03-27-2012 09:26 AM - edited 11-18-2020 02:58 AM
Cisco controllers that support channeling actually use a simplified version of channeling referred to as "LAG", Link Aggregation.
LAG on the following WLC platforms requires that the switch connected to the other end of the channel be configured for source/destination ip (src-dst-ip) etherchannel load balancing:
4400 Series
WiSM1
3750G
WiSM2
http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mint.html
"The recommended load-balancing method for Catalyst switches is src-dest-ip (CLI command: port-channel load-balance src_dest_ip)."
LAG on 5508 and 2504 (2504 LAG Support introduced in 7.4 code) WLC's does not require src-dst-ip. Any load balacing method will work.
With 6500's running in pfc3 mode, the channel load balance method is 'src-dst-ip enhanced' or 'src-dst-ip vlan included' by default, which will often cause packet forwarding problems with WiSM controllers (referenced in the link above).
6500's pfc mode can be verified with this command:
6500#show platform hardware pfc mode
PFC operating mode : PFC3A
The ability to revert to 'src-dst-ip' only was not originally in 6500 code.
This was added as an enhancement in 12.2(33)SXH6 and 12.2(33)SXI3 as documented in the following enhancement bug:
Once running this code, the correct port channel load balancing can be enabled with the following configuration:
Config t
port-channel load-balance src-dst-ip exclude vlan
6500 VSS pairs will most likely be operating in pfc3 mode, as pfc3's are required for VSS support.
Assuming that the channel load balancing algorithm is correct, WLC's should be able to form Lag etherchannels with ports connected to both VSS physical switches, as the VSS is one 'logical' switch.
I am having problems configuring this with our newly-acquired WLC which we have connected to
our 6500 VSS running 12.2(33)SXI9.
When I try to configure the port-channel load-balance on the running system as described I am not
able to use the exclude vlan option. Have I missed something?
Hi John,
I just loaded this code on a 6500 and it works as expected. Can you provide some outputs?
Here are outputs from my lab verification:
VSS#sho ver
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISE_WAN-M), Version 12.2(33)SXI9, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Fri 24-Feb-12 21:38 by prod_rel_team
ROM: System Bootstrap, Version 12.2(17r)SX5, RELEASE SOFTWARE (fc1)
VSS uptime is 5 minutes
Uptime for this control processor is 8 minutes
Time since VSS switched to active is 4 minutes
System returned to ROM by reload at 13:04:57 UTC Fri Aug 31 2012 (SP by reload)
System image file is "sup-bootdisk:s72033-adventerprise_wan-mz.122-33.SXI9.bin"
Last reload reason: Unknown reason
cisco WS-C6509 (R7000) processor (revision 3.0) with 983008K/65536K bytes of memory.
Processor board ID TSC0716009Y
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from s/w reset
3 Virtual Ethernet interfaces
102 Gigabit Ethernet interfaces
VSS#show platform hardware pfc mode
PFC operating mode : PFC3C
Configured PFC operating mode : None
VSS#show mod
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G SAL1207G25F
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
5 0019.e8bb.0874 to 0019.e8bb.087b 2.0 8.5(2) 12.2(33)SXI9 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
5 Policy Feature Card 3 VS-F6K-PFC3C SAL1205ER2Y 1.0 Ok
5 MSFC3 Daughterboard VS-F6K-MSFC3 SAL1205F0CM 1.0 Ok
Mod Online Diag Status
---- -------------------
5 Pass
VSS#sho etherc load
EtherChannel Load-Balancing Configuration:
src-dst-ip vlan included
mpls label-ip
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source XOR Destination MAC address
IPv4: Source XOR Destination IP address
IPv6: Source XOR Destination IP address
MPLS: Label or IP
VSS#conf
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
VSS(config)#port-channel load-balance ?
dst-ip Dst IP Addr
dst-mac Dst Mac Addr
dst-mixed-ip-port Dst IP Addr and TCP/UDP Port
dst-port Dst TCP/UDP Port
mpls Load Balancing for MPLS packets
src-dst-ip Src XOR Dst IP Addr
src-dst-mac Src XOR Dst Mac Addr
src-dst-mixed-ip-port Src XOR Dst IP Addr and TCP/UDP Port
src-dst-port Src XOR Dst TCP/UDP Port
src-ip Src IP Addr
src-mac Src Mac Addr
src-mixed-ip-port Src IP Addr and TCP/UDP Port
src-port Src TCP/UDP Port
VSS(config)#port-channel load-balance src-dst-ip ?
exclude Exclusion parameters
<cr>
VSS(config)#port-channel load-balance src-dst-ip exclude ?
vlan Exclude vlan
VSS(config)#port-channel load-balance src-dst-ip exclude vlan
VSS(config)#end
VSS#show etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-dst-ip
mpls label-ip
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source XOR Destination MAC address
IPv4: Source XOR Destination IP address
IPv6: Source XOR Destination IP address
MPLS: Label or IP
VSS#
Hello Jeffrey Many thanks for the response. Here is the similar output in my case. Any idea what I am missing? Regards, John. TLABSFVSSA#show ver Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICESK9_WAN-M), Version 12.2(33)SXI9, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2012 by Cisco Systems, Inc. Compiled Fri 24-Feb-12 21:38 by prod_rel_team ROM: System Bootstrap, Version 12.2(17r)SX6, RELEASE SOFTWARE (fc1) TLABSFVSSA uptime is 40 weeks, 2 days, 4 hours, 47 minutes Uptime for this control processor is 4 weeks, 1 day, 23 hours, 30 minutes Time since TLABSFVSSA switched to active is 4 weeks, 1 day, 23 hours, 18 minutes System returned to ROM by Stateful Switchover at 17:08:47 SAST Wed Aug 1 2012 (SP by Admin requested switchover during ISSU) System restarted at 17:12:19 SAST Wed Aug 1 2012 System image file is "sup-bootdisk:s72033-ipservicesk9_wan-mz.122-33.SXI9.bin" Last reload reason: Reason unspecified cisco WS-C6506-E (R7000) processor (revision 1.2) with 983008K/65536K bytes of memory. Processor board ID SAL1412DQ3E SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache Last reset from s/w reset 8 Virtual Ethernet interfaces 150 Gigabit Ethernet interfaces 36 Ten Gigabit Ethernet interfaces 1917K bytes of non-volatile configuration memory. 8192K bytes of packet buffer memory. 65536K bytes of Flash internal SIMM (Sector size 512K). Configuration register is 0x2102 TLABSFVSSA#show platform hard pfc mode PFC operating mode : PFC3C Configured PFC operating mode : None TLABSFVSSA#show mod Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 1 24 CEF720 24 port 1000mb SFP WS-X6724-SFP SAL1412DAF5 2 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX SAL1411D40P 3 8 CEF720 8 port 10GE with DFC WS-X6708-10GE SAL1201BTPV 4 8 CEF720 8 port 10GE with DFC WS-X6708-10GE SAL1152BFUG 5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G SAL1412DDY3 Mod MAC addresses Hw Fw Sw Status --- ---------------------------------- ------ ------------ ------------ ------- 1 68ef.bd7e.9268 to 68ef.bd7e.927f 4.3 12.2(18r)S1 12.2(33)SXI9 Ok 2 68ef.bd34.48d0 to 68ef.bd34.48ff 3.4 12.2(18r)S1 12.2(33)SXI9 Ok 3 001a.6c9f.0420 to 001a.6c9f.0427 1.3 12.2(18r)S1 12.2(33)SXI9 Ok 4 001a.6c9e.fc88 to 001a.6c9e.fc8f 1.3 12.2(18r)S1 12.2(33)SXI9 Ok 5 0025.84bf.9150 to 0025.84bf.9157 3.2 8.5(3) 12.2(33)SXI9 Ok Mod Sub-Module Model Serial Hw Status ---- --------------------------- ------------------ ----------- ------- ------- 1 Centralized Forwarding Card WS-F6700-CFC SAL1410CKEL 4.1 Ok 2 Centralized Forwarding Card WS-F6700-CFC SAL1411D79T 4.1 Ok 3 Distributed Forwarding Card WS-F6700-DFC3CXL SAL1202CK17 1.0 Ok 4 Distributed Forwarding Card WS-F6700-DFC3CXL SAL1202CK0U 1.0 Ok 5 Policy Feature Card 3 VS-F6K-PFC3C SAL1412DGP2 1.1 Ok 5 MSFC3 Daughterboard VS-F6K-MSFC3 SAL1412DDM3 2.1 Ok Mod Online Diag Status ---- ------------------- 1 Pass 2 Pass 3 Pass 4 Pass 5 Pass TLABSFVSSA#show etherchan load EtherChannel Load-Balancing Configuration: src-dst-ip vlan included mpls label-ip EtherChannel Load-Balancing Addresses Used Per-Protocol: Non-IP: Source XOR Destination MAC address IPv4: Source XOR Destination IP address IPv6: Source XOR Destination IP address MPLS: Label or IP TLABSFVSSA#config t Enter configuration commands, one per line. End with CNTL/Z. TLABSFVSSA(config)#port-channel load-balance ? dst-ip Dst IP Addr dst-mac Dst Mac Addr dst-mixed-ip-port Dst IP Addr and TCP/UDP Port dst-port Dst TCP/UDP Port mpls Load Balancing for MPLS packets src-dst-ip Src XOR Dst IP Addr src-dst-mac Src XOR Dst Mac Addr src-dst-mixed-ip-port Src XOR Dst IP Addr and TCP/UDP Port src-dst-port Src XOR Dst TCP/UDP Port src-ip Src IP Addr src-mac Src Mac Addr src-mixed-ip-port Src IP Addr and TCP/UDP Port src-port Src TCP/UDP Port TLABSFVSSA(config)#port-channel load-balance src-dst-ip ? switch Specify switch id TLABSFVSSA(config)#port-channel load-balance src-dst-ip exclude? % Unrecognized command TLABSFVSSA(config)#end TLABSFVSSA#exit
Sorry about the formatting that happened above. It lost all the end-of-line information when I pressed the
Add Comment button. Hope you can decipher it. John.
Hi Jeffrey,
we are running 5508 controller and connecting to a VSS pair.
Cisco document for version 7.3 WLC code recommends
"port-channel load-balance src-dst-ip" on the port channel config. Is this still valid for 5508 WLC connected to a 6500 VSS pair?
Currently there is no load balancing command specified, so I assume src-mac would be the default.
The src-dst-ip requirement only applied to the 4400 based platforms (4404, 4402, WiSM-1 and 3750G.) You don't need to worry about with the newer platforms.
Best,
Aaron
Hi Aaron,
Thanks for your reply. The below link advises that src-dst-ip is recommended?
is that only for 4400 based WLC?
r
kingslin
Kingslin,
That section of the documentation is obsolete. I.e. you only need to worry about "src-dst-ip" on the 4400-based WLCs whose final resting branch is 7.0, so that verbiage doesn't belong in our post-7.0 documentation. I've sent feedback to the doc writers to remove it.
Thanks,
Aaron
Following up to myself here .. somehow between April and July, I managed to forget that the src-dst-ip restriction does pertain to the WiSM2 (although not to the 5508.)
I.e. this article is correct - use src-dst-ip for any of: {4400, WiSM1, 3750G or WiSM2}
Aaron
Aaron,
Could you do me a favor and confirm if the src-dst-ip option applies to the 2504's? It seems like they are a somewhat older platform that has had LAG added.. so just not sure.
I'm currently doing lab testing with them hanging off a 3750 which only supports src-dst-ip on the current software (updating to see if I can get more options), but the 6509 that the 2504s will eventually be on are set to 'src-dst-mixed-ip-port', and we need to keep it that way.
Thanks!
-Nate
Hi Nate,
good question. As Lag support is introduced over time, this document needs to evolve
Like the 5508, the 2504 shouldn't require src-dst-ip. It's 5508 based, and has doesn't have dual data planes like the Wism2 (which does require src-dst-ip).
thanks
Jeff
Excellent, thanks! That's what I was hoping to hear.
hello all, i am jumping into this thread just to ask a very close question related to the above. in a scenario with 2 x 8500 in HA SSO over a VSS block, when it comes to the etherchannel configuration (LAG), what is the best practice?
-create 1 port-channel and attach the physical ports of the 2x8500 in it or to create 2 separate port-channels, one for each WLC?
Thanks
Hi,
Each controller needs a separate port channel.
If you were to bundle all switch ports for both controllers into one switch side port channel group, you'd experience very bad packet forwarding issues.
With VSS, it doesn't matter if a given controller's connected ports are spanned across both switches, the important thing is that all of the physical channel member links are presented to each controller as a 'single logical port channel'.
let me know if this helps.
thanks
Jeff
Hello Jeff,
Thanks for sorting things out. I had this in my mind but since that is my first deployment i wanted to verify this.
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: