[c-nsp] Question - VLAN tagging Catalyst 6500 to Linux Host

Tom Ammon tom.ammon at utah.edu
Mon Apr 5 13:35:03 EDT 2010 

CJ,

We do something similar to this all the time in our HPC environment, 
though not with LAGs. You don't need to set an access VLAN, and you do 
need to set the portchannel to be in trunk mode - "switchport mode trunk".

Here's a snippet from our config for one of our (non-LAG) ports:

es-arches#sh run int gi9/2
Building configuration...

Current configuration : 213 bytes
!
interface GigabitEthernet9/2
  description turretarch5
  switchport
  switchport trunk encapsulation dot1q
  switchport trunk native vlan 3010
  switchport trunk allowed vlan 26,1999,3010
  switchport mode trunk
end


In this case we are adding an extra twist - we need one of the VLANs to 
go over the wire untagged, because this particular server is PXE-booting 
and the NICs we are using can't handle PXE boot with tagged traffic - 
this is what the "switchport trunk native vlan" statement is for.

Tom




On 04/05/2010 10:10 AM, Security Team wrote:
> I haven't ever tried to make this work before so this is a new application.
>
> I want to use VLAN tagging so that I can create VLANs with numbers like 999,
> 1000, 1001 and send those VLANs (in different non-overlapping subnets) all
> to a Linux machine over a bonded LACP link.
>
> Here's a config snippet I am constructing, do any of you gurus see any
> problems with this general approach?
>
> I create 3 GigE interfaces wrapped into a single bonded interface
> Port-channel32--LACP group id 32 (I'll call it bond0 on the Linux host).
>
> My VLAN tagged subnets will be
>
> VLAN 999    192.168.101.0/24
> VLAN 1000   192.168.102.0/24
> VLAN 1001   192.168.103.0/24
>
> And the Linux Host will be at 10.1.1.2/24 in VLAN 309
>
> Thanks for anyt criticism of my approach, tagged VLANs are new to me I've
> always just done routed L3 ones.
>
> I know that the LACP bonding works to the Linux bond0 interface, I think the
> weak part here is the VLAN tagging I am using in the Catalyst.
>
> Regards,
> CJ
>
>
> interface Vlan309
>   description Linux Host
>   ip address 10.1.1.1 255.255.255.0
> !
> interface Port-channel32
>   desc LACP bonded 3 GigE interfaces
>   switchport
>   switchport access vlan 309
>   switchport trunk encapsulation dot1q
>   switchport trunk allowed vlan 309,999,1000,1001
> !
> interface GigabitEthernet4/30
>   description GigE 1
>   load-interval 30
>   speed 1000
>   duplex full
>   switchport
>   switchport access vlan 309
>   switchport trunk allowed vlan 309,999,1000,1001
>   channel-group 32 mode active
>   channel-protocol lacp
> !
> interface GigabitEthernet4/32
>   description GigE 2
>   load-interval 30
>   speed 1000
>   duplex full
>   switchport
>   switchport access vlan 309
>   switchport trunk allowed vlan 309,999,1000,1001
>   channel-group 32 mode active
>   channel-protocol lacp
> !
> interface GigabitEthernet5/32
>   description GigE 3
>   load-interval 30
>   speed 1000
>   duplex full
>   switchport
>   switchport access vlan 309
>   switchport trunk allowed vlan 309,999,1000,1001
>   channel-group 32 mode active
>   channel-protocol lacp
> !
> interface Vlan999
>   description tagged vlan
>   ip address 192.168.101.1 255.255.255.0
> !
> interface Vlan1000
>   description tagged vlan
>   ip address 192.168.102.1 255.255.255.0
> !
> interface Vlan1001
>   description tagged vlan
>   ip address 192.168.103.1 255.255.255.0
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>    

-- 
--------------------------------------------------------------------
Tom Ammon
Network Engineer
Office: 801.587.0976
Mobile: 801.674.9273

Center for High Performance Computing
University of Utah
http://www.chpc.utah.edu

More information about the cisco-nsp mailing list