Hi Cody,
Sorry for the late response.
you are correct it is a two-step approach. First, you need to enable LACP for the AP. This will only create an LACP kink-aggregation between the switch and the AP for backup and PoE redundancy.
The second step is to load-balance the traffic. The load-balance algorithm on the switch needs to be l3 based. L4 does not make any sense, as all traffic is GRE (at least most of the traffic). If going with L3 based, the IP address is the important part to get the traffic load balanced.
As you are running a cluster, the AP will choose one interface per cluster member as the uplink. So if the users are shared among the cluster members, your uplink traffic will be distributed among the physical uplinks as well.
traffic from the switch to the AP will be balanced based on IP of the controller. Depending on the IP assignment the traffic will be distributed among the two uplinks or not.
For the AP you can check if the uplinks are both used by using this command on the controller:
(Cluster-Member-1) #show ap debug lacp ap-name ap515 verbose
AP LACP GRE Striping IP: 0.0.0.0
AP LACP Status
--------------
Link Status LACP Rate Num Ports Actor Key Partner Key Partner MAC
----------- --------- --------- --------- ----------- -----------
Up slow 2 9 2 5c:8a:38:95:80:17
Slave Interface Status
----------------------
Slave I/f Name Permanent MAC Addr Link Status Member of LAG Link Fail Count
-------------- ------------------ ----------- ------------- ---------------
eth0 90:4c:81:cf:3c:22 Up Yes 0
eth1 90:4c:81:cf:3c:23 Up Yes 1
GRE Traffic Received on Enet Ports
----------------------------------
Zone Index Controller IP Enet 0 Rx Count Enet 1 Rx Count
---- ----- ------------- --------------- ---------------
0 0 10.201.201.11 0 88209
0 1 10.201.201.12 172112 92439
GRE Traffic Sent on Enet Ports
------------------------------
Zone Index Controller IP Enet 0 Tx Count Enet 1 Tx Count
---- ----- ------------- --------------- ---------------
0 0 10.201.201.11 9114 0
0 1 10.201.201.12 0 242736
Link Aggregation UACs outgoing interface
---------------------------------
zone=0 idx=0 IPv4=10.201.201.11 odev=eth0
zone=0 idx=1 IPv4=10.201.201.12 odev=eth1
---------------------------------
eth0 UACs 1
eth1 UACs 1
The last entries show the distribution of UAC's (User Anchor Controller) among the two uplinks.
Hope this helps.
BR
Florian
------------------------------
-------------------------------------------------------------------------------
Florian Baaske
-------------------------------------------------------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
-------------------------------------------------------------------------------
Also visit the AirHeads Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ-------------------------------------------------------------------------------
Feel free to visit my personal Blog
https://www.flomain.de------------------------------
Original Message:
Sent: May 12, 2021 01:51 PM
From: Cody Ensanian
Subject: AP 225 port-channel
After some more research I think I was confusing two separate notions. You can 1) join the AP's two switchport interfaces to a port-channel and use LACP to create some redundancy/failover/increase POE/etc between the switch and the AP; and separately you can also 2) enable lacp gre striping on the controllers to help split up the 2.4ghz and 5ghz radio client traffic (this requires another IP on the controllers).
I'm not sure the later is necessary with two clustered controllers (really seeing any benefit I mean)? Aren't they already doing client load balancing between the controllers in the cluster (without having to enable gre-striping)?
Another question related to setting up LACP on the switch-to-AP uplinks... since client traffic is tunneled back to my controllers, the traffic source IP is always my AP, and the destination IP is either one of my two controllers (right? since the clients are load balanced - and they may send traffic to either controller)... so, having set my load-balance algorithm on my cisco switch to "src-dst-ip" is that enough to potentially help 'split and load balance' traffic between the two member interfaces of the port channel? Or is all of the traffic coming from the AP still only going to go out one of the member interfaces? (which wont help boost bandwidth, and only helps the AP gain a backup uplink if one interface should fail) Hope that makes sense what I am asking.
------------------------------
Cody Ensanian
Original Message:
Sent: May 10, 2021 03:47 PM
From: Cody Ensanian
Subject: AP 225 port-channel
Florian,
Trying to follow your blog post and understand everything needed to set up LACP on APs. We are running aos 8.7 with two 7240 controllers (MDs) clustered together (along with clustered virtual MMs).
1. Since I am running a cluster of two MDs, I do not need to enable "AP LACP Striping IP" ? (as show below which is currently not enabled)
2. If the above is true, is all that I need to do is on my cisco uplink switch, is join the two switch ports to a port channel?
------------------------------
Cody Ensanian
Original Message:
Sent: Apr 28, 2021 12:09 AM
From: Florian Baaske
Subject: AP 225 port-channel
Hi ioanf,
I did a blog post about this here:
https://www.flomain.de/2019/07/lacp-for-aps-with-two-ethernet-ports/
For a cluster, this is quite easy to implement. The AP will do LACP by default, if the switch is sending LACP BPDU's. The only thing to consider is, that you should use L3 loadbalance for this link aggregation on the switch, as L2 might not work well due to the communication partners of the AP (only the gateway in the VLAN from a l2 point of view, but the different IP's of the cluster members from a L3 point of view)
Hope this helps.
BR
Florian
------------------------------
-------------------------------------------------------------------------------
Florian Baaske
-------------------------------------------------------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
-------------------------------------------------------------------------------
Also visit the AirHeads Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ
-------------------------------------------------------------------------------
Feel free to visit my personal Blog
https://www.flomain.de
Original Message:
Sent: Apr 27, 2021 02:53 AM
From: ioan fitigau
Subject: AP 225 port-channel
Hi, we have a cluster configured with 2 controllers. I want to test the benefit of a port channel configured for one AP 225 model. we are running AOS version 8.5.0.10. The test AP is connected to a Cisco switch.
Apart from configuring the po on the cisco switch, is there anything to be configured on the controllers ?
thank you!
------------------------------
ioanf
------------------------------