Configuring Aggregated Ethernet LACP
For aggregated Ethernet interfaces, you can configure the Link Aggregation Control Protocol (LACP). LACP is one method of bundling several physical interfaces to form one logical interface. You can configure both VLAN-tagged and untagged aggregated Ethernet with or without LACP enabled.
For Multichassis Link Aggregation (MC-LAG), you must specify
the system-id
and admin key.
MC-LAG peers use the same system-id
while sending the LACP messages. The system-id
can be configured on the MC-LAG network device and synchronized between
peers for validation.
LACP exchanges are made between actors and partners. An actor is the local interface in an LACP exchange. A partner is the remote interface in an LACP exchange.
LACP is defined in IEEE 802.3ad, Aggregation of Multiple Link Segments.
LACP was designed to achieve the following:
Automatic addition and deletion of individual links to the aggregate bundle without user intervention
Link monitoring to check whether both ends of the bundle are connected to the correct group
The Junos OS implementation of LACP provides link monitoring but not automatic addition and deletion of links.
The LACP mode can be active or passive. If the actor and partner are both in passive mode, they do not exchange LACP packets, which results in the aggregated Ethernet links not coming up. If either the actor or partner is active, they do exchange LACP packets. By default, LACP is turned off on aggregated Ethernet interfaces. If LACP is configured, it is in passive mode by default. To initiate transmission of LACP packets and response to LACP packets, you must configure LACP in active mode.
To enable LACP active mode, include the lacp statement
at the [edit interfaces interface-name aggregated-ether-options] hierarchy level, and specify the active
option:
[edit interfaces interface-name aggregated-ether-options] lacp { active; }
The LACP process exists in the system only if you configure the system in either active or passive LACP mode.
To restore the default behavior, include the lacp statement at the [edit interfaces interface-name aggregated-ether-options]
hierarchy level, and specify the passive
option:
[edit interfaces interface-name aggregated-ether-options] lacp { passive; }
Starting with Junos OS release 12.2, you can also configure LACP to override the IEEE 802.3ad standard and to allow the standby link always to receive traffic. Overriding the default behavior facilitates subsecond failover.
To override the IEEE 802.3ad standard and facilitate subsecond
failover, include the fast-failover statement at the [edit interfaces interface-name aggregated-ether-options
lacp] hierarchy level.
For more information, see the following sections:
Configuring the LACP Interval
By default, the actor and partner send LACP packets every second.
You can configure the interval at which the interfaces send LACP packets
by including the periodic statement at the [edit interfaces interface-name aggregated-ether-options lacp] hierarchy
level:
[edit interfaces interface-name aggregated-ether-options lacp] periodic interval;
The interval can be fast (every second) or slow (every 30 seconds). You can configure different periodic rates on active and passive interfaces. When you configure the active and passive interfaces at different rates, the transmitter honors the receiver’s rate.
Source address filtering does not work when LACP is enabled.
Percentage policers are not supported on aggregated Ethernet interfaces with the CCC protocol family configured. For more information about percentage policers, see the Routing Policies, Firewall Filters, and Traffic Policers User Guide.
Generally, LACP is supported on all untagged aggregated Ethernet interfaces. For more information, see Configuring Untagged Aggregated Ethernet Interfaces.
Configuring LACP Link Protection
When using LACP link protection, you can configure only two member links to an aggregated Ethernet interface: one active and one standby.
To force active and standby links within an aggregated Ethernet,
you can configure LACP link protection and system priority at the
aggregated Ethernet interface level using the link-protection
and system-priority statements. Configuring values at this
level results in only the configured interfaces using the defined
configuration. LACP interface configuration also enables you to override
global (chassis) LACP settings.
LACP link protection also uses port priority. You can configure
port priority at the Ethernet interface [ether-options] hierarchy level using the port-priority statement. If
you choose not to configure port priority, LACP link protection uses
the default value for port priority (127).
LACP link protection supports per-unit scheduling configuration on aggregated Ethernet interfaces.
To enable LACP link protection for an aggregated Ethernet interfaces,
use the link-protection statement at the [edit interfaces
aeX aggregated-ether-options lacp] hierarchy
level:
[edit interfaces aeX aggregated-ether-options lacp] link-protection; disable; revertive; non-revertive; }
By default, LACP link protection reverts to a higher-priority
(lower-numbered) link when that higher-priority link becomes operational
or a link is added to the aggregator that is determined to be higher
in priority. However, you can suppress link calculation by adding
the non-revertive statement to the LACP link protection
configuration. In nonrevertive mode, once a link is active and collecting
and distributing packets, the subsequent addition of a higher-priority
(better) link does not result in a switch and the current link remains
active.
If LACP link protection is configured to be nonrevertive at
the global ([edit chassis] hierarchy) level, you can add
the revertive statement to the LACP link protection configuration
to override the nonrevertive setting for the interface. In revertive
mode, the addition of a higher-priority link to the aggregator results
in LACP performing a priority recalculation and switching from the
current active link to the new active link.
If both ends of an aggregator have LACP link protection enabled, make sure to configure both ends of the aggregator to use the same mode. Mismatching LACP link protection modes can result in lost traffic.
We strongly recommend you to use LACP on both ends of the aggregator, when you connect an aggregated Ethernet interface with two member interfaces to any other vendor device. Otherwise, the vendor device (say a Layer 2 switch, or a router), will not be able to manage the traffic coming from the two link aggregated Ethernet bundle. As a result, you might observe the vendor device sending back the traffic to the backup member link of the aggregated Ethernet interface.
Currently, MX-MPC2-3D, MX-MPC2-3D-Q, MX-MPC2-3D-EQ, MX-MPC1-3D, MX-MPC1-3D-Q, and MPC-3D-16XGE-SFPP do not drop traffic coming back to the backup link, whereas DPCE-R-Q-20GE-2XGE, DPCE-R-Q-20GE-SFP, DPCE-R-Q-40GE-SFP, DPCE-R-Q-4XGE-XFP, DPCE-X-Q-40GE-SFP, and DPCE-X-Q-4XGE-XFP drop traffic coming to the backup link.
Configuring LACP System Priority
To configure LACP system priority for aggregated Ethernet interfaces
on the interface, use the system-priority statement at
the [edit interfaces aeX aggregated-ether-options
lacp] hierarchy level:
[edit interfaces aeX aggregated-ether-options lacp] system-priority;
The system priority is a 2-octet binary value that is part of the LACP system ID. The LACP system ID consists of the system priority as the two most-significant octets and the interface MAC address as the six least-significant octets. The system with the numerically lower value for system priority has the higher priority. By default, system priority is 127, with a range of 0 to 65,535.
Configuring LACP System Identifier
To configure the LACP system identifier for aggregated Ethernet
interfaces, use the system-id statement at the [edit
interfaces aeX aggregated-ether-options lacp] hierarchy level:
[edit interfaces aeX aggregated-ether-options lacp] system-id system-id;
The user-defined system identifier in LACP enables two ports from two separate devices to act as though they were part of the same aggregate group.
The system identifier is a 48-bit (6-byte) globally unique field. It is used in combination with a 16-bit system-priority value, which results in a unique LACP system identifier.
Configuring LACP administrative Key
To configure an administrative key for LACP, include the admin-key number statement at the edit interfaces aex aggregated-ether-options lacp] hierarchy
level:
[edit interfaces ae x aggregated-ether-options-lacp] admin-key number;
You must configure MC-LAG to configure the admin-key statement. For more information about MC-LAG, see Configuring Multichassis Link Aggregation on MX
Series Routers .
Configuring LACP Port Priority
To configure LACP port priority for aggregated Ethernet interfaces,
use the port-priority statement at the [edit interfaces interface-name ether-options 802.3ad aeX lacp] or [edit interfaces interface-name ether-options 802.3ad aeX lacp] hierarchy
levels:
[edit interfaces interface-name ether-options 802.3ad aeX lacp] port-priority priority;
The port priority is a 2-octet field that is part of the LACP port ID. The LACP port ID consists of the port priority as the two most-significant octets and the port number as the two least-significant octets. The system with the numerically lower value for port priority has the higher priority. By default, port priority is 127, with a range of 0 to 65,535.
Port aggregation selection is made by each system based on the highest port priority and are assigned by the system with the highest priority. Ports are selected and assigned starting with the highest priority port of the highest priority system and working down in priority from there.
Port aggregation selection (discussed above) is performed for the active link when LACP link protection is enabled. Without LACP link protection, port priority is not used in port aggregation selection.
Tracing LACP Operations
To trace the operations of the LACP process, include the traceoptions statement at the [edit protocols lacp] hierarchy level:
[edit protocols lacp] traceoptions { file <filename> <files number> <size size> <world-readable | no-world-readable>; flag flag; no-remote-trace; }
You can specify the following flags in the protocols lacp
traceoptions statement:
all—All LACP tracing operations
configuration—Configuration code
packet—Packets sent and received
process—LACP process events
protocol—LACP protocol state machine
routing-socket—Routing socket events
startup—Process startup events
LACP Limitations
LACP can link together multiple different physical interfaces, but only features that are supported across all of the linked devices will be supported in the resulting link aggregation group (LAG) bundle. For example, different PICs can support a different number of forwarding classes. If you use link aggregation to link together the ports of a PIC that supports up to 16 forwarding classes with a PIC that supports up to 8 forwarding classes, the resulting LAG bundle will only support up to 8 forwarding classes. Similarly, linking together a PIC that supports WRED with a PIC that does not support it will result in a LAG bundle that does not support WRED.
Example: Configuring Aggregated Ethernet LACP
Configure aggregated Ethernet LACP over a VLAN-tagged interface:
LACP with VLAN-Tagged Aggregated Ethernet
[edit interfaces]
ge--1/1/1 {
ether-options {
802.3ad ae0;
}
}
ae0 {
aggregated-ether-options {
lacp {
active;
}
}
vlan-tagging;
unit 0 {
vlan-id 100;
family inet {
address 10.1.1.2/24 {
vrrp-group 0 {
virtual-address 10.1.1.4;
priority 200;
}
}
}
}
}
Configure aggregated Ethernet LACP over an untagged interface:
LACP with Untagged Aggregated Ethernet
[edit interfaces]
ge-1/1/1 {
ether-options-options {
802.3ad ae0;
}
}
ae0 {
aggregated-ether-options {
lacp {
active;
}
}
unit 0 {
family inet {
address 10.1.1.2/24 {
vrrp-group 0 {
virtual-address 10.1.1.4;
priority 200;
}
}
}
}
}