Problems with L2 EtherChannel

maxim.alyakin · ‎04-11-2012

Hi all, I need some help to resolve a problem with L2 etherchannel -

when I add VLAN on Portchannel, this VLAN does not appear in config Members of this Po,

so after reboot Portchannel does not work:

"...and will be suspended (vlan mask is different)"

I try to simulate it on test switch in office, but problem does not appear!

Both switch are Catalyst3560G with same IOS.

1. SW in real network segment:

Model revision number : D0

Motherboard revision number : B0

Model number : WS-C3560G-24TS-S

Top Assembly Revision Number : B0

Version ID : V03

* 1 28 WS-C3560G-24TS 12.2(46)SE C3560-ADVIPSERVICESK9-M

ports config.:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

arp timeout 900

end

#sh int po1 | i Mem

Members in this channel: Gi0/9 Gi0/10 Gi0/11 Gi0/12 Gi0/13 Gi0/14 Gi0/15 Gi0/16

interface GigabitEthernet0/9

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

Add VLAN on Po1:

(config)#int po1

(config-if)#sw tr all vl add 999

View the result:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,999,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

arp timeout 900

end

interface GigabitEthernet0/9

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

Gi0/9 does not has vlan 999 allowed.

Test Switch in office:

Model revision number : G0

Motherboard revision number : A0

Model number : WS-C3560G-24TS-S

Top Assembly Revision Number : D0

Version ID : V05

* 1 28 WS-C3560G-24TS 12.2(46)SE C3560-ADVIPSERVICESK9-M

Ports config., I copy-paste them from SW in real network:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

end

3560G#sh int po1 | i Mem

Members in this channel: Gi0/1 Gi0/2

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

Add VLAN on Po1:

3560G(config)#int po1

3560G(config-if)#sw tr all vl add 999

3560G(config-if)#^Z

View result:

interface Port-channel1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,999,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

end

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 622,633,999,1010,2002-2032,2036,2038,2040-2044

switchport trunk allowed vlan add 2046-2058,2060,2061,2063-2200,2202-2232,2235

switchport trunk allowed vlan add 2236,2238,2240-2244,2246-2258,2260-2400,3502

switchport trunk allowed vlan add 3504,4040

switchport mode trunk

ip access-group 2009 in

mls qos trust dscp

arp timeout 900

channel-group 1 mode active

end

So VLAN 999 exist on all Gi members of Portchannel and there are no problem with suspended ports after reboot.

Can anyone explain what Im doing wrong?

This issue often occurs in real network after SW cold-start.

Sebastian Helmer · ‎04-12-2012

I cheched some release notes but see no help there..

in the problem case, the vlan exist in the database, right?

I see no mistake from you side..I will keep you in mind

regards,

Sebastian

maxim.alyakin · ‎04-12-2012

Hi Sebastian!

VLAN exist in DB,

#sh vl id 999

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

999 VLAN0999 active

(config-if)#sw tr all vl add 999

125-101(config-if)#^Z

125-101#sh vl id 999

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

999 VLAN0999 active Po1

glen.grant · ‎04-12-2012

Make sure the L2 vlan is created , use "show vlan" to check . Also check to make sure the device is configured exactly the same on the other end of this switch . I have seen times when you need to take the whole port channel down with a shut on the SVI and then no shut the port channel SVI to sync correctly. Whats on the other end of this port channel ?

maxim.alyakin · ‎04-12-2012

Hi!

As I posted above VLAN is created, does locally configuration on Switch depends on config. of remote end? (I use transparent VTP mode) In this test in both case other SW is Catalyst4948 and I do not add test VLAN999 on this Portchannel.

I can't shut SVI, trunk configuration changes occur as every customer add in my network.

Thanks for reply!

Nandan Mathure · ‎04-12-2012

Please paste "show vtp status" and "show int trunk" from all concerened switches i.e output from TEST and as well production environment. Also when u add the vlan to allowed list try shutting the range po with member interfaces and re-enable them together. let me know if that helps.

maxim.alyakin · ‎04-12-2012

Hi!

Output from SW in real network:

(output omitted from ports not are in Po)

#sh vtp status

VTP Version : running VTP1 (VTP2 capable)

Configuration Revision : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs : 10

VTP Operating Mode : Transparent

VTP Domain Name :

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xD7 0x09 0xB4 0xB3 0x40 0x0A 0x1C 0x06

#sh interfaces trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 1

[...]

Po1 on 802.1q trunking 1

Port Vlans allowed on trunk

Po1 622,633,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port Vlans allowed and active in management domain

Po1 622,633,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port Vlans in spanning tree forwarding state and not pruned

Po1 622,633,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Output from TEST SW:

3560G#sh vtp status

VTP Version : running VTP1 (VTP2 capable)

Configuration Revision : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs : 29

VTP Operating Mode : Transparent

VTP Domain Name :

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xDC 0x43 0xC5 0xF0 0x6A 0x58 0x02 0x78

3560G#sh int trunk

Port Mode Encapsulation Status Native vlan

Po1 on 802.1q trunking 1

Port Vlans allowed on trunk

Po1 622,633,888,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port Vlans allowed and active in management domain

Po1 622,633,888,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040

Port Vlans in spanning tree forwarding state and not pruned

Po1 622,633,888,999,1010,2002-2032,2036,2038,2040-2044,2046-2058,2060-2061,2063-2200,2202-2232,2235-2236,2238,2240-2244,2246-2258,2260-2400,3502,3504,4040