cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
498
Views
10
Helpful
8
Replies
sanchezeldorado
Beginner

Basic LACP not working in CML

I am migrating some switches at work, and I am using CML to test the process I want to use. Basically, I'll have two switches connected together with two trunk ports (No LACP). This will cause one of them to be blocking with STP. I want to remotely migrate these two links to an LACP link without disconnecting myself. Each switch port and port-channel are configured identically. If switch A port 1 is connected to Switch B port 1 and also port 2 to port 2, here's the steps I take.

 

 

 

  1. shut down port 1 on Switch A.
  2. shut down port 1 on switch B. At this point, only one link is active.
  3. add "channel-group 3 mode active" to port 1 on Switch A. then no shut.
  4. add "channel-group 3 mode active" to port 1 on Switch B. then no shut. At this point, we're back to two active links as I would expect. A port channel with a single interface, and a separate interface.
  5. I then shut down port 2 on each switch.
  6. I"channel-group 3 mode active" to port 2 on switch A and B.
  7. No shut port 2 on switch A.

 

At this point, the LACP link goes down and does not come back up unless I no shut port 2 on switch B to complete the redundant connection. It works as a redundant connection, and it works without a redundant connection, but there's no failover. I did a packet capture on the links. Pings are getting to the switch across port 1, and they're TRYING to come back on port 2. I can see that port 2 on switch A is suspended, and yet it is still sending ping replies. The replies don't show up on switch B.

 

If I remove one of the physical connections, the port channel still shows up, but it still doesn't work.

 

I'm not crazy right? Is this a CML thing? Thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions

Thank you for the information. I'm convinced this is a CML issue. You gave me some ideas and I remove the 3rd switch in that triangle, but despite an active link, both switches think they're STP roots, and even setting the priority manually didn't change that. Also, when I completely removed the link to the 3rd switch, it still shows up as a designated port in STP. CML doesn't seem to handle any of that well which is frustrating since I pay for it yearly. Anyway, I'm going to let this topic die and test with some real equipment when I can get my hands on it.

View solution in original post

8 REPLIES 8
MHM Cisco World
Advisor

this lab so I relief to ask some show 

show ether channel summary 

show spanning tree 

please show in both SW

I simplified the language in my question. Here is the configuration from my two switches. Switch A is my core, and switch B is one of my distribution switches. I'm focused on vlan 20. In the output below, my core interface is enabled, and the distribution interface is disabled. Even though one link is actually up on both switches, it still doesn't work. 

 

 
 

LACP.JPG

core#show etherchan sum
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator

M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port

A - formed by Auto LAG


Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
3 Po3(SU) LACP Gi0/1(P) Gi0/3(s)

 

core#show span vlan 20

VLAN0020
Spanning tree enabled protocol rstp
Root ID Priority 32788
Address 5254.0001.bbf3
Cost 4
Port 65 (Port-channel3)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32788 (priority 32768 sys-id-ext 20)
Address 5254.001c.5f45
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p Peer(STP)
Gi0/2 Desg FWD 4 128.3 P2p
Po3 Root FWD 4 128.65 P2p

 

 

-------------

 

Distribution3#show etherchan sum
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator

M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port

A - formed by Auto LAG


Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
3 Po3(SU) LACP Gi0/0(P) Gi0/3(s)

Distribution3#show span vlan 20

VLAN0020
Spanning tree enabled protocol rstp
Root ID Priority 32788
Address 5254.0001.bbf3
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32788 (priority 32768 sys-id-ext 20)
Address 5254.0001.bbf3
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1 Desg FWD 4 128.2 P2p Peer(STP)
Po3 Desg FWD 4 128.65 P2p

...

David Ruess
Enthusiast

OK I tried to recreate the problem in EVE-NG. I wasn't able to. Mine worked with perfect failover. But here is what I would check:

 

When you have the port 1 link in the LACP aggregate and the port 2 outside the link aggregate check spanning-tree to see which port is in Root and which is in BLK state. If the non-LACP link is in root state its the active forwarder for that switch and the LACP port-channel should be blocking. If thats the case when you shut down the other link (Link 2 - not in LACP aggregate) it may take a while for STP to converge and recognize that link as the only forwarder. I assume you tested for a bit since you were running pings and captures. You may see which link STP prefers when you have one in etherchannel and one standalone link. YOu might be able to play with the STP priorities to get it to select the port-channel and then just migrate the other links over since they will be in the DESG/BLK state and not being sued.

 

As far as the pings being sent out one interface and coming back on another it could have to do with which ports are in DESG/FWD/ROOT/BLK state on each switch. As you change the configuration it changes the makeup of the port and could change how traffic flows. Also could be LACP port channel load balancing with the several methods that can be configured. It may be using one load-balance method one way and another on the other side.

 

 

If you are worried about disconnecting yourself try this:

 

On the remote switch configure both ports exactly the same for etherchannel and how you want them. Just before you add them to the channel-group (and lose connectivity) do a 'reload in' command like this: reload in 005. It will ask to confirm and it will reload the switch in 5 minutes so if you lock yourself out it will reload in 5 min and your back to being able to access the device again. But once you add the remote ports to the port channel and lose connection..do the same on your local switch and it "SHOULD" come back up. If it does...log back into the remote switch and cancel the reload command. Just make sure you do it within the 5 minutes.

Thank you for the information. I'm convinced this is a CML issue. You gave me some ideas and I remove the 3rd switch in that triangle, but despite an active link, both switches think they're STP roots, and even setting the priority manually didn't change that. Also, when I completely removed the link to the 3rd switch, it still shows up as a designated port in STP. CML doesn't seem to handle any of that well which is frustrating since I pay for it yearly. Anyway, I'm going to let this topic die and test with some real equipment when I can get my hands on it.

MHM Cisco World
Advisor

SW1 "have two Port G1-SW1 and G2-SW1"
SW2 "have two Port G1-SW2 and G2-SW2"
same Port Number is connect to each other.
1-Show the STP 
check which one is high SW "can be elect all it port as DP" and which Port is BLK
*Assume the SW1 is high priority and G1-SW2 in SW2 is BLK
2-Start from the SW2 shut G1-SW2
go to SW1 shut the G1-SW1 
3-SW1 config the PO with mode passive and priority lower than the G2-SW1/G2-SW2 ""this prevent the PO to be DP-BLK STP status" and add G1-SW1
4-SW2 config the PO with mode active and priority lower than the G2-SW1/G2-SW2 ""this prevent the PO to be DP-BLK STP status" and add G1-SW2
4-SW1 no shut the PO & G1-SW1
5-SW2 no shut the PO & G1-SW2
6- show PO summary it must be give you both Port (P) and PO(SU)
7-SW2 shut the G2-SW2
8-SW1 shut the G2-SW1
9-add the port to PO 
10- SW1 no shut the G2-SW1
11-SW2 no shut the G2-SW2
12-show the PO summary and STP 
PO must show both port (P) PO (SU)
STP PO FWD DP in SW1 
STP PO FWD RP in SW2


Please check this step and try it in LAB.

Thank you for trying, but this is a CML issue. I was using LACP active mode on all links. Also, the switch was showing an active STP forwarding port to a 3rd switch even when there was no cable connected. I don't really want to spend any more time troubleshooting the issue in the lab. 

I know you use LACP active mode but the sequence and other Peer mode effect the PO status.
just want to mention that.
for Root there is one root for STP domain, so if SW1 is disconnect from Root then still SW2 have connect to Root and SW1-SW2 is PO connect.