Trunk

1. Cisco and Cisco

Image
3560#sh run
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
hostname 3560
ip routing
no ip domain-lookup
vtp domain cisco
vtp mode transparent
spanning-tree mode pvst
vlan 10
 name MGMT
vlan 20
 name SVR
vlan 30
 name USR
interface Port-channel 1
 switchport trunk native vlan 30
 switchport trunk allowed vlan 1,10,20,30
 switchport trunk encapsulation dot1q
 switchport mode trunk
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
interface FastEthernet0/2
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
interface FastEthernet0/3
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
interface GigabitEthernet0/1
channel-protocol lacp
channel-group 1 mode active
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface GigabitEthernet0/2
channel-protocol lacp
channel-group 1 mode active
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface Vlan1
no ip address
shutdown
interface Vlan10
description MGMT
ip address 10.0.0.151 255.255.255.0
interface Vlan20
description SVR
ip address 10.0.20.1 255.255.255.0
interface Vlan30
description USR
ip address 10.0.30.1 255.255.255.0
ip classless
ip flow-export version 9
line con 0
line aux 0
line vty 0 4
login
end
2960#sh run
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
hostname 2960
no ip domain-lookup
vtp domain cisco
vtp mode transparent
spanning-tree mode pvst
vlan 10
 name MGMT
vlan 20
 name SVR
vlan 30
 name USR
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
interface FastEthernet0/2
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
interface FastEthernet0/3
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
interface GigabitEthernet0/1
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
channel-protocol lacp
channel-group 1 mode active
switchport mode trunk
switchport nonegotiate
interface GigabitEthernet0/2
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
channel-protocol lacp
channel-group 1 mode active
switchport mode trunk
switchport nonegotiate
interface Port-channel 1
switchport trunk native vlan 30
switchport mode trunk
interface Vlan1
no ip address
interface Vlan10
description MGMT
ip address 10.0.0.152 255.255.255.0
interface Vlan20
description SVR
no ip address
interface Vlan30
description USR
no ip address
ip default-gateway 10.0.0.1
line con 0
line vty 0 4
login
line vty 5 15
login
end

2. Cisco and HP
Image

3750#sh run
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
hostname 3750
ip routing
no ip domain-lookup
vtp domain cisco
vtp mode transparent
spanning-tree mode pvst
vlan 10
name MGMT
vlan 20
name SVR
vlan 30
name USR
interface Port-channel 1
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
spanning-tree portfast
interface FastEthernet0/3
switchport access vlan 30
switchport mode access
spanning-tree portfast
interface GigabitEthernet0/1
channel-protocol lacp
channel-group 1 mode active
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface GigabitEthernet0/2
channel-protocol lacp
channel-group 1 mode active
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface Vlan1
no ip address
shutdown
interface Vlan10
description MGMT
ip address 10.0.0.151 255.255.255.0
interface Vlan20
description SVR
ip address 10.0.20.1 255.255.255.0
interface Vlan30
description USR
ip address 10.0.30.1 255.255.255.0
ip classless
ip flow-export version 9
line con 0
line aux 0
line vty 0 4
login
end

HP3400CL# sh run
Running configuration:
; J4905A Configuration Editor; Created on release #M.10.102
hostname “HP3400CL”
interface 21
no lacp
exit
interface 22
no lacp
exit
interface 23
no lacp
exit
interface 24
no lacp
exit
trunk 21-24 Trk1 LACP
ip routing
snmp-server community “public” Unrestricted
vlan 1
name “DEFAULT_VLAN”
untagged 4-20,Trk1
ip address dhcp-bootp
no untagged 1-3
exit
vlan 10
name “MGMT”
untagged 1
ip address 10.0.0.153 255.255.255.0
tagged Trk1
exit
vlan 20
name “SVR”
untagged 2
tagged Trk1
exit
vlan 30
name “USR”
untagged 3
tagged Trk1
exit
spanning-tree Trk1 priority 4

3. Cisco and Juniper

Image
3750#sh run
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
hostname 3750
ip routing
no ip domain-lookup
vtp domain cisco
vtp mode transparent
spanning-tree mode pvst
vlan 10
name MGMT
vlan 20
name SVR
vlan 30
name USR
interface Port-channel 1
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
spanning-tree portfast
interface FastEthernet0/3
switchport access vlan 30
switchport mode access
spanning-tree portfast
interface GigabitEthernet0/1
channel-protocol lacp
channel-group 1 mode active
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface GigabitEthernet0/2
channel-protocol lacp
channel-group 1 mode active
switchport trunk native vlan 30
switchport trunk allowed vlan 1,10,20,30
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface Vlan1
no ip address
shutdown
interface Vlan10
description MGMT
ip address 10.0.0.151 255.255.255.0
interface Vlan20
description SVR
ip address 10.0.20.1 255.255.255.0
interface Vlan30
description USR
ip address 10.0.30.1 255.255.255.0
ip classless
ip flow-export version 9
line con 0
line aux 0
line vty 0 4
login
end

Juniper EX2200

Juniper EX2200
root@ex2200# show
## Last changed: 2015-04-24 05:39:59 WIT
version 12.3R8.7;
system {
host-name ex2200;
time-zone Asia/Jakarta;
root-authentication {
encrypted-password “$1$/kte9bci$yPafE05trOIqhTKWb0FyR.”; ## SECRET-DATA
}
/* google dns */
name-server {
8.8.8.8;
8.8.4.4;
}
services {
ssh {
rate-limit 15;
}
}
syslog {
user * {
any emergency;
}
file messages {
            any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp;
}
chassis {
aggregated-devices {
ethernet {
device-count 1;
}
}
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
        unit 0 {
family ethernet-switching {
vlan {
members MGMT;
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members SVR;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members USR;
}
}
}
}
    ge-0/0/44 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/45 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/46 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/47 {
ether-options {
802.3ad ae0;
}
}
    ae0 {
aggregated-ether-options {
minimum-links 1;
link-speed 1g;
lacp {
passive;
periodic fast;
}
}
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members all;
}
}
}
}
me0 {
unit 0 {
family inet;
}
}
vlan {
unit 0 {
family inet;
}
unit 10 {
family inet {
address 10.0.0.154/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.0.1;
}
}
protocols {
igmp-snooping {
vlan all;
}
rstp;
lldp {
interface all;
}
lldp-med {
interface all;
}
}
ethernet-switching-options {
storm-control {
interface all;
}
}
vlans {
MGMT {
vlan-id 10;
l3-interface vlan.10;
}
SVR {
vlan-id 20;
}
USR {
vlan-id 30;
}
default {
vlan-id 1;
l3-interface vlan.0;
}
}
4. Cisco and NetApp
SOURCE: http://technologist.pro/storage/netapp-dynamic-multimode-vif-and-cisco-etherchannel
NetApp Appliances support Link Aggregation of their network interfaces, they call the Link Aggregation a VIF (Virtual Interface) and this provides Fault Tolerance, Load Balancing and higher throughput.

NetApp supports the following Link Aggregation modes:

From the NetApp documentation:
Single-mode vif
In a single-mode vif, only one of the interfaces in the vif is active. The other interfaces are on standby, ready to take over if the active interface fails.
Static multimode vif
The static multimode vif implementation in Data ONTAP is in compliance with IEEE 802.3ad (static). Any switch that supports aggregates, but does not have control packet exchange for configuring an aggregate, can be used with static multimode vifs.
Dynamic multimode vif
Dynamic multimode vifs can detect not only the loss of link status (as do static multimode vifs), but also a loss of data flow. This feature makes dynamic multimode vifs compatible with high-availability environments. The dynamic multimode vif implementation in Data ONTAP is in compliance with IEEE 802.3ad (dynamic), also known as Link Aggregation Control Protocol (LACP).

In this guide I will set up a Dynamic multimode vif between the NetApp system and the Cisco switches using LACP.

I am working with following hardware:

  • 2x NetApp FAS3040c in an active-active cluster
    With Dual 10G Ethernet Controller T320E-SFP+
  • 2x Cisco WS-C6509 configured as one Virtual Switch (using VSS)
    With Ten Gigabit Ethernet interfaces

Cisco Configuration:

Port-Channel(s) configuration:
// I am using Port-Channel 8 and 9 for this configuration
// And I need my filers to be in VLAN 10

!
interface Port-channel8
description LACP multimode VIF for filer1-10G
switchport
switchport access vlan 10
switchport mode access
!
interface Port-channel9
description LACP multimode VIF for filer2-10G
switchport
switchport access vlan 10
switchport mode access
!

Interface Configuration:
// Since I am using VSS, my 2 Cisco 6509 look like 1 Virtual Switch
// For example: interface TenGigabitEthernet 2/10/4 means:
// interface 4, on blade 10, on the second 6509

!
interface TenGigabitEthernet1/10/1
description “filer1_e1a_net 10G”
switchport access vlan 10
switchport mode access
channel-group 8 mode active
spanning-tree portfast
!
!
interface TenGigabitEthernet2/10/1
description “filer1_e1b_net 10G”
switchport access vlan 10
switchport mode access
channel-group 8 mode active
spanning-tree portfast
!
!
interface TenGigabitEthernet1/10/2
description “filer2_e1a_net 10G”
switchport access vlan 10
switchport mode access
channel-group 9 mode active
spanning-tree portfast
!
!
interface TenGigabitEthernet2/10/2
description “filer2_e1b_net 10G”
switchport access vlan 10
switchport mode access
channel-group 9 mode active
spanning-tree portfast
!

Check the Cisco configuration

6509-1#sh etherchannel sum
...
Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
...
8    Po8(SU)       LACP      Te1/10/1(P)     Te2/10/1(P)     
9    Po9(SU)       LACP      Te1/10/2(P)    Te2/10/2(P)    
...

NetApp Configuration:

filer1>vif create lacp net10G -b ip e1a e1b
filer1>ifconfig net10G 10.0.0.100 netmask 255.255.255.0
filer1>ifconfig net10G up

filer2>vif create lacp net10G -b ip e1a e1b
filer2>ifconfig net10G 10.0.0.200 netmask 255.255.255.0
filer2>ifconfig net10G up

Don’t forget to make the change persistant

Filer1:: /etc/rc
hostname FILER1
vif create lacp net10G -b ip e1b e1a
ifconfig net `hostname`-net mediatype auto netmask 255.255.255.0 partner net10G
route add default 10.0.0.1 1
routed on
options dns.domainname example.com
options dns.enable on
options nis.enable off
savecore

Filer2:: /etc/rc
hostname FILER2
vif create lacp net10G -b ip e1b e1a
ifconfig net `hostname`-net mediatype auto netmask 255.255.255.0 partner net10G
route add default 10.0.0.1 1
routed on
options dns.domainname example.com
options dns.enable on
options nis.enable off
savecore

Check the NetApp configuration

FILER1> vif status net10G
default: transmit 'IP Load balancing', VIF Type 'multi_mode', fail 'log'
net10G: 2 links, transmit 'IP Load balancing', VIF Type 'lacp' fail 'default'
         VIF Status     Up      Addr_set 
        up:
        e1a: state up, since 05Nov2010 12:37:59 (00:06:23)
                mediatype: auto-10g_sr-fd-up
                flags: enabled
                active aggr, aggr port: e1b
                input packets 1338, input bytes 167892
                input lacp packets 101, output lacp packets 113
                output packets 203, output bytes 20256
                up indications 13, broken indications 6
                drops (if) 0, drops (link) 0
                indication: up at 05Nov2010 12:37:59
                        consecutive 0, transitions 22
        e1b: state up, since 05Nov2010 12:34:56 (00:09:26)
                mediatype: auto-10g_sr-fd-up
                flags: enabled
                active aggr, aggr port: e1b
                input packets 3697, input bytes 471398
                input lacp packets 89, output lacp packets 98
                output packets 153, output bytes 14462
                up indications 10, broken indications 4
                drops (if) 0, drops (link) 0
                indication: up at 05Nov2010 12:34:56
                        consecutive 0, transitions 17

5. HP and Juniper

Image

HP3400CL# sh run
Running configuration:
; J4905A Configuration Editor; Created on release #M.10.102
hostname “HP3400CL”
interface 21
no lacp
exit
interface 22
no lacp
exit
interface 23
no lacp
exit
interface 24
no lacp
exit
trunk 21-24 Trk1 LACP
ip routing
snmp-server community “public” Unrestricted
vlan 1
name “DEFAULT_VLAN”
untagged 4-20,Trk1
ip address dhcp-bootp
no untagged 1-3
exit
vlan 10
name “MGMT”
untagged 1
ip address 10.0.0.153 255.255.255.0
tagged Trk1
exit
vlan 20
name “SVR”
untagged 2
tagged Trk1
exit
vlan 30
name “USR”
untagged 3
tagged Trk1
exit
spanning-tree Trk1 priority 4

Juniper EX2200
root@ex2200# show
## Last changed: 2015-04-24 05:39:59 WIT
version 12.3R8.7;
system {
host-name ex2200;
time-zone Asia/Jakarta;
root-authentication {
encrypted-password “$1$/kte9bci$yPafE05trOIqhTKWb0FyR.”; ## SECRET-DATA
}
/* google dns */
name-server {
8.8.8.8;
8.8.4.4;
}
services {
ssh {
rate-limit 15;
}
}
syslog {
user * {
any emergency;
}
file messages {
            any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp;
}
chassis {
aggregated-devices {
ethernet {
device-count 1;
}
}
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
        unit 0 {
family ethernet-switching {
vlan {
members MGMT;
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members SVR;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members USR;
}
}
}
}
    ge-0/0/44 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/45 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/46 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/47 {
ether-options {
802.3ad ae0;
}
}
    ae0 {
aggregated-ether-options {
minimum-links 1;
link-speed 1g;
lacp {
passive;
periodic fast;
}
}
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members all;
}
}
}
}
me0 {
unit 0 {
family inet;
}
}
vlan {
unit 0 {
family inet;
}
unit 10 {
family inet {
address 10.0.0.154/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.0.1;
}
}
protocols {
igmp-snooping {
vlan all;
}
rstp;
lldp {
interface all;
}
lldp-med {
interface all;
}
}
ethernet-switching-options {
storm-control {
interface all;
}
}
vlans {
MGMT {
vlan-id 10;
l3-interface vlan.10;
}
SVR {
vlan-id 20;
}
USR {
vlan-id 30;
}
default {
vlan-id 1;
l3-interface vlan.0;
}
}

HP and HP

Waiting 2nd HP switch

Juniper and Juniper
SRX210

#show
version 12.1X44-D40.2;
system {
host-name srx;
time-zone GMT+7;
root-authentication {
encrypted-password “$1$ZxV1QE9L$mZkXS5ai0JO8j9BtuHlfr/”; ## SECRET-DATA
}
name-server {
8.8.8.8;
8.8.4.4;
208.67.222.222;
208.67.220.220;
}
name-resolution {
no-resolve-on-input;
}
services {
ssh;
web-management {
https {
system-generated-certificate;
interface [ ge-0/0/0.0 vlan.1 ];
            }
session {
idle-timeout 60;
}
}
}
syslog {
archive size 100k files 3;
user * {
any emergency;
}
file messages {
any critical;
authorization info;
}
file interactive-commands {
interactive-commands error;
}
}
max-configurations-on-flash 5;
max-configuration-rollbacks 5;
license {
autoupdate {
            url https://ae1.juniper.net/junos/key_retrieval;
}
}
ntp {
server us.ntp.pool.org;
}
}
chassis {
aggregated-devices {
ethernet {
device-count 1;
}
}
}
interfaces {
ge-0/0/0 {
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
gigether-options {
802.3ad ae0;
        }
}
fe-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members WAN1;
}
}
}
}
fe-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members SVR;
}
}
}
ae0 {
        aggregated-ether-options {
lacp {
active;
}
}
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ default all ];
}
}
}
}
st0 {
unit 0 {
            family inet;
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.0.12;
route 192.168.2.0/24 next-hop st0.0;
}
}
protocols {
stp;
}
security {
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
            tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
zones {
security-zone Internal {
address-book {
address addr_192_168_1_0_24 192.168.1.0/24;
}
host-inbound-traffic {
system-services {
all;
}
}
}
        security-zone DMZ {
interfaces {
fe-0/0/7.0 {
host-inbound-traffic {
system-services {
ping;
}
}
}
}
}
}
}
access {
profile remote_access_profile {
client user1 {
firewall-user {
password “$9$x3i7bY2gaUi.4a9pu0IR-Vws2a”; ## SECRET-DATA
}
}
address-assignment {
pool startup_rvpn_add_pool;
}
    }
address-assignment {
pool startup_rvpn_add_pool {
family inet {
network 192.168.10.0/24;
range startup-rvpn-range {
low 192.168.10.101;
high 192.168.10.200;
}
xauth-attributes {
primary-dns 8.8.8.8/32;
secondary-dns 8.8.4.4/32;
}
}
}
}
firewall-authentication {
web-authentication {
default-profile remote_access_profile;
}
}
}
poe {
}
vlans {
HA {
vlan-id 40;
}
MGMT {
vlan-id 100;
}
SVR {
vlan-id 20;
}
USR {
vlan-id 30;
}
WAN1 {
vlan-id 10;
}
WAN2 {
vlan-id 88;
}
}

EX2200

#show
version 12.3R8.7;
system {
host-name ex2200;
time-zone Asia/Jakarta;
root-authentication {
encrypted-password “$1$/kte9bci$yPafE05trOIqhTKWb0FyR.”; ## SECRET-DATA
}
/* google dns */
name-server {
8.8.8.8;
8.8.4.4;
}
services {
ssh {
rate-limit 15;
}
}
syslog {
user * {
any emergency;
}
file messages {
            any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp;
}
chassis {
aggregated-devices {
ethernet {
device-count 1;
}
}
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
        unit 0 {
family ethernet-switching {
vlan {
members MGMT;
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members SVR;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members USR;
                }
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members WAN1;
}
}
}
}
    ge-0/0/44 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/45 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/46 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/47 {
ether-options {
802.3ad ae0;
        }
}
    ae0 {
        aggregated-ether-options {
minimum-links 1;
link-speed 1g;
lacp {
active;
periodic fast;
}
}
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members all;
}
}
}
}
me0 {
unit 0 {
family inet;
}
}
vlan {
        unit 0 {
family inet;
}
unit 10 {
family inet {
address 10.0.10.241/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.10.1;
}
}
protocols {
igmp-snooping {
vlan all;
}
rstp;
lldp {
interface all;
}
    lldp-med {
interface all;
}
}
ethernet-switching-options {
storm-control {
interface all;
}
}
vlans {
MGMT {
vlan-id 100;
}
SVR {
vlan-id 20;
}
USR {
vlan-id 30;
}
WAN1 {
vlan-id 10;
l3-interface vlan.10;
}
    }
WAN2 {
vlan-id 88;
    }
default {
vlan-id 1;
l3-interface vlan.0;
}
}
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s