cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
268
Views
0
Helpful
6
Replies
IBE
Beginner
Beginner

LACP etherchannel without spanning tree

Hello,

Can I create an LACP etherchannel between two cisco stack.

I have disbaled spanning tree on my VLANs "no spanning-tree vlan xxxxxxxx" (mode pvst enabled)

Thanks

6 REPLIES 6
Peter Paluch
Hall of Fame Cisco Employee

Hello IBE,

Your question has multiple aspects.

Whether you can create a LACP EtherChannel without STP - yes, absolutely. An EtherChannel is a technology independent of STP. Whether static or LACP, an EtherChannel does not care about STP.

Whether you can create an LACP EtherChannel between two switch stacks without STP - only if there is no other switched path between them except this direct EtherChannel. This is not a matter of EtherChannels at all. What matters is whether you have only a single switched path between the two stacks. If yes - regardless of whether it is a single port or an EtherChannel - you're safe. If not, meaning if you have two or more switched paths between the switch stacks even with the EtherChannel, then you absolutely need to run STP.

This brings me to the third aspect. Deactivating STP is a very dangerous thing to do and unless you 100% know what you are doing (in which case you probably would not be asking here - no offense please!), switching off STP will cause a disaster sooner or later. Even if your network is perfectly engineered now to not need STP, what about simple human mistakes when connecting cables, adding new access switches, or simply leaving ports in rooms unattended? Your design may not need the STP but your safety still benefits from it.

Therefore, if you really don't have an absolute killer reason to deactivate STP, don't risk it.

Best regards,
Peter

 

Thanks Peter for your reply.

I disactivated spanning tree after an issue (PO to blade system was up down).

Between the 2 stacks , I have just this PO to mount : actually it is configured as follow 

interface GigabitEthernet1/0/1 and GigabitEthernet2/0/1 
description "vers stack pair1"
switchport trunk encapsulation dot1q
switchport trunk native 
switchport trunk allowed vlan X
switchport mode trunk
shutdown (on the Ge2/0/1)
channel-group 1 mode on
!

interface Port-channel1
description "Vers stack2
switchport trunk encapsulation dot1q
switchport trunk native vlan X
switchport trunk allowed vlan x
switchport mode trunk
!

=> I disblaed the interface Ge2/0/1as it was going up down and now I would like to reactivate it with LACP config 

Giuseppe Larosa
Hall of Fame Master

Hello @IBE ,

using LACP is recommended using channel-group 1 on is really dangeruos, there is no check on the idenitity of the peer and on the fact the link is a member of the intended group. Avoid channel-group mode on as much as possible.

 

Remove channel-groups command in member links, delete interface port-channel 1 and the use a free unused humber like 2 or 4

 

with mode active.

 

You may want to start with both member links in shutdown and to use an interface range to unshut them after having applied the comand

channel-group 4 mode active

 

>> I have disbaled spanning tree on my VLANs "no spanning-tree vlan xxxxxxxx" (mode pvst enabled)

 

This is even much more dangerous then using mode on on port-channels !!!!!!

 

>> I disactivated spanning tree after an issue (PO to blade system was up down).

 

No, you could use spanning-tree bpufilter on the PO without the need to disable STP on all VLANs on all ports.

Be aware that within the blade server there can be a LAN switch so you should investigate on why the portchannel was going down with STP enabled.

 

In this moment if someone closes with one cable two access ports between them you get a loop that can turn down the whole network!

 

For your safety you should enable again STP for all VLANs  ASAP , for the affected PO to the blade server use spanning-tree bpdufilter enable in interface mode.

 

Hope to help

Giuseppe

 

 

 

 

 

thank you, I will proceed with config change.

I guess same recommndation will aply to etherchannel between one of my stack and a VSS 4500

 

Peter Paluch
Hall of Fame Cisco Employee

Hello @IBE ,

 

I disactivated spanning tree after an issue (PO to blade system was up down).

That's not a good approach. You have disabled the STP for the whole switch just because one port-channel to a blade system was misbehaving. In essence, instead of resolving the real problem with STP, you have just closed your eyes and pretended that the problem is not there. But it is still there, you just aren't made aware of it. Especially with STP, this can backfire.

I would personally recommend reenabling STP on all switches where you disabled it, and sharing the details of the problem on that port-channel toward the blades. If there are any logging messages produced, or any outputs from STP you can share that show what is going on with the port-channel for the blades, that would help. But disabling STP here completely is truly setting yourself up for a major problem.

As for the configuration that you shared, it looks good - just if you can use channel-group xxx mode active instead of on, then, as @Giuseppe Larosa mentioned, it would be far better since LACP protects you against many possible misconfigurations between the link partners that could cause trouble.

Best regards,
Peter

Thanks Peter, it was a quick workaround as prod context.

An old config that I found , so now I norming the config now