Unidentified network on teamed interface

In this case I was configuring Windows Server 2012 with two network interfaces. Both network interfaces were added to a team interface. Team was configured in switched dependent / Address Hash / LACP mode. Server was connected on Cisco Catalyst 4507. Initial port configuration was like this:

interface Port-channelX
switchport trunk encapsulation dot1q
switchport trunk allowed vlan Y
switchport mode trunk

interface GigabitEtherneta/b
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group X mode active


interface GigabitEthernetc/d
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group X mode active


After rebooting the server, Windows Server 2012 was unable to identify the network even though the server was properly configured, connected and domain joined. After disconnecting and connecting the network, the server was able to identify the network and apply the right domain firewall profile. The reason for this behavior was Network Location Awareness service, which was unable to test the network for connection type, since the network was not available during boot time. And, the reason why the network was not available, were spanning tree blocking and learning states. To change this kind of behavior, and to skip spanning tree blocking and learning states
spanning-tree portfast trunk should be added to interface Port-channelX configuration.
After adding the spanning-tree portfast trunk, the server was able to determine the network during boot, and applied the appropriate network profile, which in my case was domain firewall profile.
 
If the server was connected on Cisco switch with NXOS, the port channel should be configured with spanning-tree port type edge which will skip the spanning tree blocking and learning states. More info on http://www.cisco.com/web/techdoc/dc/reference/cli/nxos/commands/l2/spanning-tree_port_type_edge.html .

No comments:

Post a Comment

How to check EMBG (Unique Master Citizen Number) using regex

In this post, I will share my implementation of how to check if some number looks like EMBG or Unique Master Citizen Number. For those of yo...