Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
19640
Views
5
Helpful
5
Replies

Switchport trunk allowed vlan / Switchport trunk allowed vlan add problems on Nexus 7k port-channels

BFraz1119
Level 1
Level 1

‎10-06-2015 12:25 PM - edited ‎03-08-2019 02:05 AM

Hello All, 

     Today my team was tasked with adding a vlan to a few of the trunks/port channels that lead from our 7ks to our 5ks.   Below is an example of the changes we made and the outcome we received.  

The 7k had a port-channel configured very similarly to the config below: 

 

interface port-channel99
 description TEST PrtChnl99
 switchport
 switchport mode trunk
 swithchport trunk allowed vlan 31,55,100,113-115,171-172,208-209,212-216

 switchport trunk allowed vlan add 1210-1214
!
interface Ethernet3/5
 description to TEMP NOTHING
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 31,55,100,113-115,171-172,208-209,212-216

  switchport trunk allowed vlan add 1210-1214
  channel-group 30 mode active
  no shutdown
!
interface Ethernet3/6
 description to TEMP NOTHING
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 31,55,100,113-115,171-172,208-209,212-216

  switchport trunk allowed vlan add 1210-1214
  channel-group 30 mode active
  no shutdown

 

 

Our changes were written out as follows:

*******************

conf t

interface port-channel99

switchport trunk allowed vlan 31,55,100,112-115,171-172,208-209,212-216

end

*****************

 

Our resulting config looked like this: 

********************

interface port-channel99
 description TEST PrtChnl99
 switchport
 switchport mode trunk
 swithchport trunk allowed vlan 31,55,100,112-115,171-172,208-209,212-216

!
interface Ethernet3/5
 description to TEMP NOTHING
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 31,55,100,112-115,171-172,208-209,212-216
  channel-group 30 mode active
  no shutdown
!
interface Ethernet3/6
 description to TEMP NOTHING
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 31,55,100,113-115,171-172,208-209,212-216
  channel-group 30 mode active
  no shutdown

*******************************

While the switch port accepted us adding vlan112 to the allowed vlans list it erased the switchport trunk allowed vlan add commands!!  Does anyone have any information regarding why this happened?   We had very similar changes on our 5ks and it did not result in us losing the switchport trunk allowed vlans add command.  

 

If there is any other information you need from me please let me know and I will do my best to provide it to you.  

 

Regards,

BFrazier

 

Labels:
0 Helpful
5 Replies 5

Rajeshkumar Gatti
Cisco Employee
Cisco Employee

‎10-06-2015 12:54 PM

Hi,

My understanding is that when you use the "switchport trunk allowed vlan xx" command it only allows and installs what is mentioned in the list. Incremental vlan addition should be done with the "switchport trunk allowed vlan add xx" command.  What code is running on your 7k and your 5k. I can try it in my lab and see compare the results.

-Raj

 

 

0 Helpful

BFraz1119
Level 1
Level 1
In response to Rajeshkumar Gatti

‎10-08-2015 08:18 AM

Hello Rajeshkumar, 

     Here is the software and hardware info from a show version on my 7k:

Software
  BIOS:      version 3.22.0
  kickstart: version 5.2(3a)
  system:    version 5.2(3a)
  BIOS compile time:       02/20/10
  kickstart image file is: bootflash:///n7000-s1-kickstart.5.2.3a.bin
  kickstart compile time:  12/25/2020 12:00:00 [12/15/2011 22:04:59]
  system image file is:    bootflash:///n7000-s1-dk9.5.2.3a.bin
  system compile time:     12/15/2011 12:00:00 [12/15/2011 23:15:48]


Hardware
  cisco Nexus7000 C7010 (10 Slot) Chassis ("Supervisor module-1X")
  Intel(R) Xeon(R) CPU         with 8260924 kB of memory.
  Processor Board ID JAF1416DAAJ

  Device name: Nexus-7k
  bootflash:    2000880 kB
  slot0:        2044854 kB (expansion flash)

 

 Here is the software and hardware info from a show version on my 5k:

 

Software
  BIOS:      version 3.6.0
  loader:    version N/A
  kickstart: version 5.2(1)N1(3)
  system:    version 5.2(1)N1(3)
  power-seq: Module 1: version v1.0
             Module 3: version v2.0
  uC:        version v1.2.0.1
  SFP uC:    Module 1: v1.0.0.0
  BIOS compile time:       05/09/2012
  kickstart image file is: bootflash:///n5000-uk9-kickstart.5.2.1.N1.3.bin
  kickstart compile time:  12/4/2012 1:00:00 [12/04/2012 04:53:21]
  system image file is:    bootflash:///n5000-uk9.5.2.1.N1.3.bin
  system compile time:     12/4/2012 1:00:00 [12/04/2012 06:40:13]


Hardware
  cisco Nexus5548 Chassis ("O2 32X10GE/Modular Universal Platform Supervisor")
  Intel(R) Xeon(R) CPU         with 8263848 kB of memory.
  Processor Board ID FOC15355ULY

  Device name: Nexus-5K
  bootflash:    2007040 kB

 

 

Thanks for your help.  Also I was wondering if there was a maximum threshhold to the number of Vlans allowable in one switchport trunk alllowed vlan  command.  

 

Let me know if you need anymore information.  

 

Regards,

BFrazier

0 Helpful

charles crosland
Level 1
Level 1
In response to BFraz1119

‎10-08-2015 12:32 PM

There is no maximum threshold.

When adding extra vlans to a port-channel or a trunk port the additional vlans should be added by using the command 'switchport trunk allow vlan add xx,xx' where xx is the additional vlan number you want to allow. This will update the list of vlans in the vlans listed in the running config.

port-channel's should only be updated on the port-channel interface its self and never on the individual member ports. Configuring a member port can cause it to go out of sync with the port-channel and then be unbundled.

I presume the odd result you had was due to copy and pasting both the 'switchport trunk allow vlan x x x' and 'switchport trunk allow vlan add x x x'

It is possible the delay in processing both these commands together caused the CLI temporarily lockup and miss some of the didigts in the vlan numbers in the 'switchport trunk allow vlan add x x x' command.

0 Helpful

Rajeshkumar Gatti
Cisco Employee
Cisco Employee
In response to charles crosland

‎10-12-2015 07:22 AM

Hi BFrazier,

When the "switchport trunk allowed vlan" config added and if the lenght of the command exceeds a certain number of characters the system will program the entry into separate lines tagged with the below command "switchport trunk allowed vlan add". It does NOT mean that this new line is independent and will not be affected when you made the change to the original line.

Here is an example on how I can demonstrate it-

Say we have e1/47 with 2 vlans allowed
interface Ethernet1/47
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 10,20
  mtu 9216
  no shutdown

I add a bunch of vlans on top of it. I add it such that vlans canot be combined together.

configure terminal
interface Ethernet1/47
switchport trunk allowed vlan 10, 20, 2020, 2022, 2024, 2028, 2030, 2032, 2034, 2036, 2038, 2040, 2042, 2044, 2048, 2050, 2052, 2054, 2056, 2058

We have extra lines (>>) in the config. This was generated by the system.
interface Ethernet1/47
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 10,20,2020,2022,2024,2028,2030,2032
  switchport trunk allowed vlan add 2034,2036,2038,2040,2042,2044,2048 >>
  switchport trunk allowed vlan add 2050,2052,2054,2056,2058,2060,2062 >>
  switchport trunk allowed vlan add 2064 >>
  mtu 9216
  no shutdown

Now I add one more vlan 2033 with the assumption that I only want to touch the first line. This is how you approached it.

N7K-7010.66(config-if)#     int e1/47
N7K-7010.66(config-if)# switchport trunk allowed vlan 10,20,2020,2022,2024,2028,2030,2032,2033

The system implemented it from a single command perspective and deleted all the otehr vlans. This is expected.
interface Ethernet1/47
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 10,20,2020,2022,2024,2028,2030,2032-2033
  mtu 9216
  no shutdown  


Hope this helps.

-Raj  

 

glen.grant
VIP Alumni
VIP Alumni

‎10-08-2015 10:47 AM

   I'm a little confused here ,  the top entry you are using port-channel 99   yet on the interfaces you are using port-channel 30 .  Normally you should only have to change them on the "interface port-channel to propagate to the interfaces.  Why you have 2 different port-channels , 99 on the port-channel SVI  and 30 on the interfaces themselves  I really don't understand.  This next statement may have something to do with your situation.

NOTE:  You can group trunk ports into port-channel groups, but all trunks in the group must have the same configuration. When a group is first created, all ports follow the parameters set for the first port to be added to the group. If you change the configuration of one of these parameters, the device propagates that setting to all ports in the group, such as the allowed VLANs and the trunk status. For example, if one port in a port group ceases to be a trunk, all ports cease to be trunks.

0 Helpful
Customers Also Viewed These Support Documents