cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10504
Views
10
Helpful
8
Replies

Port channel VLAN's

jbrit1969
Level 1
Level 1

Hi there,

Just looking at the port-channel config on our 3850 - example below...

I'm just wondering why, on the interfaces that are members of the 1st port channel I see the allowed VLANS, but on the interfaces for the 2nd port channel I do not?  Do I need to add them to the interfaces that are members of the 2nd port channel?

The 2nd port channel is not active but we are planning on using it soon...

interface Port-channel1
description Uplink 1
switchport trunk allowed vlan 1,4,5,12
switchport mode trunk

interface GigabitEthernet1/0/1
description Uplink 1/1
switchport trunk allowed vlan 1,4,5,12
switchport mode trunk
channel-group 1 mode on

interface GigabitEthernet1/0/2
description uplink 1/2
switchport trunk allowed vlan 1,4,5,12
switchport mode trunk
channel-group 1 mode on


interface Port-channel2
description Uplink 2
switchport trunk allowed vlan 1,5
switchport mode trunk

interface GigabitEthernet1/0/13
description Uplink 2/1
switchport mode trunk
channel-group 2 mode on

interface GigabitEthernet1/0/14
description Uplink 2/2
switchport mode trunk
channel-group 2 mode on

8 Replies 8

Jon Marshall
Hall of Fame
Hall of Fame

Actually the second way ie. only using that command on the port channel interface is the way to do it rather than repeat the same command on all interfaces.

The reason being that all members of a port channel need the same configuration so if you add it to just the port channel interface those changes are propagated to all the physical links .

Never used 3850s but I assume they follow the same rule.

Jon

Thanks, so taking this further, in the future if I want to add a VLAN to the 1st port channel I would have to modify the port channel and the member interfaces?

As Jon said, Setting the attributes and changes on the port channel interface would minimize the misconfigurations. I always follow it as a best practice rather than using "interface range" to select the members.

If you do the config manually on members there is a higher chance of port-channel going in to suspended mode due to inconsistency

changes made on the port channel should automatically propagate down to the members ,same applies to 3850s.

But I couldn't replicate your second port-channel config on my lab 3850 it seems like you have manually deleted "switchport trunk allowed vlan 1,5" from the port-channel members

***Please rate all the useful posts***
-Prabath

Good point about the missing lines from the physical ports, I completely overlooked that:)

They should be there even if you just add the command to the port channel.

Jon

That's interesting,

After my initial post I created a port channel on the 3850, I did not add or remove the VLANS on the channel members and this is the result which looks the same as the original port-channel2 in my initial post

interface Port-channel3
description test
switchport trunk allowed vlan 1,5
switchport mode trunk

interface GigabitEthernet1/0/15
description test1
switchport mode trunk
channel-group 3 mode on

interface GigabitEthernet1/0/16
description test2
switchport mode trunk
channel-group 3 mode on

I gave it another go and just realized that it is something simple but didn't notice it as i always practice the other way..

It seems that you have created the logical interface (Port Channel3) first and then go into the Gig interfaces and add them to the members list.I had the same results as you when I do it that way. however if you go back to your logical interface and make a change you'll notice that updated config will be propagated in to the members automatically.

You could try just simply adding "switchport trunk allowed vlan add 7" on to your Po3 as an example.

I usually select the members and add them to the group.This way switch creates the logical interface automatically for me and I go back and make changes on the port channel.

Like this
SW01(config)#interface range gigabitEthernet 5/0/45-46
SW01(config-if-range)#channel-group 3 mode on
Creating a port-channel interface Port-channel 3

SW01(config-if-range)#interface po3
SW01(config-if)#description test1
SW01(config-if)#switchport trunk allowed vlan 1,5
SW01(config-if)#switchport mode trunk


SW01(config-if)#do show run in gi5/0/45
!
interface GigabitEthernet5/0/45
switchport trunk allowed vlan 1,5
switchport mode trunk
channel-group 3 mode on
end

SW01(config-if)#do show run in po3
!
interface Port-channel3
description test1
switchport trunk allowed vlan 1,5
switchport mode trunk
end

Here is the 3850 Etherchannel guide .

Look for the topic "Channel Groups and Port-Channel Interfaces"

***Please rate all the useful posts***
-Prabath

I have tried to create a Port Channel in the way you describe and the output is still the same as in my original post.

Interestingly, I found some documentation from when the 3850's were originally commissioned and found these notes:

! To restrict VLANs, add the following command below.
! Add the command to the interfaces in the following order:
! 1st interface, Port-Channel, 2nd interface.
switchport trunk allowed vlan <list of allowed vlans>
!

This seems to suggest that I do need to configure both port channel and individual channel members.......

No you wouldn't.

As preranda78 says when you add the command to the port channel this should then add the command to the individual member links.

So if you wanted to add a vlan you just add it to the port channel and it will automatically be added to the individual links.

Why your second entry is missing those lines on the physical links is not clear.

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco