So, this is my first real post in what I hope to be a great learning and documentation tool!! I thought I would start off with something that most people are familiar with. It also just so happened that I needed to setup LACP in my lab first. The goal will be to not only review the basics of a protocol/technology, but also a deep dive to levels I've never needed to explore in the real world
What is LACP?
Link
Aggregation
Control
Protocol is a protocol/technique to dynamically bundle many similar
Ethernet interfaces into one virtual Port-Channel, or "Po", interface. This bundle can then be handled as a single interface. Po interface numbers do not have to match between member switches.
Configurations applied to the Po interface get pushed down to the member interfaces. LACP provides similar functionality to
PAgP, the Cisco proprietary cousin. Physical interfaces can be
bundled as Layer 2 (generally the Po interface will be a trunk, between switches perhaps)
or Layer 3 (an IP address added directly to the Po interface). If a single physical link goes down, the bundle continues to function uninterrupted. Often times the failure isn't even noticeable.
Why use LACP when a statically configured port-channel works great and without the negotiation overhead? LACP aims to protect the network by negotiating a bundle to avoid network degradation. In the event that port-channel is mis-configured, maybe the wrong ports were configured, a static port-channel will blindly forward traffic down whichever link it has decided traffic needs to flow. This is an easy way for a Layer 2 loop to form.
In the same scenario, LACP would not put an interface into a bundle unless it can confirm there is a LACP neighbor on the other side. If LACPDUs time out, the interface is simply removed from the bundle, placed in stand-alone and allowed to function as an independent interface. This means that the switch will see this interface as a unique link and things like STP will kick off. Sure this may not be optimal if for some reason STP decided to block the Po interface, but hey, at least you're not dropping the entire network.
== It is important to keep in mind that the rest of this post will explore LACP from a Cisco perspective. LACP is vendor agnostic so the concepts should be the same, but configurations and commands will be different of course. ==
Definitions
- EtherChannel - Cisco term for a group of bundled physical interfaces
- Port-Channel - Cisco's logical representation of an EtherChannel. This is where configurations are made
Good LACP Reference Links
Basic LACP Concepts
Ethernet Types
- LACP can only be used to bundle Ethernet interfaces of the same type.
- For example, a 100/full interface cannot be bundled with a 1000/full or 100/half interface. Speed an duplex have to match for each member interface.
- Note, as long as the above holds true, it doesn't matter which physical interfaces numbers are used.
- LACP supports up to 16 total interfaces in a bundle, with 8 of those interfaces being active.
- Additional bundled interfaces will be in "hot-standby".
LACP Modes
There are two modes to negotiate LACP, active and passive.
(I've read about Cisco saying there is an "off" mode on a test, but that doesn't make any sense to me. If you turn it off, it isn't a "mode"... It is just off and not running.) Keep in mind, these aren't the only possible port-channel modes, just the modes specific to LACP negotiation.
- Active mode - will send and listen for LACPDUs.
- Passive mode - will only listen for LACPDUs.
This means that you need at least one side of a particular link in a bundle to be configured as Active. The other side of this link can be either Active or Passive.
== LACP Mode Chart ==
| Link Side A |
Link Side B |
State |
| Active |
Active |
Bundled |
| Active |
Passive |
Bundled |
| Passive |
Active |
Bundled |
| Passive |
Passive |
Not Bundled |
Advanced LACP Concepts
In truth, one can mostly get away with only knowing basic LACP concepts and configuration. Over 90% of the time, just setting up the bundle, ensuring that the Po interface is configured correctly and verifying all interfaces are bundled will get things up and running. However, there are cases, I've experienced some personally, where further knowledge of how LACP actually works is important.
Hashing and Traffic Path Determination
It is easy to think that if three Gigabit interface are bundled then there will be three Gigabit worth of throughput available. Theoretically, yes. In reality no. EtherChannels uses an
XOR hashing algorithm to determine which link to forward traffic. This algorithm is
only used by the forwarding switch for path selection. The receiving switch doesn't care which physical interface the traffic was received on, the traffic has arrive and needs to be forwarded on.
Of note, this hashing algorithm applies to all EtherChannels; LACP, PAgP and static.
The XOR hashing algorithm uses information gathered from the traffic itself. Everything from MAC addresses, IP addresses and transport (TCP/UDP) ports can be used. Since the hashing algorithm is only used by the forwarding switch, load-balancing methods do not have to be the same between EtherChannel neighbors. Also,
L2, L3 and L4 information cannot be mixed in the hash algorithm. The load-balancing method is a global configuration and, depending on the switch model, can be any of the following.
== EtherChannel Load-Balancing Algorithms ==
| Hash Code |
Information Used |
| dst-ip |
Only destination L3 IP address |
| src-ip |
Only source L3 IP address |
| src-dst-ip |
Both source and destination L3 IP address |
| dst-mac |
Only destination L2 MAC address |
| src-mac |
Only source L2 MAC address |
| src-dst-mac |
Both source and destination L2 MAC address |
| dst-port |
Only destination L4 port number |
| src-port |
Only source L4 port number |
| src-dst-port |
Both source and destination L4 port number |
Example of configuring the load-balancing algorithm on a 4500-X:
LACP-01(config)#port-channel load-balance ?
dst-ip Dst IP Addr
dst-mac Dst Mac Addr
dst-port Dst TCP/UDP Port
src-dst-ip Src XOR Dst IP Addr
src-dst-mac Src XOR Dst Mac Addr
src-dst-port Src XOR Dst TCP/UDP Port
src-ip Src IP Addr
src-mac Src Mac Addr
src-port Src TCP/UDP Port
LACP-01(config)#port-channel load-balance src-dst-ip ?
<cr>
LACP-01#show etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-mac
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source MAC address
IPv4: Source MAC address
IPv6: Source MAC address
Bundle Master and Link Determination
When more than 8 links are used a mechanism is needed to determine which links we be moved to hot standby. LACP uses the concept of a master, in which one of the LACP devices is elected by way of a sys-id value. The master is responsible for controlling which bundled interfaces are active or hot-standby. The sys-id is made up of two values. When compared, the lowest value is elected master.
- system-priority
- Globally configured value specific to LACP
- Default value is 32768
- System MAC address
LACP-01#show lacp sys-id
32768, 0022.bd3e.6b00
LACP-01(config)#lacp system-priority ?
<1-65535> Priority value
To determine a bundle master
- The systems priority values are compared
- This value is globally configurable
- Default value of 32768
- Lowest wins
- In the event of a tie, the system MAC address is then compared
- Lowest wins
The systems priority values are compared first. In the event of a tie, the system MAC address is then compared.
There is no command to show bundle master. You just have to know the rules.
With a master elected, active ports are determined in a similar fashion, leveraging LACP port priority and interface number values.
- LACP port priority is compared among all member links.
- Value configurable per port
- Lowest wins
- System interface number is then compared for remaining interfaces
- Lowest wins
In summary, to enable lower numbered interfaces to be hot-standby, modify the LACP port priority value(s) on the LACP master switch.
LACP-02#sh lacp internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 1
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi0/15 SP bndl 32768 0x1 0x1 0xF 0x3C
Gi0/16 SA bndl 32768 0x1 0x1 0x10 0x3D
Gi0/17 SA bndl 32768 0x1 0x1 0x11 0x3D
Gi0/18 SA bndl 32768 0x1 0x1 0x12 0x3D
Gi0/19 SA bndl 32768 0x1 0x1 0x13 0x3D
Gi0/20 SA bndl 32768 0x1 0x1 0x14 0x3D
Gi0/21 SA bndl 32768 0x1 0x1 0x15 0x3D
Gi0/22 SA hot-sby 32768 0x1 0x1 0x16 0x5
Gi0/23 SA bndl 16 0x1 0x1 0x17 0x3D
Port priority set to less than 32768, becomes active.
Gi0/24 SA hot-sby 32768 0x1 0x1 0x18 0x5
LACP Configuration
Lab Environment
LACP-01 and LACP-02 are connected one for one with ports 15-24. These interfaces are all 1 Gbps ports set to auto-negotiate speed and duplex. This ensure that all ports are like, a requirement of LACP. A layer 2 port channel will the built, but the same steps can be used to build for layer 3.
Configuration
LACP-01(config)#interface range gi0/15-24
LACP-01(config-if-range)#channel-group 1 mode active
Creating a port-channel interface Port-channel 1
LACP-01(config)#interface port-channel 1
LACP-01(config-if)#switchport trunk encapsulation dot1q
LACP-01(config-if)#switchport mode trunk
Verify configurations have been pushed down
LACP-01(config-if)#do show run interface gi0/15
Building configuration...
Current configuration : 127 bytes
!
interface GigabitEthernet0/15
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode active
end
Replicate this configuration on LACP-02 and verify Po1 is up.
LACP-01#show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi0/15(P) Gi0/16(P) Gi0/17(P)
Gi0/18(P) Gi0/19(P) Gi0/20(P)
Gi0/21(P) Gi0/22(H) Gi0/23(P)
Gi0/24(H)
At this point LACP is active and normally that's all it takes. LACP system and port priority can be used to manage which interfaces are bundled and which are hot-standby. Global port-channel load balancing can also be configured to improve performance.
