- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:18 PM - edited 03-06-2019 11:14 AM
I need to setup VLANs, VTP, and EtherChannels. I have 2 3560G-24 port switches. Is there a particular order that I need to configure these features? For example, should I setup the EtherChannel first (which will be used as a trunk between the two switches) and then setup the VTP domain and then the VLAN or does it really matter what I setup first? Based on what I am reading, (having not done this is a while), if I establish the EtherChannel on switch 1, the config should automatically transfer to switch 2 because the ports will autonegotiate and recognize that an EtherChannel has been established. Is this correct?
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:28 PM
Hello James,
you need a working L2 trunk between the two switches in order to have VTP messaged to flow from server(s) to client(s)
if you have little experience I would suggest a divide and conquer approach:
first I would setup a L2 trunk between the two switches
then you configure both for VTP one as server and one as client (or server to be noted)
you create all the vlans you need
you check correct propagation of vlans on second switch with
sh vtp status
sh vlan
STP woth
sh spanning-tree summary
later you can use other two links to configure an etherchannel between the two
the end result should be that the etherchannel bundle is preferred by STP for all vlans and the first link used is blocked on one side for each vlan
the advantage is that you don't put all together but you build on previous steps
Hope to help
Giuseppe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:23 PM
James,
If you need to configure VLANs, VTP and EtherChannels, I would suggest this order.
1. Configure VTP
2. Configure all the VLANs on the VTP server so they will propagate to all switches
3. Configure the EtherChannels
Keep in mind:
You can have one or more VTP servers (for redundancy) and all will synchronize to the switch with the highest revision number.
Configure a VTP password for security and to avoid accidental synchronizations.
All VLANs will be propagated to all switches, but you still need to log into the other switches to assign the correct ports to the correct VLANs.
The EtherChannel can be configured statically or using LACP or PAgP.
Hope to help.
Federico.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:28 PM
Hello James,
you need a working L2 trunk between the two switches in order to have VTP messaged to flow from server(s) to client(s)
if you have little experience I would suggest a divide and conquer approach:
first I would setup a L2 trunk between the two switches
then you configure both for VTP one as server and one as client (or server to be noted)
you create all the vlans you need
you check correct propagation of vlans on second switch with
sh vtp status
sh vlan
STP woth
sh spanning-tree summary
later you can use other two links to configure an etherchannel between the two
the end result should be that the etherchannel bundle is preferred by STP for all vlans and the first link used is blocked on one side for each vlan
the advantage is that you don't put all together but you build on previous steps
Hope to help
Giuseppe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:32 PM
OK, I think it would make sense then to just configure the EtherChannel first to establish the trunk.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:39 PM
giuslar,
Just for my learning, do you see something not correct from my suggestion?
Thank you,
Federico.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:03 PM
Hello Federico,
nothing wrong in what you have written, probably is better to configure VTP first, many times our answers don't get the right remarks
personally I prefer to build step by step, so I would add the etherchannel later for example to see STP in action and so on.
I've assumed that original poster hasn't great experience, so I've suggested a step by step path as a way to learn about different aspects.
I may have misunderstood totally original poster and he might be looking for an optimized procedure.
Hope to help
Giuseppe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:46 PM
vegas5882010 wrote:
OK, I think it would make sense then to just configure the EtherChannel first to establish the trunk.
James
Just to clarify. As Giuseppe says create a trunk first because without this your vlans won't propogate. Only after creating the trunk and ensuring that all vlans are present on both switches should you move onto the etherchannel.
Federico - nothing wrong with your instructions as far as i can see except i think Giuseppe just wanted to emphasise that without a trunk VTP etc. doesn't work.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 12:50 PM
OK, that makes sense. I wil create a trunk between the switches and go from there. Although, I know how to create EtherChannels so creating a separate trunk may not be a helpful step. But, will consider it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:15 PM
So this is the trunk configuration using port 24 on each switch.
ISCSI1#sh int gigabitethernet0/24
GigabitEthernet0/24 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 1c17.d325.d918 (bia 1c17.d325.d918)
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:28, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
134 packets input, 21926 bytes, 0 no buffer
Received 65 broadcasts (63 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 63 multicast, 0 pause input
0 input packets with dribble condition detected
476 packets output, 51854 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
ISCSI1#show run int gigabitethernet0/24
Building configuration...
Current configuration : 108 bytes
!
interface GigabitEthernet0/24
switchport trunk encapsulation isl
switchport mode dynamic desirable
end
ISCSI1#
Make sense so far? How do I know that the trunk is actually working? I have configured nothing else so far. Although I need to change the MTU for the switch because it is being used solely for iSCSI and the recommendation is for MTU of 9014.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:20 PM
James,
This is a personal comment.
I prefer to configure the EtherChannel manually instead of relying on LACP or PAgP.
To do this:
interface GigabitEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
On both sides.
Also, ISL is not used anymore, you may want to use 802.1q instead.
To check the trunk, do ''sh interface trunk''
Federico.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:27 PM
Federico
I prefer to configure the EtherChannel manually instead of relying on LACP or PAgP.
I think you mean configure the trunk as on rather than use DTP ? I agree, i would configure the trunk on as well as DTP simply adds to the time taken to bring things up. Of course to turn off DTP you also need to add "switchport nonegotiate" to the interface configuration.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:30 PM
SCSI2#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/24 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/24 1-4094
Port Vlans allowed and active in management domain
Gi0/24 1
Port Vlans in spanning tree forwarding state and not pruned
Gi0/24 1
ISCSI2#
this is switch two.
What should the mode be? I chose dynamic desirable, but is that correct?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:33 PM
I am getting a MD5 checksum mismatch?
ISCSI2#sh vtp status
VTP Version capable : 1 to 3
VTP version running : 1
VTP Domain Name : iscsi_hchb
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 1c17.d325.df80
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Feature VLAN:
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 0
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
0x56 0x9D 0x4A 0x3E 0xA5 0x69 0x35 0xBC
*** MD5 digest checksum mismatch on trunk: Gi0/24 ***
ISCSI2#
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:35 PM
James,
I think that an MD5 mismatch relates to a problem with the VTP password.
Have you configured the same VTP password on all server/clients?
Also, the trunk should be on on both sides to avoid using DTP as jon said.
Set the trunk to on on both sides with the command: switchport mode trunk
Federico.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2010 01:38 PM
Hello James,
>> *** MD5 digest checksum mismatch on trunk: Gi0/24 ***
yes you have a mismatch, copy from configuration of first device to configuration of the second it is easy to make a small error
be also aware that after changes to MD5 password it make take some time to synchronize.
again, MD5 could be added later to VTP configuration I recommend to go step by step.
note:
when using DTP if the two switches think of being part of different VTP domains they will not form a functioning trunk.
Hope to help
Giuseppe
