Wednesday, August 27, 2008

L3 etherchannel tunnel

I am gonna start this off by saying that the only way I know to get over my fear of something is to learn to love it. This is how I am learning to conquer layer 2 tunneling. Today was the first day I got an L2 tunneling task to work without using the solution guide. And my solution didn't match but it still worked perfectly!

Here is the topology:

SW3====SW1====SW4

SW3 f0/14-15 connects to SW1 f0/17-18
SW4 f0/14-15 connects to SW1 f0/20-21

SW3 and SW4 need to form an L3 etherchannel. I will start off by explaining my thoughts on how this should work. The only protocol I think we should tunnel is lacp or pagp. Other solutions have dot1q-tunnel and some other stuff but I don't see why those are needed. If I am mistaken...please comment!

So this what I did on SW1:

int range f0/17 - 18, f0/20-21
l2protocol-tunnel point-to-point lacp


Then I configure SW3 and SW4 as such:

int range f0/14-15
shut
no switchport
channel-group 1 mode active
int po 1
no switchport
int range f0/14-15
no shut

The interfaces came up and then came down and this was my message:

%EC-5-L3DONTBNDL2: Fa0/15 suspended: LACP currently not enabled on the remote port.
%EC-5-L3DONTBNDL2: Fa0/14 suspended: LACP currently not enabled on the remote port.

Now I started to think about the tunneling and what could go wrong. I usually always end up with an "l2ptguard error detected" but I was NOT getting that message this time. Instead it just didn't work...

I thought about other labs I did where tunneled packets came back to the same switch over trunks or other ports on the same vlan. This would be bad if SW3 tried to form an etherchannel with itself!

I decided to separate the ports that SW3 and SW4 connected to by vlans. I was allowed to create 1 extra vlan, I knew this was fine because the other set of ports would use native vlan 1.

So I picked one port that connects to SW3 and one that connects to SW4 and put these in vlan 100:

int range f0/17,f0/20
switchport access vlan 100

and waited....

and waited....

Nothing happened. I swear I has this thing in the bag! So I swent to SW3 and SW4 and shut both f0/14-15 down. Then I brought them up again. Then I waited about 15 seconds and what did I see:

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/15, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/14, changed state to up
%LINK-3-UPDOWN: Interface Port-channel1, changed state to up

WOOH OOH! I was at work at the time and you know the looks I got! ;)

SW3#show eth sum | beg Gr
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------
1 Po1(RU) LACP Fa0/14(P) Fa0/15(P)

I know that l2protocol tunneling is still my weakness. And to think how it can affect reachability makes my cringe, but I am gonna learn to love it and hopefully soon I can conquer it.

1 comment:

  1. It happened the same to us in a client, when we were trying to configure a port-channel with LACP.
    %EC-5-L3DONTBNDL2: Gi3/0/25 suspended: LACP currently not enabled on the remote port.

    6d07h: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/3, changed state to down
    6d07h: %LINK-3-UPDOWN: Interface GigabitEthernet2/0/3, changed state to down
    6d07h: %LINK-3-UPDOWN: Interface GigabitEthernet2/0/3, changed state to up
    6d07h: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/3, changed state to up

    but didn´t work at all, even after doing shutdown to the interfaces included in the port-channel.

    In our case, the interface keeps on "waiting" state. We have tried the configuration in some different port-channels, but we got the same results. In our lab, we could´t repeat the situation, as it was working the first time!

    We really don´t know what´s wrong with the interfaces!

    Any idea? Thanks in advanced.

    Carol

    ReplyDelete

Note: Only a member of this blog may post a comment.