思科 IOS 软件允许管理员将交换机上的多条物理链路(multiple physical links),结合成为一条单一的逻辑链路。这样做提供了一种负载分配以及链路冗余的理想方案,且可同时为二层及三层子系统所使用(provides an ideal solution for load sharing, as well as link redundancy, and can be used by both Layer 2 and Layer 3 subsystems)。
以太网通道是由一些物理的、单独的 FastEthernet 、 GigabitEthernet 或Ten-GigabitEthernet(10Gbps)链路绑定在一起,所构成的一条单一逻辑链路(links that are bundled together into a single logical link),如下面的图33.1所示。由 FastEthernet 链路所构成的以太网通道叫做FastEtherChannel(FEC);由 GigabitEthernet 链路所构成的通道被称为GigabitEtherChannel(GEC);最后,由Ten-GigabitEthernet链路所构成的以太网通道则被称为是Ten-GigabitEtherChannel(10GEC)。
**每个以太网通道最多可由 8 个端口构成。**以太网通道中的物理链路**必须有着相似特性**(physical links in an EtherChannel must share similar characteristics),诸如是定义在同一个 VLAN 中、或有着同样的速率以及双工设置。当在思科 Catalyst 交换机上配置以太网通道时,重要的是记住在不同 Catalyst 交换机型号之间,所支持的以太网通道数目会有所不同。
端口聚合协议(Port Aggregation Protocol, PAgP)是一个实现以太网通道自动建立的思科专有链路聚合协议(a Cisco proprietary link aggregation protocol that enables the automatic creation of EtherChannels)。默认下, PAgP 数据包在可作为以太网通道的端口之间发送(PAgP packets are sent between EtherChannel-capable ports),就以太网通道的形成进行协商。这些数据包被发送到目的多播 MAC 地址`01-00-0C-CC-CC-CC`(the destination Multicast MAC address `01-00-0C-CC-CC-CC`),而该多播 MAC 地址也是 CDP 、 UDLD 、 VTP 以及 DTP 所用到同一多播地址。下图33.2显示了在线路上所见到的一个 PAgP 数据帧中所包含的字段。
**该`on`模式强制将某个端口无条件地置于某个通道当中。**该通道将只在另一个交换机端口连接上、且被配置为`on`模式时建立起来。在此模式开启后,就不会有该通道的协商被本地以太网通道协议所执行。也就是说,这样做将切实关闭以太网通道协商并强制该端口到该通道(when this mode is enabled, there is no negotiation of the channel performed by the local EtherChannel protocol. In other words, this effectively disables EtherChannel negotiation and forces the port to the channel)。该模式的运作与中继链路上的`switchport nonegatiate`类似。**而重要的是记住配置为`on`模式的交换机接口不会对 PAgP 数据包进行交换。**
自动模式(`auto` mode)是一种仅在该端口接收到一个 PAgP 数据包时,才与另一 PAgP 端口进行协商的 PAgP 端口模式。在此模式开启后,该(这些)端口绝不会发起 PAgP 通信,而会在与邻居交换机建立一个以太网通道之前,被动地侦听任何接收到的 PAgP 数据包(when this mode is enabled, the port(s) will never initiate PAgP communications but will instead listen passively for any received PAgP packets before creating an EtherChannel with the neighbouring switch)。
我要模式(`desirable` mode)是一种导致某端口发起与另一 PAgP 端口就通道建立而进行 PAgP 协商的 PAgP 端口模式(desirable mode is a PAgP mode that causes the port to initiate PAgP negotiation for a channel with another PAgP port)。也就是说,在此模式下,该端口主动尝试与运行了 PAgP 的另一交换机建立一个以太网通道。
总的来说,要记住配置成`on`模式的交换机接口,不交换 PAgP 数据包,**但它们会与那些配置为`auto`或`desirable`模式的伙伴接口进行 PAgP 数据包的交换**(but they do exchange PAgP packets with partner interfaces configured in the auto or desirable modes)。表33.1展示了不同的 PAgP 组合及其在建立一个以太网通道时所使用的结果。
尽管 PAgP 允许以太网通道中的所有链路用于转发和接收用户流量,但应熟知一些关于在转发来自其它协议的流量时的限制。**DTP及 CDP 透过以太网通道中的所有物理接口发送和接收(协议)数据包。而 PAgP 仅在那些起来(`up`)并开启了`auto`或`desirable`模式的接口上发送并接收 PAgP 协议数据单元**(while PAgP allows for all links within the EtherChannel to be used to forward and receive user traffic, there are some restrictions that you should be familiar with regarding the forwarding of traffic from other protocols. DTP and CDP send and receive packets over all the physical interfaces in the EtherChannel. PAgP sends and receives PAgP Protocol Data Units only from interfaces that are up and have PAgP enabled for auto or desirable modes)。
在以太网通道捆绑(an EtherChannel bundle)被配置成一个中继端口时,该中继就在编号最低的 VLAN 上发送和接收 PAgP 数据帧。**生成树协议总是选择以太网通道捆绑中的第一个可运作端口**(when an EtherChannel bundle is configured as a trunk port, the trunk sends and receives PAgP frames on the lowest numbered VLAN. Spanning Tree Protocol(STP) always chooses the first operational port in an EtherChannel bundle)。命令`show pagp [channel number] neighbor`同样可用于验证将会用于 STP 数据包发送和接收的端口,确定出以太网通道捆绑中 STP 将使用的端口,如下面的输出所示。
当在以太网通道上配置诸如`Loop Guard`这样的附加 STP 特性时,非常重要的是记住就算该通道捆绑中的其它端口是可运作的,**在`Loop Guard`阻塞以太网通道捆绑的第一个端口时,就不会有 BPDUs 通过该通道得以发送了**。这是因为 PAgP 将强制令到作为以太网通道端口组中的所有端口在`Loop Guard`配置上一致(when configuring additional STP features such as Loop Guard on an EtherChannel, it is very important to remember that if Loop Guard blocks the first port, no BPDUs will be sent over the channel, even if other ports in the channel bundle are operational. This is because PAgP will enforce uniform Loop Guard configuration on all of the ports that are part of the EtherChannel group)。
> 接入交换机通过采用多机以太网通道(Multichassis EtherChannel, MEC)与 VSS 连接起来。而一个 MEC 就是一个对两台物理的Catalyst 6500交换机进行跨越而端接至一台逻辑虚拟交换机系统的以太网通道。增强的端口聚合协议(Enhanced PAgP, PAgP+)可用于允许Catalyst 6500交换机在其相互之间的以太网通道失效,导致两台交换机都假定其自身是活动角色(双活动), 从而切实影响到交换网络中流量转发时,经由 MEC 进行通信(an MEC is simply an EtherChannel that spans the two physical Catalyst 6500 switches but terminates to the single logical VSS. Enhanced PAgP(PAgP+) can be used to allow the Catalyst 6500 switches to communicate via the MEC in the event that the EtherChannel between them fails, which would result in both switches assuming the active role(dual active), effectively affecting forwarding of traffic within the switched network)。这在下面的图表中进行了演示。
链路聚合控制协议(Link Aggregation Control Protocol, LACP)是IEEE 802.3ad规格的组成部分,用于从多条物理链路建立起一条逻辑链路。因为 LACP 与 PAgP 是不兼容的,所以链路的两端需要运行 LACP 以令到以太网通道组自动形成(Because LACP and PAgP are incompatible, both ends of the link need to run LACP in order to automate the formation of EtherChannel groups)。
与 PAgP 的情形一样,**在配置 LACP 以太网通道时,所有 LAN 端口都必须是同样速率,且都必须被配置成二层或三层 LAN 端口。**而当某端口通道中的一条链路失效时,那么先前由该链路所承载的流量就由该端口通道中剩下的链路进行交换。此外,在对某个端口通道中的活动绑定端口的编号进行修改后,流量模式将反应出该端口通道重新平衡之后的状态。
LACP通过在端口之间交换 LACP 数据包,实现对端口通道自动创建的支持。其对端口组别具备的各项能力进行动态学习,并通知给其它端口。而一旦 LACP 正确地识别出这些匹配的以太网链路,其就推进将这些链路编组为一个 GigabitEthernet 端口通道。与 PAgP 要求端口有着相同速率及双工设置不同,**LACP要求端口只能是全双工,因为半双工是不支持的**。某个 LACP 以太网通道中的那些半双工端口,被置为暂停状态(Half-duplex ports in an LACP EtherChannel are placed into the suspended state)。
默认情况下,一条链路上的所有入口广播及多播数据包在该端口通道的其它链路上的返回都被阻止(by default, all inbound Broadcast and Multicast packets on one link in a port channel are blocked from returning on any other link of the port channel)。 LACP 数据包被发送到IEEE 802.3慢速协议多播组地址(the IEEE 802.3 Slow Protocols Multicast group address)`01-80-C2-00-00-02`。 LACP 数据帧以 EtherType 数值 0x8809 进行编码。下图33.4演示了一个以太网数据帧中的这些字段。
LACP主动模式将一个交换机端口置为经由发送 LACP 数据包,对远端端口发起协商的主动协商状态(an active negotiating state in which the switch port initiates negotiations with remote ports by sending LACP packets)。主动模式与 PAgP 的`desirable`模式等价。也就是说,在此模式下,交换机端口主动尝试与另一台同样运行 LACP 的交换机建立以太网通道。
对于 PAgP 及 LACP 以太网通道, Catalyst 交换机使用到一种利用数据包头部的一些关键字段,生成一个随后匹配到以太网通道组中的某条物理链路的散列值的多态算法。也就是说,交换机通过将由帧中的地址所形成的二进制模式,减少到从以太网通道中多条链路选出一条的一个数值,从而实现流量负载在这些链路上的分配(a polymorphic algorithm that utilises key fields from the header of the packet to generate a hash, which is then matched to a physical link in an EtherChannel group. In other words, the switch distributes the traffic load across the links in an EtherChannel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the EtherChannel)。
此操作可在 MAC 地址或 IP 地址上完成,并可仅基于源或目的地址,或同时基于源或目的地址。尽管对以太网通道负载分配中所用到的该散列值的实际计算的深入探讨,是超出 CCNA 考试要求范围的,但知道管理员可以指定头部中的哪些字段,作为确定某个数据包的传输物理链路所用到的算法的输入,是重要的(while delving into detail on the actual computation of the hash used in EtherChannel load distribution is beyond the scope of the CCNA exam requirements, it is important to know that the adminitrator can define which fields in the header can be used as input to the algorithm used to determine the physical link transport to the packet)。
- 确保以太网通道中的所有接口都是开启的。在某些情况下,如这些接口没有开启,那么该逻辑端口通道接口(the logical port channel interface)就不会被自动创建。
- 在初次配置一个以太网通道组时,重要的是记住这些端口与所加入的第一个组端口参数集一致(when first configuring an EtherChannel group, it is important to remember that ports follow the parameters set for the first group port added)。
- 如有为某个以太网通道中的某个成员端口配置交换机端口分析器(Switch Port Analyzer, SPAN), 那么该端口将会从该以太网通道组中移除。
- 在开始通道配置之前,建议首先关闭所有成员接口(it is recommended to shut down all member interfaces prior to beginning channelling configuration)。
### 配置并验证二层以太网通道
**Configuring and Verifying Layer 2 EtherChannels**
该部分内容通过无条件地强制所选接口建立一个以太网通道,对二层以太网通道的配置进行了说明(this section describes the configuration of Layer 2 EtherChannels by unconditionally forcing the selected interfaces to establish an EtherChannel)。
1. 第一个配置步骤是通过全局配置命令`interface [name]`或`interface range [range]`,进入那些所需要的以太网通道接口的接口配置模式;
5. 下一配置步骤就是通过接口配置命令`channel-group [number] mode on`, 将这些接口配置为无条件中继(the next configuration step is to configure the interfaces to unconditionally trunk via the `channel-group [number] mode on` interface configration command)。
> **注意:** 注意到该交换机自动默认创建出`interface port-channel 1`(根据下面的输出)。**没有要配置该接口的显式用户配置**(notice that the switch automatically creates `interface port-channel 1` by default(refer to the output below). No explicit user configurtion is required to configure this interface)。
在上面的输出中,可以看到在通道组 1 (Channel Group 1)中有三条链路。接口FastEthernet0/1是默认端口;**该端口将用于发送比如的 STP 数据包**。如果该端口失效,FastEthernet0/2就将被指定为默认端口,如此延续(this port will be used to send STP pakcets, for example. If this port fails, FastEthernet0/2 will be designated as the default port, and so forth)。同时通过看看`Po1`后面的`SU`标志,还可以看到该端口组是一个活动的二层以太网通道。下面的输出现实了由`show EtherChannel detail`命令所打印出的信息。
在上面的输出中,可以看出这是一个带有通道组中最多 8 个可能端口中的三个的二层以太网通道。还可以看出,以太网通道模式是`on`, 这是基于由一条短横线所表示的协议字段看出的。此外,同样可以看出这是一个FastEtherChannel(FEC)(in the output above, you can see that this is a Layer 2 EtherChannel with three out of a maximum of eight possible ports in the channel group. You can also see that the EtherChannel mode is on, based on the protocol being denoted by a hash(-). In addition, you can also see that this is a FastEtherChannel(FEC))。
5. 作为可选项,通过执行接口配置命令`channel-protocol pagp`,将 PAgP 配置作为以太网通道协议(the EtherChannel protocol)。因为以太网通道默认是 PAgP 的,所以此命令被认为是可选的而无需输入。但执行该命令被看作是良好实践,因为可以令到配置绝对确定(it is considered good practice to issue this command just to be absolutely sure of your configuration)。
> **注意:** 在上面的输出中,选择了端口通道的`desirable`模式。可以在此命令(`channel-group 1 mode desirable`)之后加上一个额外关键字`[non-silent]`。这是因为,默认情况下, PAgP 的`auto`模式默认是安静模式。当交换机被连接到一台不兼容 PAgP 的设备时,就用到安静模式,且绝不会传送数据包(an additional keyword, `[non-silent]`, may also be appended to the end of this command. This is because, by default, PAgP auto and desirable modes default to a silent mode. The silent mode is used when the switch is connected to a device that is not PAgP-capable and that seldom, if ever transmits packets)。一台安静相邻设备的例子(an example of a silent partner),就是一台文件服务器或未有生成流量的数据包分析器。而如果一台设备不会发出 PAgP 数据包(比如处于`auto`模式),也用到安静模式。
在此示例中,在一个连接到一台安静相邻设备的物理端口上运行 PAgP 阻止了那个交换机端口成为运作端口;但是,该安静设置允许 PAgP 运行,从而将该接口加入到一个通道组,同时利用该接口进行传输。在本例中,因为Switch 2将被配置为`auto`模式(被动模式), 该端口采用默认的安静模式运作,就是首先的了(In this case, running PAgP on a physical port connected to a silent partner prevents that switch port from ever becoming operational; however, the silent setting allows PAgP to operate, to attatch the interface to a channel group, and to use the interface for transmission. In this example, because Switch 2 will be configured for auto mode(passive mode), it is preferred that the port uses the default silent mode operation)。这在下面的 PAgP 以太网通道配置中进行了演示。
关键字`[neighbor]`打印出邻居名称、 PAgP 邻居的 ID 、邻居设备 ID ( MAC )以及邻居端口。同时在比如邻居是一台物理学习设备时(a physical learner),这些标志同样表明了邻居运行的模式。下面的输出对命令`show pagp neighbor`的使用,进行了演示。
5. 通过执行接口配置命令`channel-protocol lacp`, 将 LACP 配置作为以太网通道协议。因为以太网通道协议默认时 PAgP ,该命令被认为时 LACP 所强制的,同时也是所要求输入的(because EtherChannels default to PAgP, this command is considered mandatory for LACP and is required);
6. 下一配置步骤时通过接口配置命令`channel-group [number] mode`,将这些接口配置为无条件中继(the next configuration step is to configure the interfaces to unconditionally trunk via the `channel-group [number] mode` interface configuration command)。
默认 LACP 允许最多 16 个端口进入到一个端口通道组中(by default, LACP allows up to 16 ports to be entered into a port channel group)。前 8 个运作接口将为 LACP 所使用,而剩下的 8 个接口将被置为热备份状态。命令`show EtherChannel detail`显示出一个 LACP 以太网通道中所支持的链路最大数量,如下面的输出所示。
关键字`[neighbor]`打印出邻居名称、 LACP 邻居的 ID 、邻居的设备 ID ( MAC ),以及邻居端口等信息。这些标志还表明邻居运行所处状态,以及其是否时一个物理学习设备(the flags also indicate the mode the neighbor is operating in, as well as whether it is a physical learner, for example)。下面的输出对此进行了演示。
1. What type of ports does a FastEtherChannel contain?
2. How many ports can a standard EtherChannel contain?
3. What are the two protocol options you have when configuring EtherChannels on a Cisco switch?
4. Which of the protocols mentioned above is Cisco proprietary?
5. PagP packets are sent to the destination Multicast MAC address `01-00-0C-CC-CC-CC`. True
or false?
6. What are the two port modes supported by PagP?
7. What are the two port modes supported by LACP?
8. If more than eight links are assigned to an EtherChannel bundle running LACP, the protocol uses the port priority to determine which ports are placed into a standby mode. True or false?
9. LACP automatically configures an administrative key value on each port configured to use LACP. The administrative key defines the ability of a port to aggregate with other ports. Only ports that have the same administrative key are allowed to be aggregated into the same port channel group. True or false?
10. What is the command used to assign a port to a channel group?
