Hello,
Please note that trunk means different things with HPE Aruba switches and some other vendors. Trunk in the HPE ArubaOS means link aggregation that is multiple physical ports aggregated for load sharing. Cisco, HPE Comware and many other vendors define trunk as an interface which can transport multiple VLANs.
You can create the trunk (link aggregation) on the Aruba 2920 with the following command
SW-A#config
SW-A(config)#trunk 3-4 trk2 lacp
Here we assume that you are giving the name trk2 to this new trunk and configure it to use lacp. You should double check if the Lenovo switch will be configured to use the LACP protocol for link aggregation. If the Lenovo doesnt support LACP but only a static trunk (link aggregation LAG) you can configure the static trunk using the following command. Static means that there will be no LACP negotiation and the ports will be staticially assigned to the trunk. This setting must match between the switches.
SW-A(config)#trunk 3-4 trk2 trunk
Once the trunk is created it will be member of VLAN 1 by default. The VLAN assigment of port 3 and 4 will be reset.
You can assign the trunk to a VLAN like any physical port.
Here is how you can make the port untagged member of VLAN 71
SW-A(config)#vlan 71 untagged trk2
Here is how you can make the port tagged member of VLAN 71
SW-A(config)#vlan 71 tagged trk2
Whether the port will be untagged or tagged in VLAN 71 depends on the configuration of the Lenovo switch resp the VLAN tag configuration should match between both switches. If the Lenovo is untagged in VLAN 71 then the HPE switch should also be untagged and vice versa.
Please also keep in mind that a port or a trunk can be untagged member of only one VLAN but tagged member of multiple VLANs. That allows you to interconnect multiple VLANs on both switches. Lets say you have VLAN 71 and VLAN 100 on both switches, Lenovo and HPE and you want VLAN 71 to be untagged and VLAN 100 tagged. Here is how you configure it on the HPE switch.
SW-A(config)#vlan 71 untagged trk2
SW-A(config)#vlan 100 tagged trk2
Spanning Tree is enabled on the 2920 but there are no other STP settings. With this configuration the switch will be running in MSTP mode but since no MSTP instances are configured it will basically function like RSTP and can interoperate with switches running RSTP.
IP routing is enabled on the IPv6 which means that the switch can route between VLANs and support routing protocols.
We see that RIP is enabled on VLAN 100 and there is a default route pointing to another router in VLAN 100 -10.90.100.1. So probably VLAN 100 doesnt have hosts and is only used to interconnect routing devices.
If the Lenovo switch will only support VLAN 71 I dont think that you need routing there, you just need to configure trk2 as tagged or untagged memebr of VLAN 71. This will allow the host to obtain an IP from the DHCP server 192.168.90.5 and use the IP interface of the 2920 in VLAN 71 IP 10.90.71.1 as their default gateway.
Hi @fakiee , @Emil_G described perfectly all possible scenarios...so, provided that it looks clear that you want to aggregate two physical ports together (I suggest you to go LACP, if supported also on Lenovo Switch side) the main question is: what VLANs want you to transport between Switch B (Lenovo) and Switch A? and...how you want to transport them?
You have basically two choices (on both ends):
- Transport one VLAN as Untagged and transport all the others (one or more) Tagged.
- Transport all VLANs as Tagged (leaving the Trk logical interface "orphaned" by Untagged membership)
I suggest to chose the first one and select a VLAN (generally the VLAN 1 default) as Untagged, the others Tagged.
In your case you will have (N and M are two physical ports, trkX will be the Logical Trunk port):
trunk N,M trkX lacp
interface ethernet trkX untagged vlan 1 (not really required as trkX will be placed as Untagged member of VLAN 1 by default)
interface ethernet trkX tagged vlan 71On Lenovo side you should do the same (the LAG interface will be configured with LACP IEEE 802.3ad and it will be Untagged in VLAN 1 and Tagged in VLAN 71).
I'm not an HPE Employee
Hello,
Judging by your response I see that my explenation was confusing and not clear. Please ignore it and follow parnassus' advise.
Hi fakiee, there is some confusion going on here...what I wrote above (and what @Emil_G wrote too) was referred to (logical or physical) interfaces used to perform the link between switches...you don't need to change ANYTHING about VLANs...you just need to decide - for a particular trunk (link aggregation), in your case - how to set untagged/tagged membership of that particular logical port (the trunk port) to a particular VLAN/to a set of VLANs...this has nothing to do with how those VLANs are then used on all other (access or link) ports to other devices/switches.
To semplify a bit...you can have Switch A trk1 untagged member of VLAN 71 and tagged member of VLAN 100 and, here I'm supposing (not knowing how VLANs are transported all over your network), corresponding Core Switch's logical trkY port set the same (to match)...AND you can have Switch A trk2 used to link to Switch B with another type of VLANs' memberships (clearly shared with Switch B's uplink port)...if your requirement is to transport VLAN 1, VLAN 71 AND ALSO VLAN 100 (because you have those ones on the Core and you need them also on the last Switch B of the chain) THEN you have to transport all three using method 1 (Untag 1, Tag 71 and 100) or 2 (Tag 1, 71 and 100) and you have to apply the method on logical ports of Switch A and B regardless of the method used between Switch A and Core (it's also not necessary that you transport all the very same VLANs since some of them from the Core are maybe used only on Switch A and are not required on Switch B)...that's to say that the way you accomodate VLANs' membership on that link (Switch A - Switch B), again, has nothing to do with the rest (apart trying to respect a common schema in your network).
Try to visualize VLANs as a thing you propagate (where needed) between switches and also between switches and their connected edge devices (access devices)...you can really "switch" from tagged membership to untagged membership on a per link-basis every time you want (disruptin a common schema, if any)...the important thing is that the considered link shares the same VLAN related settings on both ends...what happen afterwards (once VLANs are landed on a particular switch) is related to what access ports do need to be tagged (less often)/untagged (often) using a particular VLAN...there cases where you can transport a VLAN and then that VLAN is not used in any other port than the uplink port between switches (it's a way to have always a VLAN in Up state or to have a VLAN ready to be used because already transported [*]).
There is also a third scenario that you can apply to Switch-to-Switch links: create a blackhole VLAN on both peers (say an unsued VLAN Id like, example, 3999) and then untag Switch A trk2 to VLAN 3999 leaving trk2 tagged on VLAN 1, 71 and 100 or what you need to be transported...do the same on the other end...in this case VLAN 3999 will be used ONLY there (because unused elsewhere)...it's a way of still having the link's ports as untagged members of a (non default) VLAN without using Default VLAN (VLAN 1)...but this is just another type of approach. Go just with 1 (my preferred [**]) or 2.
[*] with that you will transport the broadcast traffic too.
[**] I wrote untagged member of VLAN 1 (which is Default VLAN) but you can change to whatever VLAN you want/need.
I'm not an HPE Employee
It's harder writing about VLANs than managing VLANs...
OK, so...considering the configuration lines you posted (related to an Aruba 2920 48G Switch J9728A)...I can summarize this with regard to VLANs membership of logical interfaces trk1 and trk30:
- Port 45, 46, 47 and 48 form an aggregated link trk1 which uses LACP IEEE 802.3ad Protocol.
- Port 2, 9, 43 and 44 form an aggregated link trk30 which uses LACP IEEE 802.3ad Protocol.
- The interface trk1 was removed from being an untagged member of Default VLAN id 1 (no untagged in vlan 1 context), the same was done on trk30.
- The interface trk30 was set as untagged member of VLAN id 71.
- The interface trk1 was set as untagged member of VLAN id 100.
The above means that your Aruba 2920 actually configured:
- permits only untagged traffic belonging to VLAN id 71 on trk30 to/from connected peer on that link.
- permits only untagged traffic belonging to VLAN id 100 on trk1 to/from connected peer on that link.
So another trkX - made by port N and M or whatever - (with X clearly different by 1 and 30 since they are already used on trk1 and trk30 respectively) used for Lenovo link that behave like trk30 would be easily configured using:
interface ethernet trkX vlan untagged 71the same must be accomplished on the Lenovo side using Lenovo commands.
Worth to note that:
ip default-gateway 10.90.100.1
ip route 0.0.0.0 0.0.0.0 10.90.100.1
ip routingthe IP Default-Gateway setting has no meaning when IP Routing feature is enabled (and indeed you have a last resort route 0/0 to the very same IP Address 10.90.100.1)...so you can remove it...but then a question rises: is the Aruba 2920 your Core since it has the IP Routing enabled or what?
I'm not an HPE Employee