Re: DOT1q tunnels with etherchannel

From: ALL From_NJ (all.from.nj@gmail.com)
Date: Thu Mar 05 2009 - 22:12:52 ARST

• Next message: Huan Pham: "OT: Discounted voucher for Cisco exam??"
• Previous message: Steve Means: "RE: NAT-ASA-Juniper Security"
• Maybe in reply to: Dennis Worth: "DOT1q tunnels with etherchannel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Not sure if this answer is technical enough ... but what I think is
happening is that if you use the same VLAN for both incoming ports and both
of the remote outgoing ports, the switch will see the same control traffic
on both ports at the same time ..., not good. It thinks there is a loop and
it's loop detection / prevention methods kick in. It gets confused because
it knows it can not recieve the same control traffic on two ports ... and
things do not work right ...

By keeping the VLANs different, you are keeping the control traffic from
each port separate (separate VLANs) as well as tunneling it accross to the
other side. This way the switch will not see the same control traffic in
two different ports.

You can do some tests for this in your lab by changing and keeping the same
VLANs, you may see that perhaps CDP works in one case (show cdp nei), but
not VTP in the other case, and vice versa.

HTH,

Andrew

On Thu, Mar 5, 2009 at 2:24 PM, Dennis Worth <dennis.worth@gmail.com> wrote:

> Sadiq,
>
> I could not find any details in the DOC CD to why, but the configs do
> separate them into multiple vlans. All I know is that is suspends the
> etherchannel interfaces if I try to change the vlan access to match on both
> provider ports.
> This is what I found:
>
> This example shows how to configure the SP edge switch 1 and edge switch 2.
> VLANs 17, 18, 19, and 20 are the access VLANs, Fast Ethernet interfaces 1
> and 2 are point-to-point tunnel ports with PAgP and UDLD enabled, the drop
> threshold is 1000, and Fast Ethernet interface 3 is a trunk port.
>
> SP edge switch 1 configuration:
>
> Switch(config)# *interface fastethernet0/1*
>
> Switch(config-if)# *switchport access vlan 17*
>
> Switch(config-if)# *switchport mode dot1q-tunnel*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point pagp*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point udld*
>
> Switch(config-if)# *l2protocol-tunnel drop-threshold point-to-point pagp
> 1000*
>
> Switch(config-if)# *exit*
>
> Switch(config)# *interface fastethernet0/2*
>
> Switch(config-if)# *switchport access vlan 18*
>
> Switch(config-if)# *switchport mode dot1q-tunnel*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point pagp*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point udld*
>
> Switch(config-if)# *l2protocol-tunnel drop-threshold point-to-point pagp
> 1000*
>
> Switch(config-if)# *exit*
>
> Switch(config)# *interface fastethernet0/3*
>
> Switch(config-if)# *switchport trunk encapsulation isl*
>
> Switch(config-if)# *switchport mode trunk*
>
>
> SP edge switch 2 configuration:
>
> Switch(config)# *interface fastethernet0/1*
>
> Switch(config-if)# *switchport access vlan 19*
>
> Switch(config-if)# *switchport mode dot1q-tunnel*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point pagp*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point udld*
>
> Switch(config-if)# *l2protocol-tunnel drop-threshold point-to-point pagp
> 1000*
>
> Switch(config-if)# *exit*
>
> Switch(config)# *interface fastethernet0/2*
>
> Switch(config-if)# *switchport access vlan 20*
>
> Switch(config-if)# *switchport mode dot1q-tunnel*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point pagp*
>
> Switch(config-if)# *l2protocol-tunnel point-to-point udld*
>
> Switch(config-if)# *l2protocol-tunnel drop-threshold point-to-point pagp
> 1000*
>
> Switch(config-if)# *exit*
>
> Switch(config)# *interface fastethernet0/3*
>
> Switch(config-if)# *switchport trunk encapsulation isl*
>
> Switch(config-if)# *switchport mode trunk*
>
>
> Thanks,
> On Thu, Mar 5, 2009 at 11:17 AM, Sadiq Yakasai <sadiqtanko@gmail.com>
> wrote:
>
> > Hi Dennis,
> >
> > is this doc any helpful?
> >
> >
> >
> http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_46_se/configuration/guide/swtunnel.html#wp1018452
> >
> > Sadiq
> >
> > On Thu, Mar 5, 2009 at 6:03 PM, Dennis Worth <dennis.worth@gmail.com
> >wrote:
> >
> >> Hey group,
> >> I have a quick query with regards to why 2 separate vlans are required
> on
> >> the provider side of dot1q tunnels when using ether channel. If anyone
> has
> >> a
> >> document on this, that would be great. See Below for diagram.
> >>
> >> SW3 --- SW4
> >> | |
> >> | |
> >> SW1 --- SW2
> >>
> >> Switch 3 and for are aggregating 2 ports and the tunnel runs between
> edge
> >> on sw1 and sw2. The problem is that each interface connected to the
> >> customer
> >> switches needs a separate access vlan. Why is this? What underlying
> theme
> >> is
> >> there? I tried to debug the l2protocol-tunnel but with no success.
> >>
> >> Thanks,
> >> --
> >> Dennis Worth
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> > --
> > CCIE #19963
> >
>
>
>
> --
> Dennis Worth
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Andrew Lee Lissitz
all.from.nj@gmail.com
Blogs and organic groups at http://www.ccie.net

• Next message: Huan Pham: "OT: Discounted voucher for Cisco exam??"
• Previous message: Steve Means: "RE: NAT-ASA-Juniper Security"
• Maybe in reply to: Dennis Worth: "DOT1q tunnels with etherchannel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART