- Index
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Clustering Switches
- Administering the Switch
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Interface Characteristics
- Configuring VLANs
- Configuring VTP
- Configuring Voice VLAN
- Configuring Private VLANs
- Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring LLDP, LLDP-MED, and Wired Location Service
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security with ACLs
- Configuring QoS
- Configuring EtherChannels and Link-State Tracking
- Configuring TelePresence E911 IP Phone Support
- Configuring IP Unicast Routing
- Configuring IPv6 Routing
- Configuring IPv6 ACLs
- Configuring IPv6 MLD Snooping
- Configuring HSRP and VRRP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring Cache Services By Using WCCP
- Configuring IP Multicast Routing
- Configuring MSDP
- Configuring Fallback Bridging
- Troubleshooting
- Configuring Online Diagnostics
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(58)SE
Configuring Flex Links and the MAC Address-Table Move Update Feature
This chapter describes how to configure Flex Links, a pair of interfaces on the Catalyst 3560 switch that provide a mutual backup. It also describes how to configure the MAC address-table move update feature, also referred to as the Flex Links bidirectional fast convergence feature.For complete syntax and usage information for the commands used in this chapter, see the command reference for this release.
Understanding Flex Links and the MAC Address-Table Move Update
- Flex Links
- VLAN Flex Link Load Balancing and Support
- Flex Link Multicast Fast Convergence
- MAC Address-Table Move Update
Flex Links
Flex Links are a pair of a Layer 2 interfaces (switch ports or port channels) where one interface is configured to act as a backup to the other. The feature provides an alternative solution to the Spanning Tree Protocol (STP). Users can disable STP and still retain basic link redundancy. Flex Links are typically configured in service provider or enterprise networks where customers do not want to run STP on the switch. If the switch is running STP, Flex Links is not necessary because STP already provides link-level redundancy or backup.
You configure Flex Links on one Layer 2 interface (the active link) by assigning another Layer 2 interface as the Flex Link or backup link. When one of the links is up and forwarding traffic, the other link is in standby mode, ready to begin forwarding traffic if the other link shuts down. At any given time, only one of the interfaces is in the linkup state and forwarding traffic. If the primary link shuts down, the standby link starts forwarding traffic. When the active link comes back up, it goes into standby mode and does not forward traffic. STP is disabled on Flex Link interfaces.
In Figure 19-1, ports 1 and 2 on switch A are connected to uplink switches B and C. Because they are configured as Flex Links, only one of the interfaces is forwarding traffic; the other is in standby mode. If port 1 is the active link, it begins forwarding traffic between port 1 and switch B; the link between port 2 (the backup link) and switch C is not forwarding traffic. If port 1 goes down, port 2 comes up and starts forwarding traffic to switch C. When port 1 comes back up, it goes into standby mode and does not forward traffic; port 2 continues forwarding traffic.
You can also choose to configure a preemption mechanism, specifying the preferred port for forwarding traffic. For example, in the example in Figure 19-1, you can configure the Flex Links pair with preemption mode. In the scenario shown, when port 1 comes back up and has more bandwidth than port 2, port 1 begins forwarding traffic after 60 seconds. Port 2 becomes the standby port. You do this by entering the interface configuration switchport backup interface preemption mode bandwidth and switchport backup interface preemption delay commands.
Figure 19-1 Flex Links Configuration Example
If a primary (forwarding) link goes down, a trap notifies the network management stations. If the standby link goes down, a trap notifies the users.
Flex Links are supported only on Layer 2 ports and port channels, not on VLANs or on Layer 3 ports.
VLAN Flex Link Load Balancing and Support
VLAN Flex Link load-balancing allows you to configure a Flex Link pair so that both ports simultaneously forward the traffic for some mutually exclusive VLANs. For example, if Flex Link ports are configured for 1-100 VLANs, the traffic of the first 50 VLANs can be forwarded on one port and the rest on the other port. If one of the ports fail, the other active port forwards all the traffic. When the failed port comes back up, it resumes forwarding traffic in the preferred VLANs. This way, apart from providing the redundancy, this Flex Link pair can be used for load balancing. Also, Flex Link VLAN load-balancing does not impose any restrictions on uplink switches.
Figure 19-2 VLAN Flex Links Load Balancing Configuration Example
Flex Link Multicast Fast Convergence
Flex Link Multicast Fast Convergence reduces the multicast traffic convergence time after a Flex Link failure. This is implemented by a combination of these solutions:
Learning the Other Flex Link Port as the mrouter Port
In a typical multicast network, there is a querier for each VLAN. A switch deployed at the edge of a network has one of its Flex Link ports receiving queries. Flex Link ports are also always forwarding at any given time.
A port that receives queries is added as an mrouter port on the switch. An mrouter port is part of all the multicast groups learned by the switch. After a changeover, queries are received by the other Flex Link port. The other Flex Link port is then learned as the mrouter port. After changeover, multicast traffic then flows through the other Flex Link port. To achieve faster convergence of traffic, both Flex Link ports are learned as mrouter ports whenever either Flex Link port is learned as the mrouter port. Both Flex Link ports are always part of multicast groups.
Though both Flex Link ports are part of the groups in normal operation mode, all traffic on the backup port is blocked. So the normal multicast data flow is not affected by the addition of the backup port as an mrouter port. When the changeover happens, the backup port is unblocked, allowing the traffic to flow. In this case, the upstream multicast data flows as soon as the backup port is unblocked.
Generating IGMP Reports
When the backup link comes up after the changeover, the upstream new distribution switch does not start forwarding multicast data, because the port on the upstream router, which is connected to the blocked Flex Link port, is not part of any multicast group. The reports for the multicast groups were not forwarded by the downstream switch because the backup link is blocked. The data does not flow on this port, until it learns the multicast groups, which occurs only after it receives reports.
The reports are sent by hosts when a general query is received, and a general query is sent within 60 seconds in normal scenarios. When the backup link starts forwarding, to achieve faster convergence of multicast data, the downstream switch immediately sends proxy reports for all the learned groups on this port without waiting for a general query.
Leaking IGMP Reports
To achieve multicast traffic convergence with minimal loss, a redundant data path must be set up before the Flex Link active link goes down. This can be achieved by leaking only IGMP report packets on the Flex Link backup link. These leaked IGMP report messages are processed by upstream distribution routers, so multicast data traffic gets forwarded to the backup interface. Because all incoming traffic on the backup interface is dropped at the ingress of the access switch, no duplicate multicast traffic is received by the host. When the Flex Link active link fails, the access switch starts accepting traffic from the backup link immediately. The only disadvantage of this scheme is that it consumes bandwidth on the link between the distribution switches and on the backup link between the distribution and access switches. This feature is disabled by default and can be configured by using the switchport backup interface interface-id multicast fast-convergence command.
When this feature has been enabled at changeover, the switch does not generate the proxy reports on the backup port, which became the forwarding port.
Configuration Examples
These are configuration examples for learning the other Flex Link port as the mrouter port when Flex Link is configured on Gigabit Ethernet0/11 and Gigabit Ethernet0/12, with output for the show interfaces switchport backup command:
This output shows a querier for VLANs 1 and 401, with their queries reaching the switch through Gigabit Ethernet0/11:
Here is output for the show ip igmp snooping mrouter command for VLANs 1 and 401:
Similarly, both Flex Link ports are part of learned groups. In this example, Gigabit Ethernet0/11 is a receiver/host in VLAN 1, which is interested in two multicast groups:
When a host responds to the general query, the switch forwards this report on all the mrouter ports. In this example, when a host sends a report for the group 228.1.5.1, it is forwarded only on Gigabit Ethernet0/11, because the backup port Gigabit Ethernet0/12 is blocked. When the active link, Gigabit Ethernet0/11, goes down, the backup port, Gigabit Ethernet0/12, begins forwarding.
As soon as this port starts forwarding, the switch sends proxy reports for the groups 228.1.5.1 and 228.1.5.2 on behalf of the host. The upstream router learns the groups and starts forwarding multicast data. This is the default behavior of Flex Link. This behavior changes when the user configures fast convergence using the switchport backup interface gigabitEthernet 0/12 multicast fast-convergence command. This example shows turning on this feature:
This output shows a querier for VLAN 1 and 401 with their queries reaching the switch through Gigabit Ethernet0/11:
This is output for the show ip igmp snooping mrouter command for VLAN 1 and 401:
Similarly, both the Flex Link ports are a part of the learned groups. In this example, Gigabit Ethernet0/11 is a receiver/host in VLAN 1, which is interested in two multicast groups:
Whenever a host responds to the general query, the switch forwards this report on all the mrouter ports. When you turn on this feature through the command-line port, and when a report is forwarded by the switch on GigabitEthernet0/11, it is also leaked to the backup port GigabitEthernet0/12. The upstream router learns the groups and starts forwarding multicast data, which is dropped at the ingress because GigabitEthernet0/12 is blocked. When the active link, GigabitEthernet0/11, goes down, the backup port, GigabitEthernet0/12, begins forwarding. You do not need to send any proxy reports because the multicast data is already being forwarded by the upstream router. By leaking reports to the backup port, a redundant multicast path has been set up, and the time taken for the multicast traffic convergence is minimal.
MAC Address-Table Move Update
The MAC address-table move update feature allows the switch to provide rapid bidirectional convergence when a primary (forwarding) link goes down and the standby link begins forwarding traffic.
In Figure 19-3, switch A is an access switch, and ports 1 and 2 on switch A are connected to uplink switches B and D through a Flex Link pair. Port 1 is forwarding traffic, and port 2 is in the backup state. Traffic from the PC to the server is forwarded from port 1 to port 3. The MAC address of the PC has been learned on port 3 of switch C. Traffic from the server to the PC is forwarded from port 3 to port 1.
If the MAC address-table move update feature is not configured and port 1 goes down, port 2 starts forwarding traffic. However, for a short time, switch C keeps forwarding traffic from the server to the PC through port 3, and the PC does not get the traffic because port 1 is down. If switch C removes the MAC address of the PC on port 3 and relearns it on port 4, traffic can then be forwarded from the server to the PC through port 2.
If the MAC address-table move update feature is configured and enabled on the switches in Figure 19-3 and port 1 goes down, port 2 starts forwarding traffic from the PC to the server. The switch sends a MAC address-table move update packet from port 2. Switch C gets this packet on port 4 and immediately learns the MAC address of the PC on port 4, which reduces the reconvergence time.
You can configure the access switch, switch A, to send MAC address-table move update messages. You can also configure the uplink switches B, C, and D to get and process the MAC address-table move update messages. When switch C gets a MAC address-table move update message from switch A, switch C learns the MAC address of the PC on port 4. Switch C updates the MAC address table, including the forwarding table entry for the PC.
Switch A does not need to wait for the MAC address-table update. The switch detects a failure on port 1 and immediately starts forwarding server traffic from port 2, the new forwarding port. This change occurs in 100 milliseconds (ms). The PC is directly connected to switch A, and the connection status does not change. Switch A does not need to update the PC entry in the MAC address table.
Figure 19-3 MAC Address-Table Move Update Example
Configuring Flex Links and the MAC Address-Table Move Update
- Default Configuration
- Configuration Guidelines
- Configuring Flex Links
- Configuring VLAN Load Balancing on Flex Links
- Configuring the MAC Address-Table Move Update Feature
Default Configuration
The Flex Links are not configured, and there are no backup interfaces defined.
The preemption delay is 35 seconds.
The MAC address-table move update feature is not configured on the switch.
Configuration Guidelines
Follow these guidelines to configure Flex Links:
- You can configure up to 16 backup links.
- You can configure only one Flex Link backup link for any active link, and it must be a different interface from the active interface.
- An interface can belong to only one Flex Link pair. An interface can be a backup link for only one active link. An active link cannot belong to another Flex Link pair.
- Neither of the links can be a port that belongs to an EtherChannel. However, you can configure two port channels (EtherChannel logical interfaces) as Flex Links, and you can configure a port channel and a physical interface as Flex Links, with either the port channel or the physical interface as the active link.
- A backup link does not have to be the same type (Fast Ethernet, Gigabit Ethernet, or port channel) as the active link. However, you should configure both Flex Links with similar characteristics so that there are no loops or changes in behavior if the standby link begins to forward traffic.
- STP is disabled on Flex Link ports. A Flex Link port does not participate in STP, even if the VLANs present on the port are configured for STP. When STP is not enabled, be sure that there are no loops in the configured topology. Once the Flex Link configurations are removed, STP is re-enabled on the ports.
Follow these guidelines to configure VLAN load balancing on the Flex Links feature:
- For Flex Link VLAN load balancing, you must choose the preferred VLANs on the backup interface.
- You cannot configure a preemption mechanism and VLAN load balancing for the same Flex Links pair.
Follow these guidelines to configure the MAC address-table move update feature:
Configuring Flex Links
Beginning in privileged EXEC mode, follow these steps to configure a pair of Flex Links:
To disable a Flex Link backup interface, use the no switchport backup interface interface-id interface configuration command.
This example shows how to configure an interface with a backup interface and to verify the configuration:
Beginning in privileged EXEC mode, follow these steps to configure a preemption scheme for a pair of Flex Links:
To remove a preemption scheme, use the no switchport backup interface interface-id preemption mode interface configuration command. To reset the delay time to the default, use the no switchport backup interface interface-id preemption delay interface configuration command.
This example shows how to configure the preemption mode as forced for a backup interface pair and to verify the configuration:
Active Interface Backup Interface State
------------------------------------------------------------------------
GigabitEthernet0/21 GigabitEthernet0/2 Active Up/Backup Standby
Configuring VLAN Load Balancing on Flex Links
Beginning in privileged EXEC mode, follow these steps to configure VLAN load balancing on Flex Links:
To disable the VLAN load balancing feature, use the no switchport backup interface interface-id prefer vlan vlan-range interface configuration command.
In the following example, VLANs 1 to 50, 60, and 100 to 120 are configured on the switch:
When both interfaces are up, Gi0/8 forwards traffic for VLANs 60 and 100 to 120, and Gi0/6 forwards traffic for VLANs 1 to 50.
When a Flex Link interface goes down (LINK_DOWN), VLANs preferred on this interface are moved to the peer interface of the Flex Link pair. In this example, if interface Gi0/6 goes down, Gi0/8 carries all VLANs of the Flex Link pair.
GigabitEthernet0/6 GigabitEthernet0/8 Active Down/Backup Up
When a Flex Link interface comes up, VLANs preferred on this interface are blocked on the peer interface and moved to the forwarding state on the interface that has just come up. In this example, if interface Gi0/6 comes up, VLANs preferred on this interface are blocked on the peer interface Gi0/8 and forwarded on Gi0/6.
Configuring the MAC Address-Table Move Update Feature
This section contains this information:
- Configuring a switch to send MAC address-table move updates
- Configuring a switch to get MAC address-table move updates
Beginning in privileged EXEC mode, follow these steps to configure an access switch to send MAC address-table move updates:
To disable the MAC address-table move update feature, use the no mac address-table move update transmit interface configuration command. To display the MAC address-table move update information, use the show mac address-table move update privileged EXEC command.
This example shows how to configure an access switch to send MAC address-table move update messages:
This example shows how to verify the configuration:
Beginning in privileged EXEC mode, follow these steps to configure a switch to get and process MAC address-table move update messages:
|
|
|
|
|---|---|---|
Enable the switch to get and process the MAC address-table move updates. |
||
(Optional) Save your entries in the switch startup configuration file. |
To disable the MAC address-table move update feature, use the no mac address-table move update receive configuration command. To display the MAC address-table move update information, use the show mac address-table move update privileged EXEC command.
This example shows how to configure a switch to get and process MAC address-table move update messages:
Monitoring Flex Links and the MAC Address-Table Move Update
Table 19-1 shows the privileged EXEC commands for monitoring the Flex Links configuration and the MAC address-table move update information.
Feedback