundled)
Version 12.2
Switch1
Config on port 1/1 is encap 820.1q, node (defaul?)
Config on port 9/1 is encap (default?) ,and mode trunk
Switch1 and Switch2 configs are similar
Switch1 extracts
Switch1>sh int po 1 eth
Age of the Port-channel = 01d:04h:02m:05s
Logical slot/port = 14/1 Number of ports = 2
GC = 0x00010001 HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = PAgP
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 55 Gi1/1 Desirable-Sl 4
1 AA Gi9/1 Desirable-Sl 4
Time since last port bundled: 01d:03h:45m:47s Gi9/1
Time since last port Un-bundled: 01d:03h:57m:35s Gi9/1
=======================================
Switch1>sh int g9/1 trunk
Port Mode Encapsulation Status Native vlan
Gi9/1 on 802.1q trunk-inbndl 1
(Po1)
=========================================
Switch1#sh runn int port-channel 1
Building configuration...
Current configuration : 160 bytes
interface Port-channel1
description EC TO ESW002 G1/1,G9/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200-202,301
end
Switch1#sh run int g1/1
Building configuration...
Current configuration : 189 bytes
interface GigabitEthernet1/1
description To ESW002 G1/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200-202,301
channel-group 1 mode desirable
end
Switch1#sh run int g9/1
Building configuration...
Current configuration : 173 bytes
interface GigabitEthernet9/1
description to ESW002 9/1
switchport
switchport trunk allowed vlan 200-202,301
switchport mode trunk
channel-group 1 mode desirable
end

You have setup a trunked etherchannel and it appears to be working correctly. this info tells you that the channel is working correctly, to check the trunk do a "show int trunk" also.
Switch1 extracts
Switch1>sh int po 1 eth
Age of the Port-channel = 01d:04h:02m:05s
Logical slot/port = 14/1 Number of ports = 2
GC = 0x00010001 HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = PAgP
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 55 Gi1/1 Desirable-Sl 4
1 AA Gi9/1 Desirable-Sl 4

FWSM Default port channel?

I'm doing some L2 cleanups across mutliple 6509E environments and I've found something consistent that I can't find in documentation.
On all my pairs of 6509s where I have FWSMs bundled (6509-A has FWSM-1 is Slot 1 and 6509-B has FWSM-2 in Slot 1) I also have a port channel 305. Obviously when I do a "show run" or "show int desc" I don't see anything in slot one. It's a service module. But the port channel is referencing ports 1/1-6. And it's all in service/up. I was about to delete this as I thought it was some leftover config (TEST 6509s) until I went and saw the same things on our PROD 6509s. Can anyone explain this or provide some documentation on it? Is it cosmetic? Necessary? Can I delete it as part of my audit cleanup? Don't want to mess with it even in TEST without some information. Nothing on google that's clear and I can't find anything on CCO.
6509-1#sho etherch 305 summ
Flags: D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      N - not in use, no aggregation
        f - failed to allocate aggregator
        M - not in use, no aggregation due to minimum links not met
        m - not in use, port not aggregated due to minimum links not met
        u - unsuitable for bundling
        d - default port
        w - waiting to be aggregated
Number of channel-groups in use: 11
Number of aggregators:           11
Group Port-channel Protocol    Ports
------+-------------+-----------+-----------------------------------------------
305    Po305(SU)        -        Gi1/1(P)       Gi1/2(P)       Gi1/3(P)
                                 Gi1/4(P)       Gi1/5(P)       Gi1/6(P)
Last applied Hash Distribution Algorithm:   -
6509-1#sho etherch 305 det
Group state = L2
Ports: 6   Maxports = 8
Port-channels: 1 Max Port-channels = 1
Protocol:    -
Minimum Links: 0
                Ports in the group:
Port: Gi1/1
Port state    = Up Mstr In-Bndl
Channel group = 305         Mode = On      Gcchange = -
Port-channel = Po305       GC   =   -         Pseudo port-channel = Po305
Port index    = 0           Load = 0x41        Protocol =    -
Age of the port in the current state: 46d:06h:53m:39s
Port: Gi1/2
Port state    = Up Mstr In-Bndl
Channel group = 305         Mode = On      Gcchange = -
Port-channel = Po305       GC   =   -         Pseudo port-channel = Po305
Port index    = 1           Load = 0x02        Protocol =    -
Age of the port in the current state: 46d:06h:53m:39s
Port: Gi1/3
Port state    = Up Mstr In-Bndl
Channel group = 305         Mode = On      Gcchange = -
Port-channel = Po305       GC   =   -         Pseudo port-channel = Po305
Port index    = 2           Load = 0x04        Protocol =    -
Age of the port in the current state: 46d:06h:53m:41s
Port: Gi1/4
Port state    = Up Mstr In-Bndl
Channel group = 305         Mode = On      Gcchange = -
Port-channel = Po305       GC   =   -         Pseudo port-channel = Po305
Port index    = 3           Load = 0x88        Protocol =    -
Age of the port in the current state: 46d:06h:53m:41s
Port: Gi1/5
Port state    = Up Mstr In-Bndl
Channel group = 305         Mode = On      Gcchange = -
Port-channel = Po305       GC   =   -         Pseudo port-channel = Po305
Port index    = 4           Load = 0x10        Protocol =    -
Age of the port in the current state: 46d:06h:53m:41s
Port: Gi1/6
Port state    = Up Mstr In-Bndl
Channel group = 305         Mode = On      Gcchange = -
Port-channel = Po305       GC   =   -         Pseudo port-channel = Po305
Port index    = 5           Load = 0x20        Protocol =    -
Age of the port in the current state: 46d:06h:53m:41s
                Port-channels in the group:
Port-channel: Po305
Age of the Port-channel   = 46d:06h:55m:56s
Logical slot/port   = 14/11          Number of ports = 6
GC                  = 0x00000000      HotStandBy port = null
Port state          = Port-channel Ag-Inuse
Protocol            =    -
Fast-switchover     = disabled
Load share deferral = disabled
Ports in the Port-channel:
Index   Load   Port     EC state        No of bits
------+------+------+------------------+-----------
0     41     Gi1/1    On    2
1     02     Gi1/2    On    1
2     04     Gi1/3    On    1
3     88     Gi1/4    On    2
4     10     Gi1/5    On    1
5     20     Gi1/6    On    1
Time since last port bundled:    46d:06h:53m:41s    Gi1/6
Last applied Hash Distribution Algorithm:   -
NOC-SW-ITEST-AGG1#

The connection between the FWSM and the switch is a 6-GB 802.1Q trunking EtherChannel. This EtherChannel is automatically created when you install the FWSM.
http://cisconetwork.org.ua/1587051893/ch04lev1sec1.html
http://www.cisco.com/en/US/docs/security/fwsm/fwsm23/configuration/guide/switch.pdf
Thanks
Ajay

Nexus 1010v interfaces, port-channel, Catalyst 6500E VSS

I'm installing a pair of 1010v-X appliances using flexible network option 5 on version 4.2(1)SP1(5.1).
I have all interfaces grouped into a single port channel 6. All interfaces uplink to a pair of Catalyst 6506Es in a VSS (Sup2T).
My question relates to the VSS configuration.
For example, do I set up one port-channel on the VSS and put all 12 interfaces in it? Or, do I set up two port-channels on the VSS and put the active 1010v-X in one port-channel and the standby into another port-channel?
Do I set dot1q trunking up on the port-channel(s) on the VSS?
Thanks.

Hi,
What version of IOS are you running on the ASAs?
see table-12-3 in this link:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/interface_start.html
Also, since the 4500x are in VSS mode, you need to bundle one link from each switch and use LACP.
HTH

Cisco MDS Port channel load balancing

A customer recently asked an interesting question about exchange based load balancing on an FC port channel. The platform is UCS with an 8 and 16 port channel per fabric interconnect on two separate UCS domains. The application is Oracles data warehousing which has been known to saturate 4 x 8gb fc links. Since the balancing method is exchange based what constitutes the start and end of an exchange? We are trying to avoid a condition where and intense read write conversation locks to a single link in the port channel and not spread across 8/16 links. Where can I find more information about exchange based routing protocol or how should I go about managing extreme io in a converged infrastructure.

The default loadbalance method on FI and MDS is src-dst-ox-id based. Note that loadbalancing is done by a device on *outgoing traffic*. FI and MDS do not have to negotiate anything here. Technically, one device can do src-dst-id based while the other can use src-dst-ox-id. However, in your case there is no reason for such a change.
As I wrote before, If all of the links in the port-channel are touching the max capacity, you should recommend your customer to increase links in the bundle (max 16) or upgrade to 16G links. If few of the links are heavily utilized while other links in the same port-channel are under utilized, you may want to check the application or HBA for capability of breaking down the large reads/writes under smaller exchanges. If no traffic is going on few of the links at all, then I would suspect UCS to FI pinning as well.

Nexus 1000v port-channels questions

Hi,
I’m running vCenter 4.1 and Nexus 1000v and about 30 ESX Hosts.
I’m using one system uplink port profile for all 30 ESX Host; On each of the ESX host I have 2 NICs going to a Catalyst 3750 switch stack (Switch A), and another 2 NICs going to another Catalyst 3750 switch stack (Switch B).
The Nexus is configured with the “sub-group CDP” command on the system uplink port profile like the following:
port-profile type ethernet uplink
vmware port-group
switchport mode trunk
switchport trunk allowed vlan 1,800,802,900,988-991,996-997,999
switchport trunk native vlan 500
mtu 1500
channel-group auto mode on sub-group cdp
no shutdown
system vlan 988-989
description System-Uplink
state enabled
And the port channel on the Catalyst 3750 are configured like the following:
interface Port-channel11
description ESX-10(Virtual Machine)
switchport trunk encapsulation dot1q
switchport trunk native vlan 500
switchport trunk allowed vlan 800,802,900,988-991
switchport mode trunk
switchport nonegotiate
spanning-tree portfast trunk
end
interface GigabitEthernet1/0/18
description ESX-10(Virtual Machine)
switchport trunk encapsulation dot1q
switchport trunk native vlan 500
switchport trunk allowed vlan 800,802,900,988-991
switchport mode trunk
switchport nonegotiate
channel-group 11 mode on
spanning-tree portfast trunk
spanning-tree guard root
end
interface GigabitEthernet1/0/1
description ESX-10(Virtual Machine)
switchport trunk encapsulation dot1q
switchport trunk native vlan 500
switchport trunk allowed vlan 800,802,900,988-991
switchport mode trunk
switchport nonegotiate
channel-group 11 mode on
spanning-tree portfast trunk
spanning-tree guard root
end
Now Cisco is telling me that I should be using MAC pinning when doing a trunk to two different stacks , and that each interface on 3750 should not be configured in a port-channel like above, but should be configured as individual trunks.
First question: Is the above statement correct, are my uplinks configured wrong? Should they be configured individually in trunks instead of a port-channel?
Second questions: If I need to add the MAC pinning configuration on my system uplink port-profile can I create a new system uplink port profile with the MAC pinning configuration and then move one ESX host (with no VM on them) one at a time to that new system uplink port profile? This way, I could migrate one ESX host at a time without outages to my VMs. Or is there an easier way to move 30 ESX hosts to a new system uplink profile with the MAC Pinning configuration.
Thanks.

Hello,
From what I understood, you have the following setup:
     - Each ESX host has 4 NICS
     - 2 of them go to a 3750 stack and the other 2 go to a different 3750 stack
     - all 4 vmnics on the ESX host use the same Ethernet port-profile
          - this has 'channel-group auto mode on sub-group cdp'
     - The 2 interfaces on each 3750 stack are in a port-channel (just 'mode on')
If yes, then this sort of a setup is correct. The only problem with this is the dependance on CDP. With CDP loss, the port-channels would go down.
'mac-pinning' is the recommended option for this sort of a setup. You don't have to bundle the interfaces on the 3750 for this and these can be just regular trunk ports. If all your ports are on the same stack, then you can look at LACP. The CDP option would not be supported in the future releases. In fact, it is supposed to be removed from 4.2(1)SV1(2.1) but I still see the command available (ignore 4.2(1)SV1(4) next to it) - I'll follow up on this internally:
http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_2_1_1/interface/configuration/guide/b_Cisco_Nexus_1000V_Interface_Configuration_Guide_Release_4_2_1_SV_2_1_1_chapter_01.html
For migrating, the best option would be as you suggested. Create a new port-profile with mac-pinning and move one host at a time. You can migrate VMs off the host before you change the port-profile and can remove the upstream port-channel config as well.
Thanks,
Shankar

Port Channel Flag Details

All,
I created an etherchannel between a cat3750G and a cat6509. I ran a show etherchannel 5 detail and I noticed for my flags I got SC. Is this okay, I am wondering because I looked it up and it doesn't sound good but I could be reading it wrong. Thanks
Group state = L2
Ports: 2 Maxports = 8
Port-channels: 1 Max Port-channels = 1
Protocol: PAgP
Ports in the group:
Port: Gi1/0/25
Port state = Up Mstr In-Bndl
Channel group = 1 Mode = Desirable-NonSl Gcchange = 0
Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = PAgP
Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
A - Device is in Auto mode. P - Device learns on physical port.
d - PAgP is down.
Timers: H - Hello timer is running. Q - Quit timer is running.
S - Switching timer is running. I - Interface timer is running.
Local information:
Hello Partner PAgP Learning Group
Port Flags State Timers Interval Count Priority Method Ifindex
Gi1/0/25 SC U6/S7 H 30s 1 128 Any 5001
Partner's information:
Partner Partner Partner Partner Group
Port Name Device ID Port Age Flags Cap.
Gi1/0/25 CAT_6509_HQ 000c.cfd0.dc00 Gi2/4 7s SC 10001
Age of the port in the current state: 01d:08h:58m:36s
Port: Gi1/0/26
Port state = Up Mstr In-Bndl
Channel group = 1 Mode = Desirable-NonSl Gcchange = 0
Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = PAgP
Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
A - Device is in Auto mode. P - Device learns on physical port.
d - PAgP is down.
Timers: H - Hello timer is running. Q - Quit timer is running.
S - Switching timer is running. I - Interface timer is running.
Local information:
Hello Partner PAgP Learning Group
Port Flags State Timers Interval Count Priority Method Ifindex
Gi1/0/26 SC U6/S7 H 30s 1 128 Any 5001
Partner's information:
Partner Partner Partner Partner Group
Port Name Device ID Port Age Flags Cap.
Gi1/0/26 CAT_6509_HQ 000c.cfd0.dc00 Gi2/3 6s SC 10001
Age of the port in the current state: 01d:09h:04m:31s
Port-channels in the group:
Port-channel: Po5
Age of the Port-channel = 01d:09h:25m:21s
Logical slot/port = 10/1 Number of ports = 2
GC = 0x00010001 HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = PAgP
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi1/0/25 Desirable-NonSl 0
0 00 Gi1/0/26 Desirable-NonSl 0

Looks perfect , both are up , master in bundle and they see each and have negotiated the etherchannel properly . You can also do a show etherchannel summary to I believe which gives you a compact reading on the channel.

Port-channel L2 problem with Fabric Interconnect and Nexus 7010

Hi,
i using port-channel from both fabric interconnect to N7k with 3 cables per Fabric Interconnect.
but, my problem is when i creating port-channel, Fabric Interconnect don't support mode ON dan rate-mode share in Interface 10G Nexus 7010.
I was trying :
1. I using non dedicated port in Nexus 7010.
      - rate-mode share
      - channel-group 1 mode active
      - switchport mode trunk
when i using this option, the port-channel in Nexus 7010 was suspended
2. I using non dedicated port in Nexus 7010
     - rate-mode share
     - channel group 1 mode on
     - switchport mode trunk
when i using this option, the port-channel in Nexus 7010 was came up, but in Fabric interconnect was failed.
3. I using dedicated port in Nexus 7010
     - rate-mode share
     - channel group 1 mode active
     - switchport mode trunk
when i using this option, the port-channel in Nexus 7010 was suspended
4. I using dedicated port in Nexus 7010
     - rate-mode dedicated
     - channel group 1 mode active
     - switchport mode trunk
when i using this option, the port-channel in Nexus 7010 was came up and running well.
but, the problem is my costumer do not want using a dedicated rate-mode. if i using dedicated mode the only available port is 8 interfaces instead of 32 ports. i want to using rate-mode share in nexus 7010.
is there any way to configuring port-channel using mode on in fabric interconnect ? i was trying using CLI to create port-channel in Fabric interconect but i cannot configure the channel group protocol.
i attach the topology of N7K with Fabric interconnect.
regards,
Berwin H

Hi Manish,
the issue was solved, i was fix it last week.
the solution is:
i enable the license grace-priode (since my license is Enterprise so cannot create VDC) then i create a VDC (ex: VDC 2) so i allocate the interface on all module
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
N7K-M132XP-12 to VDC 2. after that i delete VDC 2 then all interface back to VDC 1 (default vdc). then i enable the rate-mode share in dedicated port and bundle into port-channel and its working.
i dont know why it must move to VDC first then it will working, maybe cisco can explain the reasons.
So here the result of my port-channel :
SVRN7KFARM-HO-01# show port-channel summary
Flags: D - Down        P - Up in port-channel (members)
        I - Individual H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
Group Port-       Type     Protocol Member Ports
      Channel
1     Po1(SU)     Eth      LACP      Eth1/1(P)    Eth1/2(P)    Eth1/3(P)
                                     Eth1/4(P)    Eth1/25(P)
2     Po2(SU)     Eth      LACP      Eth1/9(P)    Eth1/10(P)   Eth1/11(P)
                                     Eth1/12(P)   Eth1/26(P)
3     Po3(SU)     Eth      LACP      Eth1/17(P)   Eth1/18(P)
4     Po4(SU)     Eth      NONE      Eth10/32(P) Eth10/34(P) Eth10/35(P)
                                     Eth10/36(P)
Thanks.
Berwin H

OSPF load balancing across multiple port channels

I have googled/searched for this everywhere but haven't been able to find a solution. Forgive me if I leave something out but I will try to convey all relevant information. Hopefully someone can provide some insight and many thanks in advance.
I have three switches (A, B, and C) that are all running OSPF and LACP port channelling among themselves on a production network. Each port channel interface contains two physical interfaces and trunks a single vlan (so a vlan connecting each switch over a port channel). OSPF is running on each vlan interface.
Switch A - ME3600
Switch B - 3550
Switch C - 3560G
This is just a small part of a much larger topology. This part forms a triangle, if you will, where A is the source and C is the destination. A and C connect directly via a port channel and are OSPF neighbors. A and B connect directly via a port channel and are OSPF neighbors. B and C connect directly via a port channel and are OSPF neighbors. Currently, all traffic from A to C traverses B. I would like to load balance traffic sourced from A with a destination of C on the direct link and on the links through B. If all traffic is passed through B, traffic is evenly split on the two interfaces on the port channel. If all traffic is pushed onto the direct A-C link, traffic is evenly balanced on the two interfaces on that port channel. If OSPF load balancing is configured on the two vlans from A (so A-C and A-B), the traffic is divided to each port channel but only one port on each port channel is utilized while the other one passes nothing. So half of each port channel remains unused. The port channel on B-C continues to load balance, evenly splitting the traffic received from half of the port channel from A.
A and C port channel load balancing is configured for src-dst-ip. B is a 3550 and does not have this option, so it is set to src-mac.
Relevant configuration:
Switch A:
interface Port-channel1
description Link to B
port-type nni
switchport trunk allowed vlan 11
switchport mode trunk
interface Vlan11
ip address x.x.x.134 255.255.255.254
interface Port-channel3
description Link to C
port-type nni
switchport trunk allowed vlan 10
switchport mode trunk
interface Vlan10
ip address x.x.x.152 255.255.255.254
Switch B:
interface Port-channel1
description Link to A
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 11
switchport mode trunk
interface Vlan11
ip address x.x.x.135 255.255.255.254
interface Port-channel2
description Link to C
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 12
switchport mode trunk
interface Vlan12
ip address x.x.x.186 255.255.255.254
Switch C:
interface Port-channel1
description Link to B
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 12
switchport mode trunk
interface Vlan12
ip address x.x.x.187 255.255.255.254
interface Port-channel3
description Link to A
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10
switchport mode trunk
interface Vlan10
ip address x.x.x.153 255.255.255.254

This is more FYI. 10.82.4.0/24 is a subnet on switch C. The path to it is split across vlans 10 and 11 but once it hits the port channel interfaces only one side of each is chosen. I'd like to avoid creating more vlan interfaces but right now that appears to be the only way to load balance equally across the four interfaces out of switch A.
ME3600#sh ip route 10.82.4.0
Routing entry for 10.82.4.0/24
Known via "ospf 1", distance 110, metric 154, type extern 1
Last update from x.x.x.153 on Vlan10, 01:20:46 ago
Routing Descriptor Blocks:
x.x.x.153, from 10.82.15.1, 01:20:46 ago, via Vlan10
Route metric is 154, traffic share count is 1
* x.x.x.135, from 10.82.15.1, 01:20:46 ago, via Vlan11
Route metric is 154, traffic share count is 1
ME3600#sh ip cef 10.82.4.0
10.82.4.0/24
nexthop x.x.x.135 Vlan11
nexthop x.x.x.153 Vlan10
ME3600#sh ip cef 10.82.4.0 internal
10.82.4.0/24, epoch 0, RIB[I], refcount 5, per-destination sharing
sources: RIB
ifnums:
Vlan10(1157): x.x.x.153
Vlan11(1192): x.x.x.135
path 093DBC20, path list 0937412C, share 1/1, type attached nexthop, for IPv4
nexthop x.x.x.135 Vlan11, adjacency IP adj out of Vlan11, addr x.x.x.135 08EE7560
path 093DC204, path list 0937412C, share 1/1, type attached nexthop, for IPv4
nexthop x.x.x.153 Vlan10, adjacency IP adj out of Vlan10, addr x.x.x.153 093A4E60
output chain:
loadinfo 088225C0, per-session, 2 choices, flags 0003, 88 locks
flags: Per-session, for-rx-IPv4
16 hash buckets
< 0 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
< 1 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
< 2 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
< 3 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
< 4 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
< 5 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
< 6 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
< 7 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
< 8 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
< 9 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
<10 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
<11 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
<12 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
<13 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
<14 > IP adj out of Vlan11, addr x.x.x.135 08EE7560
<15 > IP adj out of Vlan10, addr x.x.x.153 093A4E60
Subblocks:
None

Port Channels - WLC 5508 and 4510

LACP and PAgP are not supported on the controller and it appears that the 4500 series will not use LAG.
interface Port-channel10
description WLC Port-Channel
switchport
switchport mode trunk
service-policy input AutoQos-4.0-Input-Policy
service-policy output OUTPUT-PRIORITY-POLICING-ETHERCHANNEL
interface GigabitEthernet3/1
description Cisco 5508 Wireless Controller
switchport mode trunk
channel-group 10 mode active
spanning-tree link-type point-to-point
interface GigabitEthernet3/2
description Cisco 5508 Wireless Controller
switchport mode trunk
channel-group 10 mode active
spanning-tree link-type point-to-point
I am getting the error, "lacp not enabled on remote port..". I removed the 2nd fiber cable and removed the channel-group so I could get the WLC back online. Any help would be greatly appreciated.

In order to get the ether channel to work with the WLC you need to change your configuration from:
interface GigabitEthernet3/1
channel-group 10 mode active
interface GigabitEthernet3/2
channel-group 10 mode active
To mode ON
interface GigabitEthernet3/1
channel-group 10 mode on
interface GigabitEthernet3/2
channel-group 10 mode on
Mode ON tells the switch to do Link Aggregation Protocol and does try and negotiate using one of the two control protocols LACP or PAgP.
using mode ON is part of the configuration guide when enabling Cisco WLC LAG option.

Port-channel max-bundle option

Similar Messages

Maybe you are looking for