cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2199
Views
0
Helpful
6
Replies

Problems with L2 EtherChannel

maxim.alyakin
Level 1
Level 1

Hi all, I need some help to resolve a problem with L2 etherchannel -

when I add VLAN on Portchannel, this VLAN does not appear in config Members of this Po,

so after reboot Portchannel does not work:

"...and will be suspended (vlan mask is different)"

I try to simulate it on test switch in office, but problem does not appear!

Both switch are Catalyst3560G with same IOS.

1. SW in real network segment:

Model revision number           : D0

Motherboard revision number     : B0

Model number                    : WS-C3560G-24TS-S

Top Assembly Revision Number    : B0

Version ID                      : V03

*    1 28    WS-C3560G-24TS     12.2(46)SE            C3560-ADVIPSERVICESK9-M 

ports config.:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

arp timeout 900

end

#sh int po1 | i Mem

  Members in this channel: Gi0/9 Gi0/10 Gi0/11 Gi0/12 Gi0/13 Gi0/14 Gi0/15 Gi0/16

interface GigabitEthernet0/9

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

Add VLAN on Po1:

(config)#int po1

(config-if)#sw tr all vl add 999

View the result:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,999,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

arp timeout 900

end

interface GigabitEthernet0/9

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

Gi0/9 does not has vlan 999 allowed.

Test Switch in office:

Model revision number           : G0

Motherboard revision number     : A0

Model number                    : WS-C3560G-24TS-S

Top Assembly Revision Number    : D0

Version ID                      : V05

*    1 28    WS-C3560G-24TS     12.2(46)SE            C3560-ADVIPSERVICESK9-M 

Ports config., I copy-paste them from SW in real network:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

end

3560G#sh int po1 | i Mem

  Members in this channel: Gi0/1 Gi0/2

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

Add VLAN on Po1:

3560G(config)#int po1

3560G(config-if)#sw tr all vl add 999

3560G(config-if)#^Z

View result:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,999,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

end

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,999,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

So VLAN 999 exist on all Gi members of Portchannel and there are no problem with suspended ports after reboot.

Can anyone explain what Im doing wrong?

This issue often occurs in real network after SW cold-start.

6 Replies 6

I cheched some release notes but see no help there..

in the problem case, the vlan exist in the database, right?

I see no mistake from you side..I will keep you in mind

regards,

Sebastian

Hi Sebastian!

VLAN exist in DB,

#sh vl id 999

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

999  VLAN0999                         active   

(config-if)#sw tr all vl add 999

125-101(config-if)#^Z

125-101#sh vl id 999

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

999  VLAN0999                         active    Po1

glen.grant
VIP Alumni
VIP Alumni

  Make sure the L2 vlan is created , use "show vlan" to check .   Also check to make sure the device is configured exactly the same on the other end of this switch .  I have seen times when you need to take the whole port channel down with a shut on the SVI and then no shut the port channel SVI to sync correctly.   Whats on the other end of this port channel ?

Hi!

As I posted above VLAN is created, does locally configuration on Switch depends on config. of remote end?  (I use transparent VTP mode) In this test in both case other SW is Catalyst4948 and I do not add test VLAN999 on this Portchannel.

I can't shut SVI, trunk configuration changes occur as every customer add in my network.

Thanks for reply!

Nandan Mathure
Level 1
Level 1

Please paste "show vtp status" and "show int trunk" from all concerened switches i.e  output from TEST and as well production environment. Also when u add the vlan to allowed list try shutting the range po with member interfaces and re-enable them together. let me know if that helps.

Hi!

Output from SW in real network:

(output omitted from ports not are in Po)

#sh vtp status

VTP Version                     : running VTP1 (VTP2 capable)

Configuration Revision          : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs        : 10

VTP Operating Mode              : Transparent

VTP Domain Name                 :

VTP Pruning Mode                : Disabled

VTP V2 Mode                     : Disabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0xD7 0x09 0xB4 0xB3 0x40 0x0A 0x1C 0x06

#sh interfaces trunk 

Port        Mode             Encapsulation  Status        Native vlan

Gi0/1       on               802.1q         trunking      1

[...]

Po1         on               802.1q         trunking      1

Port        Vlans allowed on trunk

Po1         622,633,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port        Vlans allowed and active in management domain

Po1         622,633,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port        Vlans in spanning tree forwarding state and not pruned

Po1         622,633,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Output from TEST SW:

3560G#sh vtp status

VTP Version                     : running VTP1 (VTP2 capable)

Configuration Revision          : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs        : 29

VTP Operating Mode              : Transparent

VTP Domain Name                 :

VTP Pruning Mode                : Disabled

VTP V2 Mode                     : Disabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0xDC 0x43 0xC5 0xF0 0x6A 0x58 0x02 0x78

3560G#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan

Po1         on               802.1q         trunking      1

Port        Vlans allowed on trunk

Po1         622,633,888,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port        Vlans allowed and active in management domain

Po1         622,633,888,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port        Vlans in spanning tree forwarding state and not pruned

Po1         622,633,888,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Review Cisco Networking for a $25 gift card