Uplink Interface Connectivity
Configure Uplink Interface Connectivity
48
Best Practice User Guide for the Catalyst 3850 and Catalyst 3650 Switch Series
EtherChannel Connection to Router 1
EtherChannel Connection to Router 2
Configure Security Features on an Uplink EtherChannel Interface
Step 2 Configure IPv4 and IPv6 security features on uplink EtherChannel interfaces.
The uplink EtherChannel interfaces to distribution routers and switches should be configured to trust
router advertisements and IP response, because Layer 3 routing and server functionality resides on the
distribution switches and routers. This step is different from the access interface-to-end device
configuration, which should not be trusted, as specified in the “Access Interface Connectivity” workflow.
The policies that should be applied are defined in the “Global System Configuration” workflow.
In the following example, security is applied to the uplink interfaces connecting to VPC, VSS, or
standalone switch.
interface GigabitEthernet 1/1/1
description connection to Distribution router 1
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 10,11,12,100,200
spanning-tree portfast trunk
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet 2/1/1
description connection to Distribution router 1
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 10,11,12,100,200
spanning-tree portfast trunk
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet 1/1/2
description connection to Distribution router 2
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 10,11,12,100,200
spanning-tree portfast trunk
channel-protocol lacp
channel-group 2 mode active
interface GigabitEthernet 2/1/2
description connection to Distribution router 2
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 10,11,12,100,200
spanning-tree portfast trunk
channel-protocol lacp
channel-group 2 mode active
To Next Page
Loading...
