Level: Advanced / Professional Interoperability / compatibility of Cisco and Enterasys network switches At the time of writing Cisco does not offer stackable Layer 2 switches. Stackable switches IMHO simplify administration as all units in one stack can be managed with one IP address and hold one common (redundant) configuration file. When no L3 (i.e. IP routing) is needed on access switches, which might be required for IP microsegmentation, stackable layer 2 swiches are the ideal choice. Enterasys' B3 series switches meet these criteria. If for WAN/Metro Routing e.g. the proprietary Cisco EIGRP dymanic routing protocol is needed, or Cisco L3 switches are available as core switching components, these can be run in a mixed enviroment. This blog entry describes how to connect Enterasys B3 switches and Cisco 3750 or 6509 L3 switches. The Ciscos serve as inter-VLAN routers and collapsed backbone concentrators. This diagram is also available here in PDF format. Here is the relevant section of the Cisco IOS configuration, in this case of a 3750 stack where Interfaces Gi1/0/28 and Gi2/0/28 form a LACP aggregated link with 802.1q tagging: ! interface Port-channel69 description To 3rd floor Enterasys stack switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,17,42,100 switchport mode trunk switchport nonegotiate ! . . ! interface GigabitEthernet1/0/28 description Po69 to Enterasys switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,17,42,100 switchport mode trunk switchport nonegotiate channel-group 69 mode active ! . . ! interface GigabitEthernet2/0/28 description Po69 to Enterasys switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,17,42,100 switchport mode trunk switchport nonegotiate channel-group 69 mode active ! Please note the "mode active" command! Here are the relevant settings for the Enterasys B3 switch: #ciscodp set ciscodp time 10 set ciscodp status enable ! This enables the "Cisco Discovery Protocol". Very convenient. This lets you see Cisco neighbors and makes the B3s visible to the Ciscos. #ip set ip address 192.168.42.2 mask 255.255.255.0 gateway 192.168.42.1 ! This sets the IP address, netmask and default Gateway. The vlan for the management Interface defaults to "1". #vlan set host vlan 42 ! This puts the management address into vlan 42. - Only needed if your management Interface is not on vlan1 #vlan set vlan create 17 set vlan create 42 set vlan create 100 set vlan name 17 "Video-Voice" set vlan name 42 "Management" set vlan name 100 "Users" set vlan egress 1 ge.1.24;ge.2.48;lag.0.6 untagged set vlan egress 17 ge.1.24;ge.2.48;lag.0.6 tagged set vlan egress 42 ge.1.24;ge.2.48;lag.0.6 tagged set vlan egress 100 ge.1.24;ge.2.48;lag.0.6 tagged ! This creates VLANs, names them and defined 802.1q tagging for the physical port and the lag.0.6 LACP. Vlan1 passes the LACP link untagged. #lacp set lacp aadminkey lag.0.6 6 set lacp singleportlag enable ! Sets an aadminkey identifier for lag0.6 to 6. This is referenced by the physical interfaces to make sure they join the right LACP device. The singleportlag command makes sure that if one of the two links dropps, the remaining link still speaks LACP. #port set port lacp port ge.1.24 aadminkey 6 set port lacp port ge.2.48 aadminkey 6 ! This puts the ports into lag.0.6 as defined above with the aadminkey 6 Warning: Do not use the "set lacp static" macro on the B3. This disables lacp and breaks the Port Channel. On the Cisco you will log an error that hints to the problem. If the B3 sees the Cisco, it should look like this: B3_ARE-HN(rw)->show neighbors Port Device ID Port ID Type Network Address --------------------------------------------------------------------------------- ge.1.24 SW01-ARE-HN 192.168.42.2 ciscodp 192.168.42.1 ge.2.48 SW01-ARE-HN 192.168.42.2 ciscodp 192.168.42.1 B3_ARE-HN(rw)-> And vice versa: SW01-ARE-HN#sh cdp neigh Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID 001234567890 Gig 2/0/28 178 T S SecureStacge.2.48 001234567890 Gig 1/0/28 178 T S SecureStacge.1.24 CORE1-ARE-HN Gig 3/0/28 162 R S I WS-C6506 Gig 2/24 SW01-ARE-HN# SW01-ARE-HN#sh lacp neighbor Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device is in Active mode P - Device is in Passive mode Channel group 69 neighbors Partner's information: LACP port Oper Port Port Port Flags Priority Dev ID Age Key Number State Gi1/0/28 SA 32768 0012.3456.7890 4s 0x8000 0x18 0x3D Gi2/0/28 SA 32768 0012.3456.7890 9s 0x8000 0x64 0x3D SW01-ARE-HN# B3_ARE-HN(rw)->show lacp Global Link Aggregation state: enabled Single Port LAGs: enabled ... some output removed ... Aggregator: lag.0.6 Actor Partner System Identifier: 00:11:11:11:11:11 00:22:22:22:22:22 System Priority: 32768 32768 Admin Key: 6 Oper Key: 6 69 Attached Ports: ge.1.24 ge.2.48 ... some output removed ... B3_ARE-HN(rw)-> VLan creation and Port assignments can be made with Enterasys' netsight console. It takes some time to get used to it but in my opinion is worth the effort, as you can use self defined templates eg for port settings. http://www.reischle.net/downloads/Enterasys-Cisco-Interop.pdfshapeimage_1_link_0
15. September 2008
Cisco - Enterasys Interoperability
Cisco - Enterasys Interoperability