Tuesday, August 26, 2008

Connecting a NetApp Fas3020 to Cisco 4948 switches

Well, today i'll consider the connection between two switches Cisco 4948 and two Storage Systems NetApp Fas3020.
This is a real situation happened during our recent switch migration....

we have:
2 storage systems:
Fas3020 A <-> Fas3020 B
and 2 Cisco 4948 dedicated to storage networking

Ok what happens when we must connect all toghether to provide the best redundancy as possible?
we follow the NetApp whitepapers and connect as follows:



So, two etherchannels for each switch, if a switch or a Fas3020 fails, we have full redundancy because each Fas3020 is configured with Active-Passive mode.

Fas3020 configuration is well documented by NetApp and obviously it's not my stuff, so i'll focus on Cisco 4948 Configuration.
There are two possible configurations for the switches etherchannels: Access mode if Fas3020 have only one vlan, Trunk mode if Fas3020 have multiple vlans configured on the same interfaces.

We have both configurations in our system, there are 4 Gi ports in access mode and 4 in trunk mode for each Fas3020.

The easiest configuration is for access mode,... [+/-]

we choosed to have an etherchannel with fixed "on" mode in our environment (lacp disabled).

i have configured something like this:

int gi 1/1
desc Fas3020A Vif n
switchport
switchport mode access
switchport access vlan 8
spanning-tree portfast
speed 1000
duplex full
channel-group 2 mode on
!
int gi 1/2
desc Fas3020A Vif n
switchport
switchport mode access
switchport access vlan 8
spanning-tree portfast
speed 1000
duplex full
channel-group 2 mode on
!
int portchannel 2
desc Fas3020A vif n etherchannel
switchport
switchport mode access
switchport access vlan 8
spanning-tree portfast
!


If you forget to enable portchannels and configure the ports simply in access mode... the Fas3020 doesn't matter, but the switch logs errors like "%C4K_EBM-4-HOSTFLAPPING: Host 02:A0:98:04:6F:0F in vlan 8 is flapping between port Gi1/2 and port Gi1/1".
No spanning tree issues and no blocked ports, the Fas3020 uses Active/Passive with his virtual MAC Address, so we can safely disable spanning tree on Fas ports ( spanning-tree portfast command )


For trunking mode i can't find (easly) NetApp configuration examples,... [+/-]


ok they made storage.. not switches, so i must try ;-)

First i tryed with a simple (ingenuous) trunk, but when ports joined ehterchannel, they transit all 802.1d states, aka spanning tree "freezes" trunk ports connected to Fas3020.
Not a funny stuff on a production system... and despite RSTP+ enabled globally on the switch, the Fas3020 it's simply a host...don't "understands" RSTP, so there are 48 seconds of fear ;-)
So i opened my BCMSN book and read about spanning-tree configurations... (this time testing on my lab before... ) ;-)

The well (un)documented command results to be "spanning-tree portfast trunk" that enables portfast even on a trunk port (or portchannel).

So my final configuration for trunking portchannels with fas was like this:


int gi 1/1
desc Fas3020A Vif n
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 23-26,66
switchport mode trunk
spanning-tree portfast trunk
speed 1000
duplex full
channel-group 2 mode on
!
int gi 1/2
desc Fas3020A Vif n
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 23-26,66
switchport mode trunk
spanning-tree portfast trunk
speed 1000
duplex full
channel-group 2 mode on
!
int portchannel 2
desc Fas3020A Vif n ehterchannel
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 23-26,66
switchport mode trunk
spanning-tree portfast trunk
!


bingooo, with this configuration trunks where up without waiting slow STP states and WOW... bulletproof!



Final considerations:
-try before on a testing env, 2 switches will be enough, just disable STP on one switch to simulate Fas3020... ("no spanning-tree vlan n" commands on the TEST switch)
-be careful with trunks betw switches and trunking hosts... hosts DOESN'T send out BPDUs!


2 comments:

Mjenks said...

Just used your first solution on my netapp FAS270 that was causing the same errors on my Cisco.

Worked like a charm.

I wonder if linux is ever going to support LACP..?

Marco Rizzi said...

Hi Mjenks,

I'm happy that your config was successful ;-)

I guess Netapp and linux in general is supporting Lacp, but I personally prefer to use the static mode "on" on my portchannels. (less to negotiate, less to fail ) ;-)