02-25-2016 01:28 PM - edited 03-08-2019 04:44 AM
Hi there,
Just looking at the port-channel config on our 3850 - example below...
I'm just wondering why, on the interfaces that are members of the 1st port channel I see the allowed VLANS, but on the interfaces for the 2nd port channel I do not? Do I need to add them to the interfaces that are members of the 2nd port channel?
The 2nd port channel is not active but we are planning on using it soon...
interface Port-channel1
description Uplink 1
switchport trunk allowed vlan 1,4,5,12
switchport mode trunk
interface GigabitEthernet1/0/1
description Uplink 1/1
switchport trunk allowed vlan 1,4,5,12
switchport mode trunk
channel-group 1 mode on
interface GigabitEthernet1/0/2
description uplink 1/2
switchport trunk allowed vlan 1,4,5,12
switchport mode trunk
channel-group 1 mode on
interface Port-channel2
description Uplink 2
switchport trunk allowed vlan 1,5
switchport mode trunk
interface GigabitEthernet1/0/13
description Uplink 2/1
switchport mode trunk
channel-group 2 mode on
interface GigabitEthernet1/0/14
description Uplink 2/2
switchport mode trunk
channel-group 2 mode on
02-25-2016 01:46 PM
Actually the second way ie. only using that command on the port channel interface is the way to do it rather than repeat the same command on all interfaces.
The reason being that all members of a port channel need the same configuration so if you add it to just the port channel interface those changes are propagated to all the physical links .
Never used 3850s but I assume they follow the same rule.
Jon
02-25-2016 01:54 PM
Thanks, so taking this further, in the future if I want to add a VLAN to the 1st port channel I would have to modify the port channel and the member interfaces?
02-25-2016 04:36 PM
As Jon said, Setting the attributes and changes on the port channel interface would minimize the misconfigurations. I always follow it as a best practice rather than using "interface range" to select the members.
If you do the config manually on members there is a higher chance of port-channel going in to suspended mode due to inconsistency
changes made on the port channel should automatically propagate down to the members ,same applies to 3850s.
But I couldn't replicate your second port-channel config on my lab 3850 it seems like you have manually deleted "switchport trunk allowed vlan 1,5" from the port-channel members
02-25-2016 05:46 PM
Good point about the missing lines from the physical ports, I completely overlooked that:)
They should be there even if you just add the command to the port channel.
Jon
02-25-2016 06:07 PM
That's interesting,
After my initial post I created a port channel on the 3850, I did not add or remove the VLANS on the channel members and this is the result which looks the same as the original port-channel2 in my initial post
interface Port-channel3
description test
switchport trunk allowed vlan 1,5
switchport mode trunk
interface GigabitEthernet1/0/15
description test1
switchport mode trunk
channel-group 3 mode on
interface GigabitEthernet1/0/16
description test2
switchport mode trunk
channel-group 3 mode on
02-26-2016 03:21 AM
I gave it another go and just realized that it is something simple but didn't notice it as i always practice the other way..
It seems that you have created the logical interface (Port Channel3) first and then go into the Gig interfaces and add them to the members list.I had the same results as you when I do it that way. however if you go back to your logical interface and make a change you'll notice that updated config will be propagated in to the members automatically.
You could try just simply adding "switchport trunk allowed vlan add 7" on to your Po3 as an example.
I usually select the members and add them to the group.This way switch creates the logical interface automatically for me and I go back and make changes on the port channel.
Like this
SW01(config)#interface range gigabitEthernet 5/0/45-46
SW01(config-if-range)#channel-group 3 mode on
Creating a port-channel interface Port-channel 3
SW01(config-if-range)#interface po3
SW01(config-if)#description test1
SW01(config-if)#switchport trunk allowed vlan 1,5
SW01(config-if)#switchport mode trunk
SW01(config-if)#do show run in gi5/0/45
!
interface GigabitEthernet5/0/45
switchport trunk allowed vlan 1,5
switchport mode trunk
channel-group 3 mode on
end
SW01(config-if)#do show run in po3
!
interface Port-channel3
description test1
switchport trunk allowed vlan 1,5
switchport mode trunk
end
Here is the 3850 Etherchannel guide .
Look for the topic "Channel Groups and Port-Channel Interfaces"
02-29-2016 08:38 AM
I have tried to create a Port Channel in the way you describe and the output is still the same as in my original post.
Interestingly, I found some documentation from when the 3850's were originally commissioned and found these notes:
! To restrict VLANs, add the following command below.
! Add the command to the interfaces in the following order:
! 1st interface, Port-Channel, 2nd interface.
switchport trunk allowed vlan <list of allowed vlans>
!
This seems to suggest that I do need to configure both port channel and individual channel members.......
02-25-2016 05:49 PM
No you wouldn't.
As preranda78 says when you add the command to the port channel this should then add the command to the individual member links.
So if you wanted to add a vlan you just add it to the port channel and it will automatically be added to the individual links.
Why your second entry is missing those lines on the physical links is not clear.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide