Monday, November 17, 2014

Cisco IOS Layer 3 EtherChannel and Jumbo Frames

Summary

In this post I'll be explaining how to create a Layer 3 EtherChannel on a Cisco IOS-based, multilayer switch.  The EtherChannel will provide Layer 3 load balancing for network attached storage (NAS) in a multi-segmented (VLAN's) network environment.  Additionally, I'll show how to enable Ethernet jumbo frames for the NAS.

Environment

Figure 1 below depicts an example LAN environment.  The LAN is segmented into multiple VLAN's and terminated into a multilayer switch.  An EtherChannel is created for a NAS to provide link redundancy and additional through-put for mixed traffic.  As a reminder, EtherChannel does not increase available bandwidth for a single host.

Figure 1

Implementation


Create a Port Channel Interface

1:  interface Port-channel1  
2:   no switchport  
3:   ip address 192.168.7.1 255.255.255.0  

Line 1:  Creates a logical port-channel interface.
Line 2:  The port-channel needs to be specified as a non-switched interface (Layer 3).  Any physical interfaces in the port-channel also need to be non-switched.
Line 3:  Assigns an IP address to the interface.  That address cannot overlap with any existing network segments.

Assign Physical Interfaces to the Port-Channel

1:  interface GigabitEthernet0/17  
2:   no switchport  
3:   no ip address  
4:   channel-group 1 mode active  
5:  !  
6:  interface GigabitEthernet0/18  
7:   no switchport  
8:   no ip address  
9:   channel-group 1 mode active  

Lines 1 & 6:  Two gigabit Ethernet interfaces are selected for the EtherChannel.
Lines 2 & 7:  As mentioned previously, these need to be specified as non-switched interfaces.
Lines 3 & 8:  No Layer 3 address is assigned to these either.
Lines 4 & 9:  Assign each interface to the port-channel number (1 in this case).  The 'active' command indicates the interfaces will actively negotiate LACP.

Configure Load Balancing

IOS provides six different load balancing algorithms for EtherChannel.  All of them consist of hashing a source or destination MAC or IP address to one of the channel members.  The command below XOR's the source and destination IP addresses for that hash calculation.

 port-channel load-balance src-dst-ip  

Configure Routing

Now to be able to reach the NAS, you'll need to assign the port-channel IP address as the default gateway on the NAS.  Additionally, you'll need to configure a route for the NAS/port-channel segment to enable access outside of the LAN.

Configure Jumbo Frames

For 3500 series switches, MTU sizing is set globally.  Other models allow per-interface configuration.

1:  switch(config)#system mtu jumbo 9000  
2:  switch(config)#system mtu routing 9000  

Line 1:  Sets the jumbo frame size to 9000 bytes.  If you're using Layer 2 only for your EtherChannel, this setting is all that is required for jumbo frame support.
Line 2:  Sets the Layer 3 max MTU size to 9000 bytes.  This is necessary given Layer 3 is being used for this EtherChannel example.

A switch reboot will be required before these new MTU sizes take effect.

You can display the resulting MTU sizes with the command below:

 switch#show system mtu  
 System MTU size is 1500 bytes  
 System Jumbo MTU size is 9000 bytes  
 System Alternate MTU size is 1500 bytes  
 Routing MTU size is 9000 bytes  

Sunday, November 16, 2014

CIFS/SMB Forwarding - Cisco IOS Helper (Fix for VLANs/Subnets with a WDTV Media Player)

Summary

Cisco IOS provides a mechanism to forward UDP broadcasts from one interface to another.  This is typically used for forwarding DHCP requests, but comes in handy with some media players as well for accessing non-local network shares.  

For example, the Western Digital media player (WDTV) is 'challenged' with accessing network shares in a subnet'ed environment.  For both CIFS (SMB) and NFS, that media player provides no mechanism in its GUI to specify the IP address of the CIFS/NFS server.  Instead, it expects that server to be on the same subnet as the media player.  For CIFS, it will send a NETBIOS broadcast (port 137) on the media player's subnet.  By default,  broadcasts aren't propagated across VLAN's. The IOS helper functionality can be utilized to allow the media player to access CIFS shares on non-local subnets.

Implementation

It's pretty darn simple:  just specify the ip address of your network storage server as a 'helper' on the interface that would receive the broadcast from the media player.  On a router, that's likely a trunk interface to the Layer-2 switch where the media player is connected.  On a multi-layer switch, it could be a SVI for the VLAN containing the media player. 

Example: SVI IP Helper

interface Vlan9
 ip address 192.168.9.1 255.255.255.0
 ip helper-address 192.168.7.3

By default, the ip helper command forwards UDP broadcasts for a half dozen or so protocols (appears to be different for different IOS revs).  Examples of default forwarded protocols:  BOOTP (DHCP), NetBIOS, DNS.  If all you want forwarded are the NetBIOS name service broadcasts (port 137, which is all you need to get CIFS operational), you can turn off forwarding of the others.

Example:  Turn off Forwarding of DNS


no ip forward-protocol udp domain