Wireless Access

Reply
Highlighted
Frequent Contributor I

Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Hi All

 

In a lot of instances your single 1Gb or even 10Gb (if your lucky) uplink from your Controller to your switching infrastructure would be sufficient, but as you grow and you add more APs and users this single link can become a problem regarding Bandwidth availability and reliability. Fortunately with LACP you can aggregate multiple links to act as a single uplink to provide you redundancy and greater bandwidth.

 

In the below example I will show you how to configure LACP from your controller and what will be required from your switching side.

 

Please note that during LACP configuration if BOTH the Switch and the Controllers Ports aren't configured with the same LACP config you will loose connectivity to the Controller - hence we 1st Configure the Controller, as and when the controller is configured with LACP and your switch is not the controller will disconnect. On the switch we will continue to configure the LACP which will complete the LACP configuration and the controller will become accessible. Of course if you have redundant Controllers setup you shouldn't experience any problems from the AP or User perspective as failover should occur on the controllers.

 

So lets Begin

 

  1. Login to your Controller, then select the "Configuration Tab" and select "Ports"
    Conf-Ports.jpg

  2. With your relevant port selected (remember to repeat these steps on all ports who should belong to the aggregated link), scroll down to the LACP section and set the following options:
    Group: 1                  <This is the ID of the Port Channel -- must be same for all ports in the same group>
    Mode: Active            <You can set the mode Active or Passive for the receiving and sending of LACPDU to and from the switch>
    Priority: 2                  <Priority of Port within the Group>
    Timeout: Short        <Period before the port will be disabled in the Group>
    LACP.JPG

    NOTE: With Mode I prefer to set all Links to Active (getting and making use of all available Link Bandwidth), however this largely depends on the switching infrastructure if it supports Active/Active links.

    Hit Apply for Changes to be saved

  3. Next select the "Port-Channel" tab at the top and Highlight all the ports that need to be included in the Group.
    PortChannel.jpg

  4. Ensure the Port-Channel ID is selected and set to the correct number - the same as you configured in step 2 under Group.
  5. Set all required VLAN, SPT and FW policies - this will override what is on the individual ports
  6. Hit Apply - you would likely have lost connectivity due to the switch not being configured.

Below are a few short examples of possible switch configurations you can consider

 

CISCO

interface Port-channel1
switchport
switchport access vlan 100
switchport mode access
no ip address
!
interface GigabitEthernet1/1
switchport
switchport access vlan 100
switchport mode access
no ip address
channel-group 1 mode on
!

VERIFY THAT IT WORKS

Switch# show etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-dst-ip
mpls label-ip
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source XOR Destination MAC address
IPv4: Source XOR Destination IP address
IPv6: Source XOR Destination IP address
MPLS: Label or IP

Switch# show etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
Number of channel-groups in use: 2
Number of aggregators: 2
Group Port-channel Protocol Ports
------+-------------+-----------+--------------------------
1 Po1(SU) - Gi1/15(P) Gi1/16(P)
2 Po2(SU) - Gi1/1(P) Gi1/2(P)

Switch# show etherchannel protocol
Channel-group listing:
-----------------------
Group: 1
----------
Protocol: - (Mode ON)
Group: 2
----------
Protocol: - (Mode ON)

 

HP

ProCurve# conf
ProCurve# trunk 10-13 Trk1 Trunk

VERIFY THAT IT WORKED

ProCurve# show trunk
Load Balancing
Port | Name Type | Group Type
---- + --------- + ----- -----
10 | 100/1000T | Trk1 Trunk
11 | 100/1000T | Trk1 Trunk
12 | 100/1000T | Trk1 Trunk
13 | 100/1000T | Trk1 Trunk

 

 ARISTA

Arista#
Arista#configure terminal
Arista(config)#interface port-Channel 50
Arista(config-if-Po50)#exit
Arista(config)#interface ethernet 50 - 51
Arista(config-if-Et50-51)#channel-group 50 mode active
Arista(config-if-Et50-51)#exit

VERIFY THAT IT WORKED

Arista#show port-channel detailed
Port Channel Port-Channel50:
Active Ports:
Port            Time became active      Protocol      Mode
--------------- ---------------------- -------------- ------
Ethernet50      16:46:00                LACP          Active
Ethernet51      16:46:00                LACP          Active

 

Occasional Contributor II

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Thanks for the post. 

 

Question about your Cisco config example -- should we not be using 'channel-group mode active' as this forces LACP unconditioanlly, whereas 'mode on' forced etherchannel (PAgP)? Is there a reason you are using 'mode on'? (I see that most other examples on the forum are using mode on as well, could you explain why?)

Guru Elite

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Active means that the interface initiates the LACP conversation

Passive means the interface listens, only responds to LACP messages.

 

On means bring up the port-channel unconditionally. (not best practice)

 

LACP will come up in the following combinations:

     Active/Active

     Active/Passive

     On/On


Cisco devices will default to PAgP when no protocol is specified AND it is connected to another Cisco device. If no channel protocol is defined, it will fall back to LACP for non-Cisco devices.

 

 

Here's a sample from Cisco - Cisco (distribution to core) and Cisco - Aruba (distribution to edge)

 

Notice that no channel protocol is explicitly configured

lacp-pagp-cisco_core.png

 

 

 

show etherchannel protocol

 

lacp-pagp-cisco.png

 

 

lacp-pagp-cisco_swxports.png


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Question on your HP config. 

 

After running   trunk 10-13 Trk1 Trunk

 

Would it be necessary to run interface 10-13 lacp active to make it an "active" connection on the HP side?

 

Thanks!

Frequent Contributor I

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial


bbelew wrote:

Question on your HP config. 

 

After running   trunk 10-13 Trk1 Trunk

 

Would it be necessary to run interface 10-13 lacp active to make it an "active" connection on the HP side?

 

Thanks!


It isn't a must to run it unless you distinctly want to specify which ports are Active and which are Passive (if you have specified a passive port on the Controller then the switch trunk port must be Active) - this is Dynamic LACP

With "trunk 10-13 trk1 Trunk" it is considered Static LACP. 

Guru Elite

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Keep in mind that if a port-channel is "static", no dynamic protocols are being used.

 

Static (mode on)

LACP (dynamic, mode active/passive)

PAgP (dynamic, mode desirable, Cisco proprietary)


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor II

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Hi, 

 

something similar:

In this moment i have just one 10G port configured "like trunk" connected directly to one Extreme brand (like Core) Switch.

 

I want to do make something similar but not to the same switch so:

 

What about (remember: Just one controller) with 2 10G ports to 2 switches (Extreme Core Switches and by the way: I´m not the admin of that so...) that are "in Active-Paasive mode using VRRP (layer 3 i guesss) and EAPS (STP propietary for layer 2 i guess)" what configuration do i have to do in the switches (to tell to the extreme guys) and in "my" 7200 controller? 

 

My actual config:

!

interface gigabitethernet 0/0/2
description "GE0/0/2"
trusted
trusted vlan 1-4094
jumbo
switchport mode trunk
switchport trunk native vlan 5
switchport trunk allowed vlan 5,14,16,19,36-37,39,93,97,112,128,135-138,140-144,152,201,207-208,213,216,220-229,234,237-238,248,1038,1128,1192
!

interface gigabitethernet 0/0/3
description "GE0/0/3"
trusted
trusted vlan 1-4094
!

----------

 

My failed test:

!
interface gigabitethernet 0/0/2
description "GE0/0/2"
trusted
trusted vlan 1-4094
switchport mode trunk
switchport trunk native vlan 5
switchport trunk allowed vlan 5,14,16,19,36,37,39,93,97,128,136,144,152,201,207,208,213,216,224,225,226,227,228,229,234,237,238,248,1038,1128,1192
!
interface gigabitethernet 0/0/3
description "GE0/0/3"
trusted
trusted vlan 1-4094
switchport mode trunk
switchport trunk native vlan 5
switchport trunk allowed vlan 5,14,16,19,36,37,39,93,97,128,136,144,152,201,207,208,213,216,224,225,226,227,228,229,234,237,238,248,1038,1128,1192
!
interface port-channel 1
trusted
trusted vlan 1-4094
switchport mode trunk
switchport trunk allowed vlan 5,14,16,19,36,37,39,93,97,128,136,144,152,201,207,208,213,216,224,225,226,227,228,229,234,237,238,248,1038,1128,1192
!
interface gigabitethernet 0/0/2
description "LACP for 0/0/2 and 0/0/3"
lacp timeout short
lacp group 1 mode active
!
interface gigabitethernet 0/0/3
description "LACP for 0/0/2 and 0/0/3"
lacp timeout short
lacp group 1 mode active
!

 

 

Best regards.

 

MVP

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

I'd say that your failed test configuration in the aruba controller side is correct.

 

Are you running MLAG and the corresponding ISC link between the Extreme routers? 

Are you running MLAG and EAPS in the Extreme routers? If so the ISC link can not be on an EAPS blocked port which means that neither switch in the MLAG can be a master with that link as secondary port. I think it won't allow you anyways but worthy double checking it.

 

Also if you run lacp timeout short, you should configure the same way on the Extreme routers.

 

Hope it helps.

Borja

 

Regards,
Borja
ACMX #567 //ACCP//CWNA//CWAP
MVP

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Actually double checking your config you are missing your native vlan on the port channel.

 

switchport trunk native vlan 5

Regards,
Borja
ACMX #567 //ACCP//CWNA//CWAP
Frequent Contributor II

Re: Link Aggregation (LACP) on Aruba Controller Jan06-Tutorial

Hi,

 

First: Thank you by the fast response.

 

As I´m not the LAN Extreme Switched Network Manager where "my" Aruba Controller (i´m the admin) is connected so I don´t know the config about nothing... but i will ask... what lines of config do i have to ask for?

 

Now, please check the new try config (Native VLAN in the Trunk of the port-channel interface) that i will apply:

 


!
interface gigabitethernet 0/0/2
description "GE0/0/2"
trusted
trusted vlan 1-4094
switchport mode trunk
switchport trunk native vlan 5
switchport trunk allowed vlan 5,14,16,19,36,37,39,93,97,128,136,144,152,201,207,208,213,216,224,225,226,227,228,229,234,237,238,248,1038,1128,1192
!
interface gigabitethernet 0/0/3
description "GE0/0/3"
trusted
trusted vlan 1-4094
switchport mode trunk
switchport trunk native vlan 5
switchport trunk allowed vlan 5,14,16,19,36,37,39,93,97,128,136,144,152,201,207,208,213,216,224,225,226,227,228,229,234,237,238,248,1038,1128,1192
!
interface port-channel 1
trusted
trusted vlan 1-4094
switchport mode trunk
switchport trunk native vlan 5
switchport trunk allowed vlan 5,14,16,19,36,37,39,93,97,128,136,144,152,201,207,208,213,216,224,225,226,227,228,229,234,237,238,248,1038,1128,1192
!
interface gigabitethernet 0/0/2
description "LACP for 0/0/2 and 0/0/3"
lacp timeout short
lacp group 1 mode active
!
interface gigabitethernet 0/0/3
description "LACP for 0/0/2 and 0/0/3"
lacp timeout short
lacp group 1 mode active
!

 

Could you tell me the rigth config on the Extreme Switches (like you did it in the Cisco, HP and Arista early) to verify vs the own config please?

 

Best Regards.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: