CCNA and CCNP Study - Technical Rock: March 2024

Monday, March 11, 2024

EtherChannel

ETHERCHANNEL/PORTCHANNEL

EtherChannel which is also known as link aggregation. EtherChannel is a technology that lets you bundle multiple physical links into a single logical link.

· Fault-tolerant, high-speed links between switches and routers

· Automatic recovery for the loss of a link by redistributing the traffic across the remaining links

· STP will not block one of the links in the bundle, because to STP the bundle looks like a single link

· Up to 8 links can be combined to provide more bandwidth

· The links within the bundle must have the same characteristics such as duplex, speed, etc.

· EtherChannel can be configured as Layer 2 or Layer 3

· With Layer 3, a logical interface (Port channel) is statically configured and all Layer 3 configurations are performed under that interface

· With Layer 2, the logical interface is created automatically

· With both Layer 2 and Layer 3, physical interfaces must be manually assigned to the logical interface using the "channel-group" command

· EtherChannels can be configured automatically using Port Aggregation Protocol (PAgP} or Link Aggregation Control Protocol (LACP)

· PAgP is a Cisco proprietary protocol, whereas LACP is an industry-standard IEEE 802.3ad protocol

· Switches can be configured to use PAgP by configuring them in AUTO or DESIRABLE mode

· Switches can be configured to use LACP by configuring them in ACTIVE or PASSIVE mode

· If the switches are configured in ON mode, they will not exchange LACP or PAgP packets

If you want to configure an EtherChannel then we have three options:

PAgP (Cisco proprietary)
LACP (IEEE standard)
Manual

· PAgP and LACP are negotiation protocols that dynamically configure an EtherChannel. PAgP is a Cisco proprietary protocol so you can only use it between Cisco devices. LACP is an IEEE standard which many vendors support.

· It’s also possible to configure a static EtherChannel without these protocols doing the negotiation of the link for you.

· If you are going to create an EtherChannel you need to make sure that all interfaces have the same configuration:

· Duplex.

· Speed.

· Native and allowed VLANs.

· Switchport mode (access or trunk).

PAgP and LACP will check if the configuration of the interfaces that you use is the same.

EtherChannel Mode-

1. ON - Forces the interface into an EtherChannel without PAgP or LACP packets, both switches must be configured in ON mode for the EtherChannel to be established.

2. ACTIVE - Used in LACP - the switches will actively negotiate an EtherChannel link.

3. PASSIVE - Used in LACP - places the interface in a passive negotiation mode where it only responds to LACP packets that it receives. In this mode, the switch will not start the negotiation process; this setting minimizes the transmission of LACP packets.

4. AUTO - Used in PAgP_ - places the interface in a passive negotiation mode; it only responds to PAgP packets that it receives. In this mode, the switch will not start the negotiation process; this setting minimizes the transmission of PAgP packets.

5. DESIRABLE - Used in PAgP - the switches will actively negotiate an EtherChannel link.

Layer 2 EtherChannel

· Configure the "default interface" for the interfaces involved.

· Assign a channel-group and channel-group number to the physical interfaces, this step will create a port-channel interface automatically.

· Configure the trunking encapsulation directly in port-channel interface configuration mode.

· Reset the ports in the group by entering "shut" and then, "no shut".

Configuration-

SW-l(config)#default interface range f0/19-20

SW-l(config)#interface range f0/19-20

SW-l(config-if-range)#No shut

SW-l(config-if-range)#channel-group 22 mode Auto/Desirable/

SW-l(config)#int port-channel 22

SW-l(config-if)#switchport trunk encapsulation dotlq

SW-l(config-if)#switchport mode trunk

SW-2(config)#default interface range f0/19-20

SW-2(config)#interface range f0/19-20

SW-2(config-if-range)#No shut

SW-2(config-if-range)#channel-group 22 mode Auto/Desirable/

SW-2(config)#int port-channel 22

SW-2(config-if)#switchport trunk encapsulation dotlq

SW-2(config-if)#switchport mode trunk

Verification-

SW#show etherchannel summary

SW-l#Show run interface port-channel 22 lb inter

SW#show interface Port-channel22

SW-l#Show interface trunk I inc 802

Layer3 EtherChannel-

· Default interface the physical interfaces

· Configure the interface port-channel

· Configure the port-channel interface with "no switchport" and then configure the IP address

· Configure the physical interfaces with " no switchport "

· Assign the port-channel ID to the interfaces using the channel-group interface configuration command

· Reset the physical interfaces by using "shut" and "no shut"

Configuration-

On SW-3:

SW-2(config)#default interface range f0/23-24

SW-2(config)#int port-channel 13

SW-2(config-if)#NO switchport

SW-2(config-if)#ip addr 10.1.23.2 255.255.255.0

SW-2(config)#int range f0/23-24

SW-2(config-if-range)#NO switchport

SW-2(config-if-range)#NO shut

SW-2(config-if-range)#channel-group 13 mode on

SW-2(config-if)#NO shut

SW-2(config)#int range f0/23-24

On SW-3:

SW-3(config)#default interface range f0/23-24

SW-3(config)#int port-channel 31

SW-3(config-if)#No switchport

SW-3(config-if)#ip addr 10.1.23.3 255.255.255.0

SW-3(config)#int range f0/23-24

SW-3(config-if-range)#channel-group 31 mode on

Note: If the "no switchport" interface command is not configured, you will get an error.

SW-3(config-if-range)#No switchport

SW-3(config-if-range)#channel-group 31 mode on

SW-3(config-if-range)#No shut

SW-3(config)#int range f0/23-24

SW-3(config-if-range)#shut

SW-3(config-if-range)#No shut

To verify and test the configuration: On SW-2:

SW-2#Show etherchannel summary

EtherChannel Load Balancing-

EtherChannel balances the traffic load across the links in a channel. It uses the binary pattern that the addresses in the frame form a numerical value and according to that value, EtherChannel selects one of the links in the channel.

EtherChannel load balancing can use MAC addresses or IP addresses, source or destination addresses, or both source and destination addresses. The mode applies to all EtherChannels that are configured on the switch. By default src-mac load balancing method enable on switches.

You configure the load balancing by the command: port-channel load-balance {dst-ip | dst-mac | src-dst-ip | src-dst-mac | src-ip | src-mac}

You can find out which interface is used in the EtherChannel to forward traffic based on the load balancing method. The command for this determination is test etherchannel load-balance interface port-channel number {ip | mac} [source_ip_add|source_mac_add] [dest_ip_add|dest_mac_add]

SW1#show EtherChannel load-balance

There are plenty of options to choose from, including combinations of source and/or destination MAC or IP addresses.

SW1(config)#port-channel load-balance ?

dst-ip Dst IP Addr

dst-mac Dst Mac Addr

src-dst-ip Src XOR Dst IP Addr

src-dst-mac Src XOR Dst Mac Addr

src-ip Src IP Addr

src-mac Src Mac Addr

VLAN Trunk Protocol (VTP)

VLAN Trunk Protocol (VTP)

VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere.

VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst series products.

VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs within a VTP domain. A VTP domain (also called a VLAN management domain) is made up of one or more network devices that share the same VTP domain name and that are interconnected with trunks. VTP minimizes misconfigurations and configuration inconsistencies that can result in several problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations.

Before you create VLANs, you must decide whether to use VTP in your network. With VTP, you can make configuration changes centrally on one or more network devices and have those changes automatically communicated to all the other network devices in the network.

Requirement of VTP-

1. Trunking must be enabled between every switch.

2. The VTP domain name must match every switch.

3. The VTP password must match.

Types of VTP mode-

1. Server Mode- In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version and VTP pruning) for the entire VTP domain. VTP servers advertise their VLAN configuration to other network devices in the same VTP domain and synchronize their VLAN configuration with other network devices based on advertisements received over trunk links. VTP server is the default mode. We can create only a normal range of VLANs and it stores VLAN database information in flash memory vlan.dat file

2. Client Mode- VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.

3. Transparent Mode- VTP transparent network devices do not participate in VTP. A VTP transparent network device does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, a transparent network device will forward receive VTP advertisements from its trunking LAN ports. In VTP version 3, a transparent network device is specific to an instance. We can create an extended range of VLANs it stores VLAN database information in flash memory vlan.dat file as well as running config.

4. Off Mode- In VTP off mode, a network device functions in the same manner as a VTP transparent device except that it does not forward VTP advertisements.

Configuration Revision Number

The configuration revision number is a 32-bit number that indicates the level of revision for a VTP packet. Each VTP device tracks the VTP configuration revision number that is assigned to it. Most of the VTP packets contain the VTP configuration revision number of the sender.

This information is used to determine whether the received information is more recent than the current version. Each time that you make a VLAN change in a VTP device, the configuration revision is incremented by one. To reset the configuration revision of a switch, change the VTP domain name, and then change the name back to the original name. Updater ID – lower sVI id will become updater id

VTP Messages-

1. Summary Advertisement- Periodically after every 300 seconds, triggered whenever any VLAN database change will occur. Contents of Summary Advertisement such as VTP Domain, CR Number, MD5 digest value(domain name, password, and CR no.), Version., Total no. of summary subset messages.

2. Subset Advertisement- Triggered when any changes will occur.

3. Subset Request- In the response to the subset request, it contains actual VLAN information

VTP Version-

VTP Version 1

1. This is the default version on IOS switches

2. Supports the normal VLAN range (1-1005)

3. Supports VLAN pruning for VLANs 2-1001

4. Operates in Server, Client, or Transparent modes

5. Supports both plain text or MD5 password

6. Drops unknown TLVs

VTP Version 2

1. Supports normal VLAN range (1-1005)

2. Extended VLANs can be used in Transparent Mode only

3. Added support for Token Ring Concentrator Relay Function and Bridge Relay Function

4. Added support for unknown TLV records

5. Optimized VLAN database consistency checking

6. GVRP – Generic VLAN Registration Protocol (Non-Cisco Devices have this protocol and VTP Ver 2 supports this

VTP Version 3

1. It supports extended VLANs

2. Advertises Private VLAN configuration

3. Advertises other databases (including Multiple STP)

4. Different modes can be set for different features.

5. Password can be set to hidden or secret.

6. It will create private VLAN in server mode, can Encrypt passwords,

7. It supports extended VLAN,

8. Propagate MSTP configuration.

9. Off mode – enable disable VTP per port.

10. Fixes configuration revision overwrite problem that exists in v1/v2 by introducing the primary and secondary server