1.30 Implement trunk and trunk protocols, EtherChannel, and load-balancing
a) DTP (Dynamic Trunking Protocol)
b) Etherchannels
c) Allowed VLAN
d) Router on a Stick
e) Native VLAN
DTP
Dynamic Trunking Protocol (DTP) is a Cisco switch only (not supported on routers) protocol where a switch will attempt to automatically negotiate the capability to support VLAN trunking on an interface. If DTP fails, the interface will remain in access rather than trunking mode.
For DTP negotiation to occur, both switches need to be in the same VTP domain. By default interfaces are set for DTP operation (by an implied no switchport nonegotiate). To disable DTP on an interface "switchport nonegotiate" must be configured
Interface Configs for working trunks
| Configuration Side A | Short Name | Description | For Trunking Configure Side B with |
| switchport mode trunk | Trunk | Always Trunking Side A and sends DTP Frames to Side B to help determing Trunking Mode | switchport mode trunk switchport mode trunk + switchport nonegotiate, switchport mode dynamic desirable, switchport mode dynamic auto |
| switchport mode trunk switchport nonegotiate | Nonegotiate | Always Trunking Side A no DTP Frames sent to Side B | switchport mode trunk, switchport mode trunk + switchport nonegotiate |
| switchport mode dynamic desirable | desirable | Sends DTP Frames sent to Side B, trunks if negotiation succeeds | switchport mode trunk, switchport mode dynamic desirable, switchport mode dynamic auto |
| switchport mode dynamic auto | auto | Replies to DTP Frames sent from Side B, trunks if negotiation succeeds | switchport mode trunk, switchport mode dynamic desirable |
| switchport mode access | access | Sends DTP Frames sent to Side B, but never trunks | No config results in a working trunk |
| switchport mode access switchport nonegotiate | access nonegotiate | No DTP Frames sent to Side B never trunks | No config results in a working trunk |
Trunk Encapsulation
Cisco propietary ISL encapsulate ethernet frames within an ISL frame that has 26 byte header and 4 byte CRC (encapsulated frames are sent with the switch src MAC to a multicast destination)
IEEE 802.1Q trunks insert a 4 byte tag into the existing ethernet frame. The 4 bytes are inserted where the Type/Len field would be. the Ethertype is 0x8100 to identify the frame as being an 802.1Q frame, and the other two bytes include a 12 bit VLAN ID and 3 bit Priority Tag (802.1p)
If the trunk encapsulation is not specified, and switches support both ISL and 802.1q, DTP will negotiated an ISL trunk in preference to an 802.1q trunk. However if one side of a link specifies a particular encapsulation type, DTP will negotiate only for that type.
Link Aggregation (Etherchannels)
If we recall the point about STP, it was introduced to allow for redundant links in a network but since Ethernet can only work in a loop free topology, STP has to break the loops by placing a looping port into a blocking state. This means that simply adding parallel ethernet links to increase bandwidth doesn't work on its own. To get around this, we can logically bundle multiple physical interfaces into a PortChannel/EtherChannel bundle. STP then uses the Portchannel interface for its topology information rather than the underlying physical interfaces.
There are three methods to enable link aggregation, hard coding, the Cisco propietary Port Aggregation Protocol (PAgP) or the IEE 802.1AD standard Link Aggregation Control Protocol (LACP)
Interface LACP/PAgP Configuration (channel-group
| LACP | PaGP | Result | |
| on | on | Disables LACP/PAgP and forces port into becoming part of the PortChannel (No negotation) | |
| off | off | Disables LACP/PAgP and prevents the port for becoming part of the PortChannel (No negotation) | |
| passive | auto | This interface waits for the other side to send LACP/PAgP frames before responding and negotiate joining the Portchannel (If both sides set to this mode, they will not negotiate a port channel) | |
| active | desirable | This interface actively sends LACP/PAgP frames to negotiate joining the Portchannel |
In order for a Portchannel to be correctly configured, the physical interfaces have to be of the same type (FastEthernet, GigabitEthernet etc) and the underlying physical (e.g. speed, duplex, no SPAN) and logical configurations (e.g. VLAN or trunk configuration including Native VLAN and STP costs) also need to match. Portchannels can be L2 (switchport) which can support VLAN trunking or L3 (no switch port) interfaces just like single physical interfaces.
Load Balancing across Etherchannels
In order to support load balancing across multiple links, a hashing algorithm is used. The data that is inputted into the algorithm can be selected to best match the particular traffic type that is traversing the Portchannel. For example, most of the traffic heading from an access switch to a distribution switch is most likely heading towards the default router (Many source MAC addresses but a single destination MAC address) which may suggest an optimal configuration of using source-mac from the egress of the access switch to the distribution switch while using destination-mac on the other side of link. "port-channel load-balance
Allowed VLANs
By default, all VLANs can traverse all trunk ports on a switch (assuming that VTP pruning isn't operational) to provide security or control where switch traffic can go it is possible to specifically list which VLANs can traverse a trunk port (switchport trunk allowed vlan xxx) Router Trunk ports implicitly have this capability since subinterfaces created with "encapsulation dot1q xxx" are created as the configuration demands it and the router silently discards traffic for unconfigured VLAN ids.
Router on a Stick
A router on a stick is simply a router that connects to a switch with a VLAN trunk interface and routes between the VLANs, each VLAN is associated with a separate subnet and has to traverse the router to reach a host on the other subnet.
Native VLAN
The Native VLAN is a VLAN that on a VLAN trunk interface which does not have a VLAN tag. By default VLAN 1 is the native VLAN but can be configured (switchport trunk native vlan xxx)
On a router, the main interface (untagged) is normally the native VLAN
interface FastEthernet0/0
ip address 1.0.0.1 255.255.255.0
!
interface FastEthernet0/0.10
encapsulation dot1q 10
ip address 1.0.10.1 255.255.255.0
interface FastEthernet0/1.22
encapsulation dot1q 22 native
ip address 1.1.22.1 255.255.255.0
Note: CDP can complain if there is a native VLAN mismatch between devices if they are not the same, while this will not break operation is can fill the logs with annoying warnings if the configuration is correct for the environment. CDP v2 messages include the Native VLAN information, so if an interface is configured for v1 "no cdp advertise-v2" these warnings will stop, giving an alternative to disabling CDP on that interface (CDP can be seen as a security risk to some, however for the purposes of labbing, I think it's fine)
No comments:
Post a Comment