Настройка маршрутизации intervlan и транкинга isl/802.1q на коммутаторах catalyst 2900xl/3500xl/2940/2950/2970 с использованием внешнего маршрутизатора

Load Sharing on Trunk Ports

Load sharing divides the bandwidth supplied by parallel trunks connecting switches. To avoid loops, STP normally blocks all but one parallel link between switches. Using load sharing, you divide the traffic between the links according to which VLAN the traffic belongs.

You configure load sharing on trunk ports by using STP port priorities or STP path costs. For load sharing using STP port priorities, both load-sharing links must be connected to the same switch. For load sharing using STP path costs, each load-sharing link can be connected to the same switch or to two different switches.

Network Load Sharing Using STP Priorities

When two ports on the same switch form a loop, the switch uses the STP port priority to decide which port is enabled and which port is in a blocking state. You can set the priorities on a parallel trunk port so that the port carries all the traffic for a given VLAN. The trunk port with the higher priority (lower values) for a VLAN is forwarding traffic for that VLAN. The trunk port with the lower priority (higher values) for the same VLAN remains in a blocking state for that VLAN. One trunk port sends or receives all traffic for the VLAN.

Figure 2. Load Sharing by Using STP Port Priorities.

This figure shows two trunks connecting supported switches.

  • VLANs 8 through 10 are assigned a port priority of 16 on Trunk 1.

  • VLANs 3 through 6 retain the default port priority of 128 on Trunk 1.

  • VLANs 3 through 6 are assigned a port priority of 16 on Trunk 2.

  • VLANs 8 through 10 retain the default port priority of 128 on Trunk 2.

Trunk 1 carries traffic for VLANs 8 through 10, and Trunk 2 carries traffic for VLANs 3 through 6. If the active trunk fails, the trunk with the lower priority takes over and carries the traffic for all of the VLANs. No duplication of traffic occurs over any trunk port.

Related Tasks

Теоретические сведения

EtherChannel обеспечивает последовательное повышение скорости между Fast Ethernet (FE) и Gigabit Ethernet (GE) благодаря группированию множества портов, имеющих одинаковую скорость, в один логический канал. EtherChannel объединяет множество портов FE до 800 мбит/с или GE до 8 гбит/с. Такое объединение обеспечивает отказоустойчивую высокоскоростную связь между коммутаторами, маршрутизаторами и серверами. Транкинг позволяет передавать трафик из нескольких виртуальных локальных сетей (VLAN), используя соединение «точка-точка» между двумя устройствами. Цель настройки транкинга между коммутатором и маршрутизатором заключается в обеспечении связи между VLAN. В кампусной сети настройка транкинга выполняется для канала EtherChannel с целью передачи информации нескольких VLAN по каналу с высокой пропускной способностью.

Allowed VLANs on a Trunk

By default, a trunk port sends traffic to and receives traffic from all VLANs. All VLAN
IDs, 1 to 4094, are allowed on each trunk. However, you can remove VLANs from the
allowed list, preventing traffic from those VLANs from passing over the trunk.

To reduce the risk of spanning-tree loops or storms, you can disable VLAN 1 on any individual VLAN trunk port by removing VLAN 1 from the allowed list. When you remove VLAN 1 from a trunk port, the interface continues to send and receive management traffic, for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), Link Aggregation Control Protocol (LACP), DTP, and VTP in VLAN 1.

If a trunk port with VLAN 1 disabled is converted to a nontrunk port, it is added to the
access VLAN. If the access VLAN is set to 1, the port will be added to VLAN 1,
regardless of the switchport trunk allowed setting. The same
is true for any VLAN that has been disabled on the port.

A trunk port can become a member of a VLAN if the VLAN is enabled, if VTP knows of the VLAN, and if the VLAN is in the allowed list for the port. When VTP detects a newly enabled VLAN and the VLAN is in the allowed list for a trunk port, the trunk port automatically becomes a member of the enabled VLAN. When VTP detects a new VLAN and the VLAN is not in the allowed list for a trunk port, the trunk port does not become a member of the new VLAN.

Trunk Operation

Well we need to trunk those switches together. We’ll change our encapsulation really. We’ll change the language that we speak across that link just a little bit and we’ll further identify the VLAN for the frames that traverse that link. That’s a trunk, okay? Now if you’re struggling with this, I want you to think about the challenge — a link, by default, is an access link and it lacks this trunking mechanism. And therefore, one link can only carry one VLAN’s worth of traffic, because we can’t discretely identify which VLAN a frame would be part of. So think about the fact that multiple switches will generally be part of the broadcast domain that the VLAN lives in and we’re going to have potentially hundreds of VLANs in one given space. Certainly, it’s quite common to see 15 to 50 VLANs in a common space to the access layer. So now we have a really big challenge. We might have a gigabit link or a 10 Gb link between our switches, and carrying one VLAN isn’t sufficient, is it? So we choose to make that a trunk link and voilà, our connectivity problem is solved. We still might have a bottleneck, but the VLANs can then flow. So this is a big deal, isn’t it? And we have to think to ourselves, okay, switch-to-switch connections should probably be trunk links, right? Also, switch to multilayer switch or switch to router, because those devices would have to terminate and route for the different VLANs. So all things being equal, when I look at a topology, I think all the links that are going down to PCs, those are going to be access ports, they’re not going to be trunks. And then, the links between my switches, those I’m going to make trunks.

This trunk link has to keep track of which VLAN that traffic belongs to, so it’s going to be tagging. But is every single VLAN tagged when we send traffic over that trunk?

There is an exception to every rule, right? At least, that’s very true here. The trunking protocol that we use in modern day Cisco is 802.1Q. You might see Inter-Switch Link, or ISL, nothing wrong with that, but we’re talking about 802.1Q – the standardized trunking technology. The Institute of Electrical and Electronics Engineers, or IEEE, who designed it, baked in the untagged VLAN called the native VLAN, a default to VLAN 1 and it can be changed. If you change it, make sure you change it on both sides of the trunk link and it, in fact, is a security challenge, so we choose to change it often to 99 or 999. So one of the 4,094 VLANs that could flow, one of them is untagged. That’s the native VLAN, defaults to 1.

Проверка

В данном разделе содержатся сведения для проверки текущей конфигурации.

Некоторые команды show поддерживаются интерпретатором выходных данных (только для зарегистрированных пользователей); это позволяет просматривать анализ выходных данных команды show.

Команды show для Catalyst 2950

  • show etherchannel

  • show interfaces interface-id switchport

  • show interfaces interface-id trunk

show etherchannel

Команда show etherchannel служит для отображения информации EtherChannel. Эта команда также отображает балансировку нагрузки или схему распределения кадров, сведения о порте и канале порта. Синтаксис команды:

Примечание. Эта команда должна располагаться на одной строке.

show interfaces interface-id switchport

Команда show interfaces interface-id switchport показывает конфигурацию интерфейса порта коммутатора в поле Administrative Mode и поле Administrative Trunking Encapsulation.

show interfaces interface-id trunk

Команда show interfaces interface-id trunk показывает магистральную конфигурацию интерфейса.

Команды show маршрутизатора Cisco 7200

  • show interfaces port-channel channel-number
  • show interfaces interface.subinterface

show interfaces port-channel channel-number

Команду show interfaces port-channel channel-number можно использовать для проверки интерфейса канала порта и портов канала.

show interfaces interface.subinterface

Команда show interfaces interface.subinterface может применяться для проверки конфигурации магистрали.

Предварительные условия

Требования

Перед использованием этой конфигурации ознакомьтесь со следующими требованиями.

  • Функции транкинга FEC и 802.1Q доступны в коммутаторах Catalyst L2 с фиксированной конфигурацией и программным обеспечением Cisco IOS версии 12.0(5.2)WC(1) и более поздних версий. Коммутаторы Catalyst 2940 и 2955/2950 не поддерживают транкинг с протоколом ISL (Inter-Switch Link) из-за ограниченных возможностей оборудования.

  • Маршрутизаторы Cisco поддерживают EtherChannel и возможности транкинга 802.1Q в ПО Cisco IOS версии 12.0(T) и выше. Однако не все маршрутизаторы поддерживают обе функции. Используйте данную таблицу для определения платформ маршрутизаторов, на которых поддерживаются FEC и функции транкинга 802.1Q.

    Платформа маршрутизаторов

    EtherChannel

    Инкапсуляция IEEE 802.1Q

    Маршрутизатор Cisco 1710

    Нет

    Да

    Маршрутизатор Cisco 1751

    Нет

    Да

    Cisco серии 2600

    Нет1

    Да

    Cisco серии 3600

    Нет1

    Да

    Cisco серии 3700

    Нет1

    Да

    Cisco серии 4000-M (4000-M, 4500-M, 4700-M)

    Нет

    Да

    Cisco серии 7000 (RSP2 7000, RSP 7000CI)

    Да

    Да

    Cisco 7100

    Нет

    Да

    Cisco серии 7200

    Да

    Да

    Cisco серии 7500 (RSP1, RSP2, RSP4)

    Да

    Да

    1 Исключение в поддержке EtherChannel для маршрутизаторов Cisco 2600, 3600 и 3700 возникает в случае, если вы установили сетевой модуль NM-16ESW или NM-36ESW (Ethernet Switch Network Module). Каждый из этих модулей поддерживает не более шести каналов EtherChannels, до восьми портов в группе.

    2 RSP = Route Switch Processor (процессор маршрутизирующего коммутатора)

Используемые компоненты

При разработке и тестировании этой конфигурации использовались следующие версии программного и аппаратного обеспечения.

  • Коммутатор Catalyst 2950 с программным обеспечением Cisco IOS версии 12.1(9)EA1d

  • Маршрутизатор Cisco 7200 с ПО Cisco IOS версии 12.2(3).

Сведения, представленные в этом документе, были получены от устройств, работающих в специальной лабораторной среде. Все устройства, описанные в данном документе, были запущены с конфигурацией по умолчанию. При работе в действующей сети необходимо понимать последствия выполнения любой команды.

Условные обозначения

Дополнительные сведения об условных обозначениях см. в документе Технические рекомендации Cisco. Условные обозначения.

Configuration – Switchport Mode Access

In this session, we will discuss the configuration of the Access Mode of a switchport. As we already discussed, switchport used to connect with the End Points, i.e. Computer, Printer, Laptops, etc.

The Below configuration will explain to you to configure the switchport of a CISCO IOS switch.

GNS3Network_SW2# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
GNS3Network_SW2(config)# interface FastEthernet 0/1
GNS3Network_SW2(config-if)# switchport mode access
GNS3Network_SW2(config-if)# switchport access vlan 100
GNS3Network_SW2(config-if)#end
GNS3Network_SW2#

Another easy way to configure switchport is “switchport host”, which also configure the port as a switchport. It will also configure STP portfast feature.

GNS3Network_SW2# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
GNS3Network_SW2(config)# interface FastEthernet 0/1
GNS3Network_SW2(config-if)# switchport host
GNS3Network_SW2(config-if)#switchport access vlan 100
GNS3Network_SW2(config-if)#end
GNS3Network_SW2#

Different Types of Switchport – Access & Trunk

Switchport has two modes, i.e. Switchport mode trunk and switchport mode access. Let’s first understand the definition of both, Access Port and Trunk Ports.

Access Ports: Access Ports belong to a single VLAN and carry the traffic of a single VLAN only.

Trunk Ports: Trunk Ports, usually carry the traffic of multiple VLANs and by default will be the member of all VLANs configured on the switch.

To understand Switchports more clear, you can have a look at the below image:

On the top side of the screenshot, two interfaces are configured on each switch to carry the data of two VLANs i.e. VLAN 100 & VLAN 200. Each switchport is Access Port.

However, on the bottom side of the screenshot, only a single interface is sufficient to carry the data of two VLANs, i.e. VLAN 100 & VLAN 200. This switchport is Trunk Port.

Difference between Switchport Mode – Access and Trunk

In this session, we will discuss the difference between Trunk Port and Switch Port. The below table helps you with the differences between both of them.

Access Port Trunk Port
Access Port, is the member of single VLAN, and carry the traffic of that particular VLAN only. Trunk Port, carry the traffic of multiple VLANs. By default, Trunk ports member of all VLANs configured in the switch.
It is usually used to connect the end devices like Laptop, Printer, Computer, etc. It is usually used to establish the connectivity between Switch to Switch or Switch to Router (i.e. Router on a Stick)
Usually, less bandwidth is required while connecting the access port across devices. Trunk port usually required More bandwidth as compared to Access ports.
No VLAN tagging is performed, so no additional protocol required on Access Ports. For VLAN tagging, it used additional protocols depending on the environments. Two Protocols, i.e. IEEE 802.1Q or DTP (Cisco Proprietary)
Access Port Configuration:
GNS3_SW2(config-if)#switchport mode access
Trunk Port Configuration:
GNS3_SW2(config-if)#switchport mode trunk

However, It is highly recommended to configure the switch port manually rather than dynamic desirable.

Configuration – Switchport Mode Trunk

In this session, we will configure the switchport as a trunk. As we previously discussed, a trunk port is used to carry multiple VLAN traffic.

Below is the trunk port configuration for Cisco IOS Switches:

GNS3Network_SW2# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
GNS3Network_SW2(config)# interface FastEthernet 0/1
GNS3Network_SW2(config-if)#switchport mode trunk
GNS3Network_SW2(config-if)#end
GNS3Network_SW2#

By default, the trunk will be the member of all VLANs configured on the switch. So, it will carry out the traffic of each VLAN configured on the switch. You can restrict the switch to send the traffic of a particular VLAN using the below command:

GNS3Network_SW2# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
GNS3Network_SW2(config)# interface FastEthernet 0/1
GNS3Network_SW2(config-if)# switchport mode trunk
GNS3Network_SW2(config-if)# switchport trunk allowed vlan 10-11
GNS3Network_SW2(config-if)#end
GNS3Network_SW2#

Layer 2 Interface Modes

Table 1 Layer 2 Interface Modes

Mode

Function

switchport mode access

Puts the interface (access port) into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The interface becomes a nontrunk interface regardless of whether or not the neighboring interface is a trunk interface.

switchport mode dynamic auto

Makes the interface able to convert the link to a trunk link. The interface
becomes a trunk interface if the neighboring interface is set to
trunk or desirable
mode. The default switchport mode for all Ethernet interfaces is
dynamic auto.

switchport mode dynamic desirable

Makes the interface actively attempt to convert the link to a trunk link.
The interface becomes a trunk interface if the neighboring interface is set
to trunk, desirable, or
auto mode.

switchport mode trunk

Puts the interface into permanent trunking mode and negotiates to convert the neighboring link into a trunk link. The interface becomes a trunk interface even if the neighboring interface is not a trunk interface.

switchport nonegotiate

Prevents the interface from generating DTP frames. You can use this command
only when the interface switchport mode is access
or trunk. You must manually configure the
neighboring interface as a trunk interface to establish a trunk link.

switchport mode dot1q-tunnel

Configures the interface as a tunnel (nontrunking) port to be connected in an asymmetric link with an IEEE 802.1Q trunk port. The IEEE 802.1Q tunneling is used to maintain customer VLAN integrity across a service provider network.

Related Concepts

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *

Adblock
detector