Browse NETS topics: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z	Search NETS:

* -- indicates the section was updated in the latest version
*NEW -- indicates the section is new in the latest version

General Switch Information

• Cisco Switch Documentation
• Switch Login
• Switch Port comments
• Adding or removing a switch
• Auto-negotiation information

Non-Privileged Commands/Procedures

• Show the Current Port Status on a Switch
• *Show the Error and Data Counters for a Port (or identify a port with a potentially 'misbehaving' device on it)
• Port Error Logging on a Switch
• Show the Status and VLANs Connected to a Switch
• Show the VLAN Trunking on a Switch
• Show Modules and Software Versions for a Switch
• Show the Software Versions and Memory Information for a Switch
• Show the Switch Error Log

Privileged Commands/Procedures

• Modify a Port Assignment on a Switch
• Error Logging on a Switch
• Download a Switch's Configuration from the TFTP Server
• Enabling/Disabling system messages from displaying in the current session
• Delete one arp entry

Hardware and Software Installation Procedures

• General Notes for Switch/Card Installations
• Initial Switch Setup & Installation Check List
• Card Installation Procedures
• 'set port host' command for 6500 10/100/1000 ports
• Adding a Network (IP subnet)
• Replacing a Supervisor Card
• Establishing Etherchannel connections

Related documentation and other procedure pages

• Catalyst 3524 Management & Procedures
• Procedures to upgrade a Cat6xxx switch (e.g., upgrade the image)

Cisco Switch Documentation

Cisco 6000 Series Ethernet Switch Documentation Web Location

http://www.cisco.com/univercd/cc/td/doc/product/LAN/cat6000/index.htm

Switch Login

1. Login to the switch (telnet Switch Name or IP Address)
2. Enter your login name
3. Enter your one-time password from your CryptoCcard
4. If the login was successful, a switch prompt will be returned
5. If you have "Enable" level privileges, a switch prompt will be returned (a prompt that will be like "switch-name> (enable)" to indicate you are in "enable mode")

Switch Port Comments

Cisco Ethernet switch allow users to put a "Name" on each port. This is a comment field that can be used as desired, and has no effect on the operation of the switch. NCAR uses the field to show what a switch port is connected to. In machine rooms, we put machine names in the "Name" field. Everywhere else, we uses a standard NETS location label, usually to specify the Wall plate interface that a port connects to. In the automatically generated Ethernet Switch Port Lists, the "Name" field is called the "Connected To" field. It is also sometimes referred to as the "comment" field in Ethernet switches.

If a switch port has been allocated permanently to a certain VLAN, the Name field will have a P) prefix, indicating that the port is not to be disabled, regardless of how often it is used.

These are the steps for adding and removing a switch

Log into to ExtraView

• From your home page, select Add
• Select the NETS Add Remove Tab (at the top)
• Fill out the form and click submit

Information about the form:

• Email will be sent to all staff involved in adding or removing a switch once the ticket is opened.
• Staff should update the ticket as work is completed (click on complete button and click update).
• Staff assigned to the ticket will receive email every time the ticket has been updated until their task(s) are complete.
• Marla will receive a report of all open tickets once a week.
• The ticket can be closed by the staff member assigned to the ticket, or it will close automatically and email sent to everyone listed on the ticket once all steps are complete.

Switch port auto-negotiation information

Web page resources to consult:

Troubleshooting Cisco Catalyst Switches to Network Interface Card (NIC) Compatibility Issues (Cisco)
Using Portfast and Other Commands to Fix Workstation Startup Connectivity Delays (Cisco)
Ethernet Technologies (Cisco)
Configuring and Troubleshooting Ethernet 10/100Mb Half/Full Duplex Auto-Negotiation (Cisco)
Recovering From errDisable Port State on the CatOS Platforms
Charles Spurgeon's Ethernet Web Site (contains good information about auto-negotiation)

In general, if a port cannot auto-negotiate the port speed/duplex:

• Make sure auto-negotiation is configured on both ends of the link (use the show port command)
  -- you cannot configure settings manually on one end of the link and configure the other end of the link for auto-negotiation.
  
• If auto-negotiation fails when you connect a client NIC to the switch, check the NIC and drivers to make sure that auto-negotiation is supported.
• If auto-negotiation is supported and properly configured but you still cannot connect, turn off auto-negotiation and set the speed and duplex manually
  (use the set port speed and set port duplex commands).

Show the Current Port Status on a Switch

Login to the Switch (telnet Switch Name)
The following list displays various show port options

1. Show the Status of all ports on the Switch
   CatOS: show port
   IOS: show interface status
2. Show the Status of all Ports on a Card on the Switch
   CatOS: show port x (where x is the card number)
   IOS: show interface status module x (where x is the card number)
3. Show the Status of one port on the Switch
   CatOS: show port x/y (where x is the card number and y is the port number)
   IOS: show interface status "gig or faste"x/y (where x is the card number and y is the port number)

Show the Error and Data Counters for a Port

1. Login to the Switch (telnet Switch Name)
2. Show the Status of one port on the Switch
   CatOS: show port x/y (where x is the card number and y is the port number)
   IOS: show interface status "gig or faste"x/y (where x is the card number and y is the port number)
3. Show the MAC level information
   CatOS: show mac x/y (where x is the card number and y is the port number)
   IOS: show counters int "gig or faste"x/y (where x is the card number and y is the port number)
4. To aid in tracking down what port might be causing widespread network problems (e.g., a gigabit ethernet host with a bad NIC causing major network problems by spewing out large amounts of multicast traffic):
   • start by getting console access on one of the core switches (mlra or flra) in enable mode:
   • issue the 'clear counters' command to set values to zero
   • then issue the 'show mac' command to see all the unicast, multicast, and broadcast packets for all ports on the switch; if a port is 'misbehaving' badly, the large numbers of packets should stand out in one of the columns that command outputs and give you an indication of which port(s) you might check out first (i.e., which one might have the 'problem device' on it). More information on this matter is available on the troubleshooting severe switch problems web page.
5. Clearing port counters
   CatOS: clear counters x/y (where x is the card number and y is the port number)
   IOS: clear counters interface "gig or faste"x/y (where x is the card number and y is the port number)
6. Showing the updated counters
   CatOS: show counters x/y (where x is the card number and y is the port number)
   IOS: show counters interface "gig or faste"x/y delta (since last cleared)
   

Port Error Logging on a Switch

If a switch port performs poorly, do the following to save the port information for later use

1. Login to the Switch (telnet Switch Name)
   Win2K Example: Start->Run->type telnet xxx.xxx.xxx.xxx
   (where xxx.xxx.xxx.xxx is the switch's ip address)
2. Begin a log file to save the session results
   Win2K Example: Terminal->Start Logging->"Look in" = c:\, "File Name" = log Date Switch Name.txt
   (where Date is in the MMDDYY format and Switch Name is the name of the switch)
   Example: log040898ml-16c-c1-es.txt
3. Retrieve the switch's time
   CatOS: show time
   IOS: show clock
4. Retrieve the switch's log
   CatOS: show logging buffer
   IOS: show log
5. Retrieve the port information
   CatOS: show port x/y (where x is the card number and y is the port number)
   IOS: show interface status "gig or faste"x/y (where x is the card number and y is the port number)
6. Retrieve the MAC level information on the port
   CatOS: show mac x/y (where x is the card number and y is the port number)
   IOS: show int "gig or faste"x/y counters (where x is the card number and y is the port number)
7. Retrieve the switch's time again
   
8. Retrieve the port information again
   
9. Retrieve the MAC level information on the port again
   
10. Stop the log file to save the file's contents
    Win2K Example: Terminal->Stop Logging
11. Perform steps 1-11 again after 24 hours and save the results
12. If the error counts have changed between the two sets of results, check the patch cables at either end. If the patch cables are OK, contact NETS by using a "Work Request" and send the results or contact someone in the section depending on the severity of the problem.

Show the Status and VLANs Connected to a Switch

1. Login to the Switch (telnet Switch Name)
2. Show the Status of the VLANs
   CatOS: show vlan
   IOS: show vlan
   The last section of this status display shows the VLAN configuration information. Please review the on-line documentation to understand the column terms.

Show the VLAN Trunking on a Switch

1. Login to the Switch (telnet Switch Name)
2. Show the Status of the trunking
   CatOS: show trunk
   IOS: show interfaces trunk
   (Please review the fields descriptions on the Cisco web for descriptions of each field.)

Show Modules and Software Versions for a Switch

1. Login to the Switch (telnet Switch Name)
2. Show the Status of the modules
   CatOS: show module
   IOS: show module
   

Show the Software Versions and Memory Information for a Switch

1. Login to the Switch (telnet Switch Name)
2. Show the version information
   CatOS: show version
   IOS: show version

Show the Switch Error Log

1. Login to the Switch (telnet Switch Name)
2. Show the error log
   CatOS: show logging buffer
   IOS: show log

Error Logging on a Switch

If a switch performs an unscheduled reboot, do the following to save the reboot information

1. Login to the Switch (telnet Switch Name)
   Win2K Example: Start->Run->type telnet xxx.xxx.xxx.xxx
   ( where xxx.xxx.xxx.xxx is the switch's ip address)
2. Begin a log file to save the session results
   Win2K Example: Terminal->Start Logging->"Look in" = c:\, "File Name" = log Date Switch Name.txt
   (where Date is in the MMDDYY format and Switch Name is the name of the switch)
   Example:: log040898ml-16c-c1-es.txt
3. Retrieve the switch's time
   CatOS: show time
   IOS: show clock
   
4. Retrieve the switch's log
   CatOS: show logging buffer
   IOS: show log
5. Retrieve the switch's version information
   CatOS: show version
   IOS: show version
6. Retrieve the switch's installed modules information
   CatOS: show module
   IOS: show module
7. Retrieve the switch's current configuration
   CatOS: show config
   IOS: show run
8. Stop the log file to save the file's contents
   Win2K Example: Terminal->Stop Logging
9. Archive the error log

Modifying a port assignment on a switch

1. Login to the Switch (telnet Switch Name)
2. If the port is being disabled, set the VLAN to 1. Otherwise, check the Subnet and VLAN list to determine the VLAN to use.
3. Verify the VLAN exists on the switch via the "show vlan" command. This is the output from a good vlan:

   y2k-6509> (enable) show vlan 1000  
   VLAN Name                             Status    IfIndex Mod/Ports, Vlans  
   ---- -------------------------------- --------- ------- ------------------------  
   1000 example-net                        active    235     6/1
                                                             15/1      
   VLAN Type  SAID       MTU   Parent RingNo BrdgNo Stp  BrdgMode Trans1 Trans2  
   ---- ----- ---------- ----- ------ ------ ------ ---- -------- ------ ------  
   1000 enet  101000     1500  -      -      -      -    -        0      0      
   
   VLAN MISTP-Inst DynCreated  RSPAN  
   ---- ---------- ---------- --------  
   1000 -          static     disabled
   

4. Once the existence of the VLAN has been verified on the switch, proceed to activating the port:
   CatOS: set vlan z x/y (where z is the vlan number, x is the card number and y is the port number)
   IOS: interface "gig or faste"x/y (where x is the card number and y is the port number)
   switchport access vlan z (where z is the vlan number)
   
   
5. Change the name of the port to the opposite end's connection device, usually a telecommunications outlet
   CatOS: set port name x/y ML-43A-W1-2B (where x is the card number and y is the port number, and the text is the information on the connection)
   IOS: interface "gig or faste"x/y (where x is the card number and y is the port number)
   description ML-43A-W1-2B (the text is the information on the connection)

Download a Switch's Configuration from the TFTP Server
NOTE: This procedure will disrupt the switch's operation!!!

1. Login to the Switch (telnet Switch Name)
2. Download the configuration file (configure HostIPAddress Directory/File - where HostIPAddress is the TFTP host, Directory/File is the directory and configuration name)
   CatOS: configure xxx.xxx.xxx.xxx configs/fl2-2143-c1-es
   IOS: copy tftp xxx.xxx.xxx.xxx1 configs/fl2-2143-c1-es running-config
   ( where xxx.xxx.xxx.xxx is the tftp server address)
   This will take a few minutes and each configuration line will be displayed on the console

Enabling/Disabling system messages from displaying in the current session

1. If you are troubleshooting a problem on a switch and you keep getting interrupted by lots of system messages scrolling by, you can issue this command to turn them off for the duration of your session
   CatOS: set logging session disable
   IOS: terminal no monitor
   
   
2. And of course if you do want to see those messages again, you'd enter "set logging session enable"
   CatOS: set logging session enable
   IOS: terminal monitor

Deleting one arp entry on a switch

1. How do you clear an individual ARP cache entry on the router should you need to?
   CatOS: clear arp xxx.xxx.xxx.xxx
   IOS: clear ip arp xxx.xxx.xxx.xxx
   
   

General Notes for Switch/Card Installations

1. Check that all needed hardware is available (Cards, cables, patch panels, cable management, rack screws)
2. Schedule Down Time and send an Outage Notice at least a week in advance
3. Prepare a Complete Check List of items needed for the installation

   Example:

   1. Get three 48 port cards
   2. Get six patch panels
   3. Get 24 card to patch panel cables
   4. Bring tool bag
   5. Get rack screws
   6. Bring PC & console cables
   7. Bring port assignment sheets
   8. Get Fluke OneTouch
   9. Bring Labeling doc. & labeler
   10. Bring this document
       
       
4. During the installation, test all ports with the OneTouch
5. Install at least the generic labels on all devices and patch panels

Initial Switch Setup & Installation Check List

1. Install the switch with correct power & cable management
2. Connect a console device to the console port
3. Login to the switch's console port by entering the password [if one has already been assigned--if not, there won't be one!]
4. Change the security mode to modify the configuration (enable Password)
5. Clear the switches configuration
   CatOS: clear config all
   IOS: delete nvram:startup-config
   reload
6. Verify the switch is running the current IOS version [can be upgraded via flash card, or via minimal TCP/IP config if necessary]
7. If not, perform the download procedure
8. Set the switch's unique information
   1. Set the name (where Switch Name is the name of the switch)
      CatOS: set system name fl2-2143-c1-gs
      set prompt fl2-2143-c1-gs>
      IOS: hostname fl2-2143-c1-gs
   2. Set the VLAN domain
      CatOS: set vtp domain ucarvtp
      set vtp mode off vlan
      set vtp mode off mst
      IOS: vtp domain ucarvtp
      vtp mode transparent
      
   3. Set the switch IP address
      CatOS: set interface sc0 vlan-number xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy
      IOS: interface vlan-number
      ip address xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy
      no ip redirects
      no ip proxy-arp
      no ip route-cache
      no shut
      (where vlan-number is the management VLAN number for the campus, xxx.xxx.xxx.xxx is the IP address of the switch, and yyy.yyy.yyy.yyy is the mask)
   4. Define the default route for the switch
      CatOS: set ip route 0.0.0.0 xxx.xxx.xxx.xxx
      IOS: ip route 0.0.0.0 xxx.xxx.xxx.xxx
      (where xxx.xxx.xxx.xxx is the IP address of the default router)
   5. Define the radius information for the security login to the device
      CatOS: set radius server xxx.xxx.xxx.xxx auth-port 1816 primary
      set radius key abcdefghijklmnop123456
      set radius attribute framed-ip-address include-in-access-req enable
      IOS: radius-server host xxx.xxx.xxx.xxx auth-port 1816 acct-port 1818
      radius-server source-ports 1645-1646
      radius-server retransmit 1
      radius-server timeout 3
      radius-server key abcdefghijklmnop123456
      ip radius source-interface Loopback0
      (where xxx.xxx.xxx.xxx is the IP address of the radius server and abcdefghijklmnop123456 is the system key )
9. Follow the card installation procedures below to configure any installed modules
   
10. Set the login methods to use radius
    CatOS: set authentication login radius enable console primary
    set authentication login radius enable telnet primary
    set authentication enable radius enable console primary
    set authentication enable radius enable telnet primary
    IOS: aaa authentication login default group radius line
    aaa authentication enable default group radius enable
    aaa authorization console
    aaa authorization exec default group radius none
    
11. Set the login password
    CatOS: set password a1b2c3d4
    IOS: line con 0
    password 0 a1b2c3d4
    transport preferred none
    (get a1b2c3d4 from security file)
12. Set the enable password
    CatOS: set enablepass z9y8x7w6
    IOS: enable secret 0 z9y8x7w6
    service password-encryption
    (get z9y8x7w6 from security file)
13. Configure SNMP settings
    CatOS: set snmp community read-only xxxxxxxx
    set snmp community read-write xxxxxxxx
    set snmp community read-write-all xxxxxxxx
    IOS: snmp-server community xxxxxxx RO 95
    snmp-server community xxxxxxx RW 95
    snmp-server community public xxxxxxx RO 97
    (where xxxxxxxx is the appropriate NCAR SNMP community strings from security file)
14. Enable time synchronization from the network
    CatOS: set ntp broadcastclient enable
    set timezone MST -7 0
    set summertime enable MDT
    set summertime recurring second Sunday March 02:00 first Sunday November 02:00 60
    IOS: clock timezone MNT -7
    clock summer-time MDT recurring
    ntp server xxx.xxx.xxx.xxx
    
15. Enable DNS
    CatOS: set ip dns server xxx.xxx.xxx.xxx primary
    set ip dns server yyy.yyy.yyy.yyy (for the secondary)
    set ip dns enable
    set ip dns domain ucar.edu
    IOS: ip domain-name ucar.edu
    ip name-server xxx.xxx.xxx.xxx
    ip name-server yyy.yyy.yyy.yyy (for the secondary)
    

Card Installation Procedures

1. Actions Before Card is Inserted
   1. Get card and if needed cables, patch panels, and cable management
   2. Login to switch to check software levels to verify card will be supported and the switch is at the current version levels
   3. Schedule Down Time and send an Outage Notice at least a week in advance (the switch may crash or need to be reset)
   4. Produce labeling for card
   5. If needed, download new software to switch
      
      
2. Actions at Time of Card Insertion
   1. Login to the switch through the console port with a PC
   2. Check switch status (show vlan, show trunk, show port)
   3. Prepare patch panel and cables if needed
   4. Install the card (This may reboot the switch)
      - a card insertion message should appear
   5. Verify the status of the new module
      CatOS: show text x
      show module
      IOS: show diganostic result module x
      show module
   6. Connect the cables to the card and secure
   7. Issue the following commands for a module being used for end host connection.
      
      CatOS
      • set port host <mod>/1-48
      • set port qos <mod>/1-48 trust trust-cos
      • set port qos <mod>/1-48 vlan-base
      • set port auxiliaryvlan <mod>/1-48 <campus V-VLAN> cdpverify enable
      • set port jumbo <mod>/1-48 enable (if this is a 1Gig capable module)
        
      
      Issuing the 'set port host' command achieves the same result as if you had entered each of the following commands separately: 'set spantree portfast', 'set trunk off', and 'set channel mode off'. You should do this for all 10/100/1000 ports on all Cisco Catalyst 6500s that you know have only single hosts connected. This solves many potential problems we have seen with hosts (e.g., appletalk problems)
      
      IOS
      
      • interface range "gig or faste"<mod>/1-48
      • switchport
        
      • switchport mode access
        
      • switchport voice vlan <campus V-VLAN>
        
      • mls qos vlan-based
      • mtu 9216 (if this is a 1Gig capable module)
      • no shut
        
        
   8. Label the installed components (card, cables, patch panels)

Adding a Network (IP subnet)

These are the steps you need to go through in order to add a network (new IP subnet):

1. Check the Subnet and VLAN list to determine the VLAN to use
   Choose an unused number, preferably one "next" to an existing number for the customer
2. The master-network-list file may be incorrect, so you need to verify that the given number is not in use.
   Log in to a router and use a show ip route 128.117.x.0 command, where x is the network number.
   The router will display information about the route.
   -- If the first line says Routing entry for 128.117.0.0/16, then there is no explicit route to the network, and it's not in use.
   -- If the first line says anything else, then the route is probably in use, and you should try to allocate a different subnet number.
3. Edit theNND Network Information using the Django interface.
   NOTE: network name should always end in "net".
4. Determine whether the network will be at the ML, FL, or CG site. Use the appropriate devices for the campus.
   • ML: mlra
     mlrb ml-243b-c1-gs
   • CG: cgra
   • FL: flra
     flrb fl4-1012-c1-gs
5. Add router interfaces for the new network
   (in this example, the addition of a new ML network is shown along with our current 'standard' interface settings; the important thing to note is that the 'a' router gets a .253 interface address and the 'b' router gets a .254 interface address; also note that the 'standby <network> priority xxx preempt' numbers -- the 'a' router gets a '101' value and the 'b' router gets a '100' value; the standby IP address is obviously the same for each):
   • on mlra:
     
     int vlan241
     description --------------------------------------- VLAN 241 (ad1testnet)
     ip address 128.117.241.253 255.255.255.0
     no ip redirects
     no ip proxy-arp
     ip pim sparse-dense-mode
     ip cgmp
     ntp broadcast
     standby 241 priority 101 preempt
     standby 241 authentication Auth
     standby 241 ip 128.117.241.251
     
     
   • on mlrb:
     
     int vlan241
     description --------------------------------------- VLAN 241 (ad1testnet)
     ip address 128.117.241.254 255.255.255.0
     no ip redirects
     no ip proxy-arp
     ip pim sparse-dense-mode
     ip cgmp
     ntp broadcast
     standby 241 priority 100 preempt
     standby 241 authentication Auth
     standby 241 ip 128.117.241.251
     
     

   Also be sure to do a 'no shutdown' on each of these new interfaces after you've defined them (but before you exit configuration mode); then exit configuration mode and do a 'copy run start'; also note the ip addresses you assigned as part of that last step -- you'll need those numbers to make the DNS request in the next step.

   Determine whether you want the the interface to be OSPF passive (on both routers) or not. Our new default is passive-interface, so you only need to specify something here (e.g., "no passive-interface Vlan2" ) if you want it to *not* be passive.

6. Submit a DSG work request for the DNS part of this--you'll request a DNS entry for each of the following:
   • the 'a' router interface; continuing the example above, you'd ask for 'mlra-n241.ucar.edu' for 128.117.241.253
   • the 'b' router interface; continuing with the example above, you'd ask for 'mlrb-n241.ucar.edu' for 128.117.241.254
   • the network 'default gateway' (router address for nodes on the new network) address; continuing with the example above, you'd ask for 'mlr-n241.ucar.edu' for 128.117.241.251
7. Add the new VLAN to all the switches on the campus. If you have access to David Mitchell's Python script named edit-vlan.py on the nagman machine, you can do something like

   ~mitchell/bin/edit-vlan.py add <campus> <vlan id> <vlan name>

   to add it for all switches on a campus. If you don't have access to the script, you'll have to manually apply the Adding a VLAN to a Switch procedure on each closet switch, and set the STP root manually as described in the next step.
8. If you can't run the edit-vlan.py script, or if it produced error messages, you should manually set the spanning tree protocol (STP) root for the VLAN appropriately. For example, if the router interface for the VLAN is on mlra/b, set the STP root to be on mlra with these commands on mlra:

   configure terminal
spanning-tree vlan <n> priority 8192
end
copy running-config startup-config

Since we have redundant Supervisors in all of our systems, you only need to prep the replacement with the proper CatOS or IOS image. The configuration will be synchronized after insertion in the switch.

1. Insert the replacment module in a test switch
2. Connect a terminal or PC to the console port
3. Copy the proper image to the Sup using a flash card
   copy slot0:cat6000-sup2k9.8-4-5.bin bootflash:
   or
   copy disk0:s3223-ipbasek9-mz.122-33.SXH4.bin sup-bootdisk:
4. Enter the boot statement to use the correct image
   set boot system flash bootflash:cat6000-sup2k9.8-4-5.bin prepend
   or
   boot system flash sup-bootdisk:s3223-ipbasek9-mz.122-33.SXH4.bin
5. Reload the supervisor
   CatOS: reset system
   IOS: reload
   
6. Power down the switch and remove the supervisor from the test switch
7. Remove failed supervisor and replace with configured replacement.
8. Verify that the supervisor comes online and that syncronization happens

Establishing Etherchannel connections between two ports

Configuring EtherChannels in the Cisco IOS Software is a two-step process: first the ports are assigned to a channel-group and then the virtual interface port-channels are configured. The virtual interface port-channel behaves like a physical interface. In both CatOS and Cisco IOS, all configurations on the port channel interfaces are propagated to the physical interfaces of the port channel. For example, shutting the port channel
interface will shut all physical ports on that port channel. To change parameters of all ports in an EtherChannel, the configuration should be applied to the port channel interface. Although the Cisco IOS Software allows configuration on physical interfaces, the configuration will not be propagated to the port channel bundle. If the interfaces within the bundle are not identical, the channel will not form.

EtherChannels in CatOS and Cisco IOS Software bundle individual Ethernet links into a single logical link to provide bandwidth aggregation and link resilience in a network. Catalyst 6500 Ethernet interfaces support up to eight interfaces per EtherChannel with all interfaces at the same speed: 10,100, 1000 or 10,000 Mbps.

Ports do not have to be contiguous or on the same module, however, the following conditions must be met for the etherchannel to work:

• Ports can form an EtherChannel when they are in different PAgP modes as long as the modes are compatible (check documentation for compatible combinations). The default channel mode for a port is auto. In this mode, the port will not initiate the creation of a channel, but will create one if the other end of the link requests it. In 'desirable' mode the port will ask the other end to create a channel, which will succeed if the other end is either 'auto' or 'desirable'. The 'off' mode should be used on host connections to reduce the port startup time. The 'on' mode should never be used as it can cause spanning tree problems. Normally, host ports should be in 'off' and trunks should be in 'auto'. If a channel is desired between two switches, those ports should be manually configured into the same admin group and mode 'desirable'.
• Ports on a switch can be combined into an EtherChannel when they are in the same administrative group. Ports on different modules must be manually configured to the same group if a channel is to form.
• Assign all ports in an EtherChannel to the same VLAN, or configure them as trunk ports.
• If you configure the EtherChannel as a trunk, configure the same trunk mode on all the ports in the EtherChannel. Configuring ports in an EtherChannel in different trunk modes can have unexpected results.
• An EtherChannel supports the same allowed range of VLANs on all the ports in a trunking EtherChannel. If the allowed range of VLANs is not the same for a port list, the ports do not form an EtherChannel even when set to the auto or desirable mode with the set port channel command.
• Ports with different port path costs, set by the set spantree portcost command, can form an EtherChannel as long they are otherwise compatibly configured. Setting different port path costs does not, by itself, make ports incompatible for the formation of an EtherChannel.
• Do not configure the ports in an EtherChannel as dynamic VLAN ports. Doing so can adversely affect switch performance.
• An EtherChannel will not form with ports that have different GARP VLAN Registration Protocol (GVRP), GARP Multicast Registration Protocol (GMRP), and quality of service (QoS) configurations.
• Configure all ports in an EtherChannel to operate at the same speed and duplex mode.
• An EtherChannel will not form with ports where the port security feature is enabled.
• You cannot enable the port security feature for ports in an EtherChannel.
• An EtherChannel will not form if one of the ports is a SPAN destination port.
• An EtherChannel will not form if protocol filtering is set differently on the ports.
• Enable all ports in an EtherChannel. If you disable a port in an EtherChannel, it is treated as a link failure and its traffic is transferred to one of the remaining ports in the EtherChannel.

Some notes on EtherChannel:

Date: Thu, 9 Oct 2003 11:07:12 -0600 (MDT)
From: David Mitchell
To: Pete Donnie Sakosky
Cc: ne@ucar.edu
Subject: Re: etherchannel pain in the ---

Here's my understanding for setting up etherchannel.

• Every port is in a channel admin group by default. These are high numbered groups of four adjancent ports on a card.
• We want the admin groups to be like numbered ports on two different cards, such as 3/3,4/3. I've been using the port numer for the group number. So for ml-50-c1-gs, you should just need to do a "set port channel 3/4,4/4 4" on ml-mr-c1-gs. On the closet switch, a similar command is needed "set port channel 1/1,2/1 1". These commands will bounce all affected ports.
• Once the admin group has been created, the configurations of the ports needs to match for the channel to form. The command "show channel group 4 info" will list the status of all relevant config settings. And mis-match in the output of this will keep the channel from forming. Usually this is just the qos settings.
• The output of 'show channel' will show the actively channelling ports. Note that the "channel Id" is an arbitrary number that gets assigned to active channels. No idea why they don't just use the admin group numbers.

-David

-------- Original Message -------- Subject: Re: EMERGENCY SERVICE MAINTENANCE: ML-50-C1-GS
Date: Thu, 09 Oct 2003 09:08:22 -0600
From: Pete Donnie Sakosky
To: Jeff Custard

hi jeff,

indeed, there is no etherchannel right now. i was searching for that QoS setting, so thanks for getting that for me. that was one of four problems that wouldn't let me bring up the channel. first was a bad fiber patch, second was the QoS, third was non-matching ISL trunks on ml-50, and fourth was existing etherchannel configuration on ml-mr-c1-gs.

i found out how to fix all of this, but i ran out of window, so i'll have to bring up the channel some other time.

the non-matching ISL trunking was a case of having (on ml-50) 2/1 as negotiate and 1/1 as on. they are both set to "on" now.

the existing etherchannel configuration was tougher to figure out and is what blew the thing this morning. on ml-mr, both 3/4 and 4/4 (which correspond to ml-50 2/1 and 1/1 respectively) were already in separate port channel groups. i found out the hard way that there is no "clear port channel 3/4" command. to remove ports and delete existing channel groups, you need to remove all ports in a channel group- "set port channel x/x-y,x/x mode off". this is non-intuitive and not cool. it also impacts the spanning tree of those other ports in that channel group. i knocked ml-16 off the network for 30 seconds while spanning tree reconverged (but it was within our window).

so, as of now, ports 3/4 and 4/4 on ml-mr are finally not associated with any channel groups. since you got the QoS, here's all that should be needed to bring up etherchannel now-

on ml-mr-c1-gs:
set port channel 3/4,4/4 mode desirable silent

other than that, the OS upgrade was smooth. this was a simple 7P's breakdown with the etherchannel stuff. i'll get it fixed on saturday it sounds like.

donnie

 

1. Some Cisco URLs for etherchannel:

   http://www.cisco.com/warp/public/473/#EtherChannel

   http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd/channel.htm

Document revision history:

• James Van Dyke - February 11, 1999 - Version 3.0
• Pete Siemsen - May 4, 1999 - Version 3.1
• Pete Siemsen - January 05, 2001 - Version 3.2
• Jeff Custard - April 13, 2001 - Version 3.3
• Pete Siemsen - April 26, 2001 - Version 3.4
• David Mitchell - May 30, 2001 - Version 3.5
• Jeff Custard - August 03, 2001 - Version 3.6
• Pete Siemsen - September 28, 2001 - Version 3.7
• Pete Siemsen - October 12, 2001 - Version 3.8
• Jeff Custard - November 01, 2002 - Version 3.9
• Jeff Custard - April 11, 2002 - Version 4.0
• Jeff Custard - September 09, 2002 - Version 4.1
• Jeff Custard - December 18, 2002 - Version 4.2
• David Mitchell - February 9, 2004 - Version 4.3 - Old version
• Belinda Housewright - September 29, 2004 - V4.4 - New Remedy form for Adding/Removing switch
• Pete Siemsen - Novemberber 8, 2004 - V4.5
• Paul Dial- Novemberber 18, 2005 - V4.6
• Teresa Shibao - February 23, 2006 - V4.7
• Teresa Shibao - July 7, 2006 - V4.8
• Pete Siemsen - September 6, 2006 - V4.9
• Teresa Shibao - August 23, 2007 - V5.0
• Teresa Shibao - August 5, 2009 - V5.1
• Teresa Shibao - September 3, 2009 - V5.2 Adding IOS command equivalents
• Teresa Shibao - November 6, 2009 - V5.3 additional notes for show and clear counters, CatOS and IOS