《Cisco技术网》-Summit Switch & Cisco Etherchannel

有没有朋友做过Summit Switch & Cisco Etherchannel的连接.

查了CCO, cisco etherchannel要和第三方的SWITCH建立Etherchannel的连接,要用LACP.是基于IEEE802.3AD的标准.

要连接的是SUMMIT5i,从5i的Feature上看是支持IEEE 802.1ad compatible link aggregation 的(CISCO叫Etherchanne,SUMMIT叫link aggregation,也叫sharing-group),但我们的firmware是6.xx的,对802.1AD是draft,有查了新的firmware是7.0.0,是支持IEEE 802.1ad 的.
实验成功了.虽然summit5i和cisco etherchannel之间有很多不同,但经过一些实验,得到好的结果.

[7600]
||||
|||| -----etherchannel(fastether x 4)
||||
[summit5i]
|
| -----fastether
|
[7200]

*****************************************************************************
先说[summit5i]的设定
#
#这4个port连着[7600]的1,2,3,4 port
configure port 1 auto off speed 100 duplex full
configure port 2 auto off speed 100 duplex full
configure port 3 auto off speed 100 duplex full
configure port 4 auto off speed 100 duplex full
#
#port8连着的是7200的FE1/0
configure port 8 auto off speed 100 duplex full
#
#summit的sharing-grouping
enable sharing 1 grouping 1,2,3,4 algorithm round-robin
Summit5iTx:45 # sh port sh
Next possible completions:
<cr>

Summit5iTx:45 # sh port sharing
Load Sharing Monitor
Config Current Ld Share Ld Share Link Link
Master Master Algorithm Group Status Ups
==========================================================
1 1 r 1 A 11
r 2 A 9
r 3 A 26
r 4 A 9

Flags: Link Status: A-Active, R-Ready, D-Disabled, NP-Not Present
Ld Sh Algo: p-port based, a-address based, r-round robin

*****************************************************************
[7200]的设定(没什么特别,只是为了测试而已)
inter loop0
ip address 2.2.2.2 255.255.255.0
inter fa0/1
ip address 192.168.1.3 255.255.255.0
duplex full
no shut
router ospf 1
network 192.168.1.3 0.0.0.0 area 0
network 2.2.2.0 0.0.0.255 area 0

***************************************************************
[7600] 的设定
有两种Etherchannel,一种是layer2的,一种是layer3的
(1) layer2 Etherchannel
inter loop0
ip address 1.1.1.1 255.255.255.0
interface range fa3/1 – 4
switchport
switchport mode access
switchport access vlan 10
channel-group 2 mode on <<<<<<< 注意这里用的是[on],后面再讲其它的Mode
speed 100
duplex full
no shut
no cdp enable
!
no spanning-tree vlan 10 <<<<<主要是关掉不必要的port nego,不了解的朋友不要用
!
inter vlan 10
ip address 192.168.1.1 255.255.255.0
no shut
!
router ospf 1
network 192.168.1.1 0.0.0.0 area 0
network 1.1.1.1 0.0.0.0 area 0
default-information originate always

实际上,在敲完以上的config,你会发现interface Port-channel1已经被路由器自己生成了
!
interface Port-channel 2
no ip address
no logging event link-status
switchport
switchport access vlan 10
switchport mode access
!
Router#sh etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator

u - unsuitable for bundling
Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
2 Po2(SU) - Fa3/1(P) Fa3/2(P) Fa3/3(P) Fa3/4(P)

Router#

***************************************************************************
(2) layer3 Etherchannel

interface Port-channel 5
ip address 192.168.1.1 255.255.255.0
!
interface range fa3/1 – 4
speed 100
duplex full
no cdp enable
channel-group 5 mode on
no shut
!
router ospf 1
network 192.168.1.1 0.0.0.0 area 0
network 1.1.1.1 0.0.0.0 area 0
default-information originate always

Router#sh etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator

u - unsuitable for bundling
Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
5 Po5(RU) - Fa3/1(P) Fa3/2(P) Fa3/3(P) Fa3/4(P)

以上两种etherchannel在CISCO的sweep ping下,都不会丢包.

但是如果你把channel-group 5 mode XX设成了其它象［active,passive］, 都会丢包,更不用说设成了［auto ,desirable］了,summit根本不支持.

简单扼要就这些了.

#p#

二、WS-X4232-L3三层路由模块的配置清单
（其中包括：VLAN路由、访问控制列表、三层模块与交换机背板通道的配置等等）

WS-X4232-L3#
Using 4055 out of 126968 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname WS-X4232-L3
!
enable secret 5 *****************
enable password **********
!
ip subnet-zero
!
!
!
interface Port-channel1
no ip address
no ip directed-broadcast
hold-queue 300 in
!
interface Port-channel1.1
encapsulation dot1Q 1 native
ip address 10.10.1.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.16
encapsulation dot1Q 16
ip address 21x.xxx.16.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.17
encapsulation dot1Q 17
ip address 21x.xxx.17.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.18
encapsulation dot1Q 18
ip address 21x.xxx.18.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.19
encapsulation dot1Q 19
ip address 21x.xxx.19.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.20
encapsulation dot1Q 20
ip address 21x.xxx.21.254 255.255.254.0 secondary
ip address 21x.xxx.20.254 255.255.254.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.22
encapsulation dot1Q 22
ip address 21x.xxx.22.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface Port-channel1.23
encapsulation dot1Q 23
ip address 21x.xxx.23.254 255.255.255.0
ip access-group 110 in
ip access-group 110 out
no ip redirects
no ip directed-broadcast
!
interface FastEthernet1
no ip address
no ip directed-broadcast
shutdown
!
interface GigabitEthernet1
ip address 21x.xxx.xxx.xxx 255.255.255.240
ip access-group 110 in
ip access-group 110 out
no ip directed-broadcast
!
interface GigabitEthernet2
no ip address
no ip directed-broadcast
!
interface GigabitEthernet3
no ip address
no ip directed-broadcast
no negotiation auto
channel-group 1
!
interface GigabitEthernet4
no ip address
no ip directed-broadcast
no negotiation auto
channel-group 1
!
ip classless
ip route 0.0.0.0 0.0.0.0 2xx.xxx.xxx.xxx
!
access-list 110 deny tcp any any eq echo
access-list 110 deny tcp any any eq chargen
access-list 110 deny tcp any any eq 135
access-list 110 deny tcp any any eq 136
access-list 110 deny tcp any any eq 137
access-list 110 deny tcp any any eq 138
access-list 110 deny tcp any any eq 139
access-list 110 deny tcp any any eq 389
access-list 110 deny tcp any any eq 445
access-list 110 deny tcp any any eq 4444
access-list 110 deny udp any any eq tftp
access-list 110 deny udp any any eq 135
access-list 110 deny udp any any eq 136
access-list 110 deny udp any any eq netbios-ns
access-list 110 deny udp any any eq netbios-dgm
access-list 110 deny udp any any eq netbios-ss
access-list 110 deny udp any any eq 389
access-list 110 deny udp any any eq 445
access-list 110 deny udp any any eq 1434
access-list 110 deny udp any any eq 1433
access-list 110 deny udp any any eq 1025
access-list 110 deny udp any any eq 455
access-list 110 deny udp any any eq 5554
access-list 110 deny udp any any eq 9996
access-list 110 deny udp any any eq 6129
access-list 110 deny udp any any eq 3127
access-list 110 deny udp any any eq 2745
access-list 110 deny tcp any any eq 6669
access-list 110 deny tcp any any eq 1023
access-list 110 deny tcp any any eq 1024
access-list 110 deny tcp any any eq 3332
access-list 110 deny tcp any any eq 69
access-list 110 deny udp any any eq 593
access-list 110 deny tcp any any eq 593
access-list 110 permit ip any any
arp 127.0.0.2 0005.5e73.9300 ARPA
!
line con 0
transport input none
line aux 0
line vty 0 4
password **********
login
!
end

WS-X4232-L3#