Home > Networking > Cisco EtherChannel

Cisco EtherChannel


After much work I’ve gotten a good handle on EtherChannel. The network I’m working on will be the core of a highly available system. It consists of 2 Cisco 3750G-24 multi-layer switches in a stacked configuration and 4 Cisco 2960G-48 switches. I want to configure the system in such a way that any single device failure will not cause a complete outage. To do this I’ve set up EtherChannel links between the edge switches and the 3750 switch stack. This is what Cisco calls a “Cross-Stack EtherChannel”. Link to Cisco’s example

It’s been quite a while since I’ve configured network gear but overall this has been good. So the basic procedure to create an EtherChannel is this:

Cisco 3750

3750(config)#interface range gi1/0/1 , gi2/0/1
3750(config-if)#switchport trunk encapsulation dot1q
3750(config-if)#switchport trunk allowed vlan 7
3750(config-if)#switchport mode trunk
3750(config-if)#channel-group 1 mode on

Cisco 2960

2960(config)#interface range gi0/47-48
2960(config-if)#switchport trunk allowed vlan 7
2960(config-if)#switchport mode trunk
2960(config-if)#channel-group 1 mode on

One very important note about configuring an EtherChannel is to make sure the ports are configured the way you want them before adding them to the EtherChannel. Because these devices will be part of a secure system I had to follow the DISA STIG which requires trunk ports to be on a separate native vlan. Just adding this to the interfaces caused an error stating that there was a mismatch between the interfaces and the port-channel. Ok, so I try to add the native vlan to the port-channel but it just doesn’t like it, so I decide to de-configure the EtherChannel and start over. One trick is to shut down the ports on one switch or the other to prevent spanning tree from disabling them. If they do get disabled you will have to issue a shutdown and no shutdown command on the interface(s).

So this is what I end up with:

Cisco 3750

!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk native vlan 3
switchport trunk allowed vlan 3,7
switchport mode trunk
!
-output suppressed-
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 3
switchport trunk allowed vlan 3,7
switchport mode trunk
channel-group 1 mode on
!
-output suppressed-
!
interface GigabitEthernet2/0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 3
switchport trunk allowed vlan 3,7
switchport mode trunk
channel-group 1 mode on

Cisco 2960

!
interface Port-channel1
switchport trunk native vlan 3
switchport trunk allowed vlan 3,7
switchport mode trunk
!
-output suppressed-
!
interface GigabitEthernet0/47
switchport trunk native vlan 3
switchport trunk allowed vlan 3,7
switchport mode trunk
media-type rj45
channel-group 1 mode on
!
interface GigabitEthernet0/48
switchport trunk native vlan 3
switchport trunk allowed vlan 3,7
switchport mode trunk
media-type rj45
channel-group 1 mode on

Advertisements
Categories: Networking Tags: ,
  1. Marcello
    May 27, 2012 at 1:51 AM

    Hi, you can simple add command “channel-group 1 mode on” in the 3750 giga interfaces before the others switchport commands.
    In this way all other switchport commands will be automatically added also to the port-channel interface.

  2. ridiculiculous
    May 9, 2014 at 12:31 PM

    Did this design work? I was under the impression that the port channel cannot span chassis which means that in order for that EtherChannel to work, they need to be going to the same location.

  3. May 9, 2014 at 4:03 PM

    Yes, it works great. This is called a cross-stack etherchannel. Since both 3750 switches are in the same stack they act like a single device which allows you to have etherchannel going to both physical switches.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: