Configuring Aggregated Ethernet LACP
For aggregated Ethernet interfaces, you can configure the Link Aggregation Control Protocol (LACP). LACP is one method of bundling several physical interfaces to form one logical interface. You can configure both VLAN-tagged and untagged aggregated Ethernet with or without LACP enabled.
For Multichassis Link Aggregation (MC-LAG), you must specify the
system-id
and admin
key.
MC-LAG peers use the same
system-id
while sending the LACP messages. The
system-id
can be configured on the MC-LAG network device and synchronized between peers for
validation.
LACP exchanges are made between actors and partners. An actor is the local interface in an LACP exchange. A partner is the remote interface in an LACP exchange.
LACP is defined in IEEE 802.3ad, Aggregation of Multiple Link Segments.
LACP was designed to achieve the following:
Automatic addition and deletion of individual links to the aggregate bundle without user intervention
Link monitoring to check whether both ends of the bundle are connected to the correct group
The Junos OS implementation of LACP provides link monitoring but not automatic addition and deletion of links.
The LACP mode can be active or passive. If the actor and partner are both in passive mode, they do not exchange LACP packets, which results in the aggregated Ethernet links not coming up. If either the actor or partner is active, they do exchange LACP packets. By default, LACP is turned off on aggregated Ethernet interfaces. If LACP is configured, it is in passive mode by default. To initiate transmission of LACP packets and response to LACP packets, you must configure LACP in active mode.
To enable LACP active mode, include the lacp statement at the
[edit interfaces interface-name
aggregated-ether-options] hierarchy level, and specify the
active
option:
[edit interfaces interface-name aggregated-ether-options] lacp { active; }
The LACP process exists in the system only if you configure the system in either active or passive LACP mode.
To restore the default behavior, include the lacp statement at the
[edit interfaces interface-name
aggregated-ether-options]
hierarchy level, and specify the
passive
option:
[edit interfaces interface-name aggregated-ether-options] lacp { passive; }
Starting with Junos OS release 12.2, you can also configure LACP to override the IEEE 802.3ad standard and to allow the standby link always to receive traffic. Overriding the default behavior facilitates subsecond failover.
To override the IEEE 802.3ad standard and facilitate subsecond failover, include the
fast-failover statement at the [edit interfaces
interface-name aggregated-ether-options lacp]
hierarchy level.
For more information, see the following sections:
Configuring the LACP Interval
By default, the actor and partner send LACP packets every second. You can
configure the interval at which the interfaces send LACP packets by including
the periodic statement at the [edit interfaces
interface-name aggregated-ether-options
lacp] hierarchy level:
[edit interfaces interface-name aggregated-ether-options lacp] periodic interval;
The interval can be fast (every second) or slow (every 30 seconds). You can configure different periodic rates on active and passive interfaces. When you configure the active and passive interfaces at different rates, the transmitter honors the receiver’s rate.
Source address filtering does not work when LACP is enabled.
Percentage policers are not supported on aggregated Ethernet interfaces with the CCC protocol family configured. For more information about percentage policers, see the Routing Policies, Firewall Filters, and Traffic Policers User Guide.
Generally, LACP is supported on all untagged aggregated Ethernet interfaces. For more information, see Configuring Untagged Aggregated Ethernet Interfaces.
Configuring LACP Link Protection
When using LACP link protection, you can configure only two member links to an aggregated Ethernet interface: one active and one standby.
To force active and standby links within an aggregated Ethernet, you can
configure LACP link protection and system priority at the aggregated Ethernet
interface level using the
link-protection
and system-priority statements. Configuring values at this
level results in only the configured interfaces using the defined configuration.
LACP interface configuration also enables you to override global (chassis) LACP
settings.
LACP link protection also uses port priority. You can configure port priority at
the Ethernet interface [ether-options] hierarchy level using
the port-priority statement. If you choose not to configure
port priority, LACP link protection uses the default value for port priority
(127).
LACP link protection supports per-unit scheduling configuration on aggregated Ethernet interfaces.
To enable LACP link protection for an aggregated Ethernet interfaces, use the
link-protection statement at the [edit interfaces
aeX aggregated-ether-options lacp] hierarchy
level:
[edit interfaces aeX aggregated-ether-options lacp] link-protection; disable; revertive; non-revertive; }
By default, LACP link protection reverts to a higher-priority (lower-numbered)
link when that higher-priority link becomes operational or a link is added to
the aggregator that is determined to be higher in priority. However, you can
suppress link calculation by adding the non-revertive statement
to the LACP link protection configuration. In nonrevertive mode, once a link is
active and collecting and distributing packets, the subsequent addition of a
higher-priority (better) link does not result in a switch and the current link
remains active.
If LACP link protection is configured to be nonrevertive at the global
([edit chassis] hierarchy) level, you can add the
revertive statement to the LACP link protection
configuration to override the nonrevertive setting for the interface. In
revertive mode, the addition of a higher-priority link to the aggregator results
in LACP performing a priority recalculation and switching from the current
active link to the new active link.
If both ends of an aggregator have LACP link protection enabled, make sure to configure both ends of the aggregator to use the same mode. Mismatching LACP link protection modes can result in lost traffic.
We strongly recommend you to use LACP on both ends of the aggregator, when you connect an aggregated Ethernet interface with two member interfaces to any other vendor device. Otherwise, the vendor device (say a Layer 2 switch, or a router), will not be able to manage the traffic coming from the two link aggregated Ethernet bundle. As a result, you might observe the vendor device sending back the traffic to the backup member link of the aggregated Ethernet interface.
Currently, MX-MPC2-3D, MX-MPC2-3D-Q, MX-MPC2-3D-EQ, MX-MPC1-3D, MX-MPC1-3D-Q, and MPC-3D-16XGE-SFPP do not drop traffic coming back to the backup link, whereas DPCE-R-Q-20GE-2XGE, DPCE-R-Q-20GE-SFP, DPCE-R-Q-40GE-SFP, DPCE-R-Q-4XGE-XFP, DPCE-X-Q-40GE-SFP, and DPCE-X-Q-4XGE-XFP drop traffic coming to the backup link.
Configuring LACP System Priority
To configure LACP system priority for aggregated Ethernet interfaces on the
interface, use the system-priority statement at the
[edit interfaces aeX aggregated-ether-options
lacp] hierarchy level:
[edit interfaces aeX aggregated-ether-options lacp] system-priority;
The system priority is a 2-octet binary value that is part of the LACP system ID. The LACP system ID consists of the system priority as the two most-significant octets and the interface MAC address as the six least-significant octets. The system with the numerically lower value for system priority has the higher priority. By default, system priority is 127, with a range of 0 to 65,535.
Configuring LACP System Identifier
To configure the LACP system identifier for aggregated Ethernet interfaces, use
the system-id statement at the [edit interfaces
aeX aggregated-ether-options lacp] hierarchy
level:
[edit interfaces aeX aggregated-ether-options lacp] system-id system-id;
The user-defined system identifier in LACP enables two ports from two separate devices to act as though they were part of the same aggregate group.
The system identifier is a 48-bit (6-byte) globally unique field. It is used in combination with a 16-bit system-priority value, which results in a unique LACP system identifier.
Configuring LACP administrative Key
To configure an administrative key for LACP, include the admin-key
number statement at the edit
interfaces aex aggregated-ether-options lacp] hierarchy level:
[edit interfaces ae x aggregated-ether-options-lacp] admin-key number;
You must configure MC-LAG to configure the admin-key
statement. For more information about MC-LAG, see Configuring Multichassis Link Aggregation on MX Series Routers
.
Configuring LACP Port Priority
To configure LACP port priority for aggregated Ethernet interfaces, use the
port-priority statement at the [edit interfaces
interface-name ether-options 802.3ad
aeX lacp] or [edit interfaces
interface-name ether-options 802.3ad
aeX lacp] hierarchy levels:
[edit interfaces interface-name ether-options 802.3ad aeX lacp] port-priority priority;
The port priority is a 2-octet field that is part of the LACP port ID. The LACP port ID consists of the port priority as the two most-significant octets and the port number as the two least-significant octets. The system with the numerically lower value for port priority has the higher priority. By default, port priority is 127, with a range of 0 to 65,535.
Port aggregation selection is made by each system based on the highest port priority and are assigned by the system with the highest priority. Ports are selected and assigned starting with the highest priority port of the highest priority system and working down in priority from there.
Port aggregation selection (discussed above) is performed for the active link when LACP link protection is enabled. Without LACP link protection, port priority is not used in port aggregation selection.
Tracing LACP Operations
To trace the operations of the LACP process, include the
traceoptions statement at the [edit protocols
lacp] hierarchy level:
[edit protocols lacp] traceoptions { file <filename> <files number> <size size> <world-readable | no-world-readable>; flag flag; no-remote-trace; }
You can specify the following flags in the protocols lacp
traceoptions statement:
all—All LACP tracing operations
configuration—Configuration code
packet—Packets sent and received
process—LACP process events
protocol—LACP protocol state machine
routing-socket—Routing socket events
startup—Process startup events
LACP Limitations
LACP can link together multiple different physical interfaces, but only features that are supported across all of the linked devices will be supported in the resulting link aggregation group (LAG) bundle. For example, different PICs can support a different number of forwarding classes. If you use link aggregation to link together the ports of a PIC that supports up to 16 forwarding classes with a PIC that supports up to 8 forwarding classes, the resulting LAG bundle will only support up to 8 forwarding classes. Similarly, linking together a PIC that supports WRED with a PIC that does not support it will result in a LAG bundle that does not support WRED.
Example: Configuring Aggregated Ethernet LACP
This example shows how to configure an aggregated ethernet interface with active LACP between two EX switches.
Topology
Two EX switches are connected together using two interfaces in an aggregated ethernet configuration.
Configure aggregated Ethernet LACP over an untagged interface:
We are only showing the configuration for EX1 in this example. EX2 has the same configuration except for the IP address.
LACP with Untagged Aggregated Ethernet
The chassis configuration allows for 1 aggregated ethernet interface. The
802.3ad configuration associates both interfaces
ge-0/0/0 and ge-0/0/1 with interface
ae0. The ae0 aggregated-ether-options
configuration enables active mode LACP.
user@EX1# show
...
chassis {
aggregated-devices {
ethernet {
device-count 1;
}
}
}
interfaces {
ge-0/0/0 {
ether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
ether-options {
802.3ad ae0;
}
}
ae0 {
aggregated-ether-options {
lacp {
active;
}
}
unit 0 {
family inet {
address 10.1.1.1/30;
}
}
}
}Verification
Verifying the Aggregated Ethernet Interface
Purpose
Verify the aggregated ethernet interface has been created and is up.
Action
Use the command show interfaces terse | match ae
from operational mode.
user@EX1> show interfaces terse | match ae ge-0/0/0.0 up up aenet --> ae0.0 ge-0/0/1.0 up up aenet --> ae0.0 ae0 up up ae0.0 up up inet 10.1.1.1/30
Meaning
The output shows that ge-0/0/0 and ge-0/0/1 are bundled together to
create the aggregated ethernet interface ae0 and
the interface is up.
Verifying LACP is Active
Purpose
Verify which interfaces are participating in LACP and the current state.
Action
Use the command show lacp interfaces from
operational mode.
user@EX1> show lacp interfaces
Aggregated interface: ae0
LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity
ge-0/0/0 Actor No No Yes Yes Yes Yes Fast Active
ge-0/0/0 Partner No No Yes Yes Yes Yes Fast Active
ge-0/0/1 Actor No No Yes Yes Yes Yes Fast Active
ge-0/0/1 Partner No No Yes Yes Yes Yes Fast Active
LACP protocol: Receive State Transmit State Mux State
ge-0/0/0 Current Fast periodic Collecting distributing
ge-0/0/1 Current Fast periodic Collecting distributingMeaning
The output shows that the active mode LACP is enabled.
Verify Reachability
Purpose
Verify that ping works between the two EX switches.
Action
Use the ping 10.1.1.2 count 2 operational mode
command on EX1.
user@EX1> ping 10.1.1.2 count 2 PING 10.1.1.2 (10.1.1.2): 56 data bytes 64 bytes from 10.1.1.2: icmp_seq=0 ttl=64 time=2.249 ms 64 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=2.315 ms --- 10.1.1.2 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 2.249/2.282/2.315/0.033 ms
Meaning
EX1 is able to ping EX2 across the aggregated ethernet interface.
