cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1903
Views
0
Helpful
3
Replies

ASA EtherChannel to a switch stack

Rodrigo Gurriti
Level 3
Level 3

Here is a reference from the documentation:


http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/configuration/general/asa-general-cli/interface-echannel.html#pgfId-1886893

The ASA does not support connecting an EtherChannel to a switch stack. If the ASA EtherChannel is connected cross stack, and if the Master switch is powered down, then the EtherChannel connected to the remaining switch will not come up.

 

1st - Why do they behave like that?

 

2nd - If I have a active/standby scenario, where I have a primary with a 2 interface channel to the master and the standby has a 2 interface channel to a single slave switch. Would it work this way?

 

Regards,

Rod

1 Accepted Solution

Accepted Solutions

Carlos Amador
Cisco Employee
Cisco Employee

Rod,

 

As it is not supported we won't have much info (pretty much behaves like that by design). Best guess reading around some scenarios, could be because the ASA brings the Etherchannel up using the master switch ID, so if it goes down then the port goes down.

I found that you can try configuring static etherchannel (mode on) and see if it works, still will be unsupported or use 'stack-mac persistent timer 0'

Check it over here:

https://tools.cisco.com/bugsearch/bug/CSCtw63096/?reffering_site=dumpcr 

 

Regards.

View solution in original post

3 Replies 3

Carlos Amador
Cisco Employee
Cisco Employee

Rod,

 

As it is not supported we won't have much info (pretty much behaves like that by design). Best guess reading around some scenarios, could be because the ASA brings the Etherchannel up using the master switch ID, so if it goes down then the port goes down.

I found that you can try configuring static etherchannel (mode on) and see if it works, still will be unsupported or use 'stack-mac persistent timer 0'

Check it over here:

https://tools.cisco.com/bugsearch/bug/CSCtw63096/?reffering_site=dumpcr 

 

Regards.

Thank you Carlos,

 

I guess a need to set up a lab and verify which one is better, mode on or the stack-mac persistent command.

I guess the stack-mac can cause a few problems if someone is trying to troubleshoot this network later on if they have to replace a switch.

I also found this document that really points to mode on, if the problem is really the system-id from the master

https://supportforums.cisco.com/discussion/11618031/stack-mac-persistent-timer-lacp-port-channels-c3750

 

 

It worked mode on.

 

Reloaded the master and the ASA primary/active lost his 2 interfaces and the secondary/standby took over and I had only 1 packet loss.

Did not try the command "stack-mac persistent timer 0" because I was running out of time!

 

Thank you

Rod

Review Cisco Networking for a $25 gift card