Wired Intelligent Edge

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

Do you by chance have the aggregated device count set to 3? 

Example for reference.

}
chassis {
    redundancy {
        graceful-switchover;
    }
    aggregated-devices {
        ethernet {
            device-count 2;
        }
    }
}

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

Doesn't that parameter (device-count) on the chassis section (set aggregated-devices ethernet device-count 2) define the "number of LAGs to be created on the chassis" and not the number of physical member interfaces belonging to the specific LAG ae10?

Do you by chance have the aggregated device count set to 3? 

Example for reference.

}
chassis {
    redundancy {
        graceful-switchover;
    }
    aggregated-devices {
        ethernet {
            device-count 2;
        }
    }
}

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

This  is my log from 3810m:

show logging -r
I 02/16/23  14:13:03 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:13:03 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:13:00 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:12:49 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  14:05:05 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:05:05 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:05:02 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:04:50 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  13:55:42 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  13:55:42 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  13:55:38 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP

show lacp
1/A1  Active  Trk1   Up  Yes  Success  0  978
1/A2  Active  Trk1   Up  Yes  Success  0  978
2/A1  Active  Trk1   Up  Yes  Success  0  978
2/A2  Active  Trk1   Up  Yes  Success  0  978

show trunk
1/A1  | Ex4600   SFP+LR  | Trk1  LACP
1/A2  | Ex4600   SFP+LR  | Trk1  LACP
2/A1  | Ex4600   SFP+LR  | Trk1  LACP
2/A2  | Ex4600   SFP+LR  | Trk1  LACP 

Doesn't that parameter (device-count) on the chassis section (set aggregated-devices ethernet device-count 2) define the "number of LAGs to be created on the chassis" and not the number of physical member interfaces belonging to the specific LAG ae10?

Do you by chance have the aggregated device count set to 3? 

Example for reference.

}
chassis {
    redundancy {
        graceful-switchover;
    }
    aggregated-devices {
        ethernet {
            device-count 2;
        }
    }
}

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

Hi

did you check interface statistics ("show interface <port>") for any errors or discards? 

What happened between 14:05:05 and 14:12:49 as well as between 13:55:42 and 14:04:50? Did you disconnect anything or change any configuration? Or was this out of nothing and may be a root cause of your problem?

Another one: Does is make a difference which of the 4 links you disconnect in order to have a stable connection? Can you disable ANY of the 4 or do you have to disconnect a specific one?

LACP seems to have established a good partnership with the other side, however, could you please also get the output of the following commands:

• show lacp local
• show lacp peer

Did you check interface and LACP status on the Juniper side as well? Does it show any strange behavior?

Regards, 

Thomas

This  is my log from 3810m:

show logging -r
I 02/16/23  14:13:03 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:13:03 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:13:00 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:12:49 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  14:05:05 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:05:05 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:05:02 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:04:50 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  13:55:42 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  13:55:42 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  13:55:38 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP

show lacp
1/A1  Active  Trk1   Up  Yes  Success  0  978
1/A2  Active  Trk1   Up  Yes  Success  0  978
2/A1  Active  Trk1   Up  Yes  Success  0  978
2/A2  Active  Trk1   Up  Yes  Success  0  978

show trunk
1/A1  | Ex4600   SFP+LR  | Trk1  LACP
1/A2  | Ex4600   SFP+LR  | Trk1  LACP
2/A1  | Ex4600   SFP+LR  | Trk1  LACP
2/A2  | Ex4600   SFP+LR  | Trk1  LACP 

Doesn't that parameter (device-count) on the chassis section (set aggregated-devices ethernet device-count 2) define the "number of LAGs to be created on the chassis" and not the number of physical member interfaces belonging to the specific LAG ae10?

Do you by chance have the aggregated device count set to 3? 

Example for reference.

}
chassis {
    redundancy {
        graceful-switchover;
    }
    aggregated-devices {
        ethernet {
            device-count 2;
        }
    }
}

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

show lacp local
1/A1  Trk1  Active  Yes  Slow  No  b8s4**-******
1/A2  Trk1  Active  Yes  Slow  No  b8s4**-******
2/A1  Trk1  Active  Yes  Slow  No  b8s4**-******
2/A2  Trk1  Active  Yes  Slow  No  b8s4**-******

show lacp peer
1/A1  Trk1  e4fc**-******  69  127  0  17  Passive  Slow
1/A2  Trk1  e4fc**-******  81  127  0  17  Passive  Slow
2/A1  Trk1  e4fc**-******  68  127  0  17  Passive  Slow
2/A2  Trk1  e4fc**-******  80  127  0  17  Passive  Slow

The problem with LACP is on the Juniper EX4600 side. For now, Juniper support is trying to fix the problem.

Hi

did you check interface statistics ("show interface <port>") for any errors or discards? 

What happened between 14:05:05 and 14:12:49 as well as between 13:55:42 and 14:04:50? Did you disconnect anything or change any configuration? Or was this out of nothing and may be a root cause of your problem?

Another one: Does is make a difference which of the 4 links you disconnect in order to have a stable connection? Can you disable ANY of the 4 or do you have to disconnect a specific one?

LACP seems to have established a good partnership with the other side, however, could you please also get the output of the following commands:

• show lacp local
• show lacp peer

Did you check interface and LACP status on the Juniper side as well? Does it show any strange behavior?

Regards, 

Thomas

This  is my log from 3810m:

show logging -r
I 02/16/23  14:13:03 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:13:03 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:13:00 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:12:49 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  14:05:05 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:05:05 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:05:02 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:04:50 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  13:55:42 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  13:55:42 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  13:55:38 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP

show lacp
1/A1  Active  Trk1   Up  Yes  Success  0  978
1/A2  Active  Trk1   Up  Yes  Success  0  978
2/A1  Active  Trk1   Up  Yes  Success  0  978
2/A2  Active  Trk1   Up  Yes  Success  0  978

show trunk
1/A1  | Ex4600   SFP+LR  | Trk1  LACP
1/A2  | Ex4600   SFP+LR  | Trk1  LACP
2/A1  | Ex4600   SFP+LR  | Trk1  LACP
2/A2  | Ex4600   SFP+LR  | Trk1  LACP 

Doesn't that parameter (device-count) on the chassis section (set aggregated-devices ethernet device-count 2) define the "number of LAGs to be created on the chassis" and not the number of physical member interfaces belonging to the specific LAG ae10?

Do you by chance have the aggregated device count set to 3? 

Example for reference.

}
chassis {
    redundancy {
        graceful-switchover;
    }
    aggregated-devices {
        ethernet {
            device-count 2;
        }
    }
}

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/

Why is LACP at the Juniper side configured as passive?
Could you try 

set ae10 aggregated-ether-options lacp active

Like pernassus was mentioning, please raise the number of supported AE's at the juniper side.

For example

set aggregated-devices ethernet device-count 5 

show lacp local
1/A1  Trk1  Active  Yes  Slow  No  b8s4**-******
1/A2  Trk1  Active  Yes  Slow  No  b8s4**-******
2/A1  Trk1  Active  Yes  Slow  No  b8s4**-******
2/A2  Trk1  Active  Yes  Slow  No  b8s4**-******

show lacp peer
1/A1  Trk1  e4fc**-******  69  127  0  17  Passive  Slow
1/A2  Trk1  e4fc**-******  81  127  0  17  Passive  Slow
2/A1  Trk1  e4fc**-******  68  127  0  17  Passive  Slow
2/A2  Trk1  e4fc**-******  80  127  0  17  Passive  Slow

The problem with LACP is on the Juniper EX4600 side. For now, Juniper support is trying to fix the problem.

Hi

did you check interface statistics ("show interface <port>") for any errors or discards? 

What happened between 14:05:05 and 14:12:49 as well as between 13:55:42 and 14:04:50? Did you disconnect anything or change any configuration? Or was this out of nothing and may be a root cause of your problem?

Another one: Does is make a difference which of the 4 links you disconnect in order to have a stable connection? Can you disable ANY of the 4 or do you have to disconnect a specific one?

LACP seems to have established a good partnership with the other side, however, could you please also get the output of the following commands:

• show lacp local
• show lacp peer

Did you check interface and LACP status on the Juniper side as well? Does it show any strange behavior?

Regards, 

Thomas

This  is my log from 3810m:

show logging -r
I 02/16/23  14:13:03 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:13:03 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:13:00 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:12:49 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  14:05:05 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  14:05:05 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  14:05:02 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP
I 02/16/23  14:04:50 00077 ports: ST1-CMDR: port 1/A2 in Trk1 is now off-line
I 02/16/23  13:55:42 00076 ports: ST1-CMDR: port 1/A2 in Trk1 is now on-line
I 02/16/23  13:55:42 00435 ports: ST1-CMDR: port 1/A2 is Blocked by STP
I 02/16/23  13:55:38 00435 ports: ST1-CMDR: port 1/A2 is Blocked by LACP

show lacp
1/A1  Active  Trk1   Up  Yes  Success  0  978
1/A2  Active  Trk1   Up  Yes  Success  0  978
2/A1  Active  Trk1   Up  Yes  Success  0  978
2/A2  Active  Trk1   Up  Yes  Success  0  978

show trunk
1/A1  | Ex4600   SFP+LR  | Trk1  LACP
1/A2  | Ex4600   SFP+LR  | Trk1  LACP
2/A1  | Ex4600   SFP+LR  | Trk1  LACP
2/A2  | Ex4600   SFP+LR  | Trk1  LACP 

Doesn't that parameter (device-count) on the chassis section (set aggregated-devices ethernet device-count 2) define the "number of LAGs to be created on the chassis" and not the number of physical member interfaces belonging to the specific LAG ae10?

Do you by chance have the aggregated device count set to 3? 

Example for reference.

}
chassis {
    redundancy {
        graceful-switchover;
    }
    aggregated-devices {
        ethernet {
            device-count 2;
        }
    }
}

Last week I setup a LACP connection between an Aruba 3810m and a Juniper EX4600. This LACP was made up of four optical fibers.

This is my configuration on Aruba 3810m:

trunk 1/A1-1/A2,2/A1-2/A2 trk1  lacp
interface 1/A1
     name "1 - LACP to EX4600"
     exit
interface 1/A2
     name "2 - LACP to EX4600"
     exit
interface 2/A1
     name "3 - LACP to EX4600"
     exit
interface 2/A2
     name "4 - LACP to EX4600"
     exit
interface Trk1
     tagged vlan 10,15,100,200
     untagged vlan 1
     spanning-tree priority 4
     exit

This is my configuration on Juniper EX4600:

interface {
     xe-2/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-3/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-4/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }
     xe-5/0/14 {
          description "ae10 LACP to 3810m"
          ether-options {
               802.3ad ae10;
          }
     }

     ae10 {
          description "LACP to 3810m"
          aggregated-ether-options {
               lacp {
                    passive;
                    periodic fast;
               }
          }
          unit 0 {
               family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                         members [ v0010 v0015 v0100 v0200 ];
                    }
               }
          }
     }

}

When I connect three links out of four - LACP woks fine. But when I connect all links, it's LACP not working properly.

I observe symptoms of not working properly such as: host unreachable, packet loss and inability to connect some access devices (PC, CCTV, etc.).  Additionally, only part of the AP loses connection with the Aruba 7210 controller.

As I wrote earlier, if I disable just one connection out of four it all starts working fine.

4x10G (UP) -> connection not working properly
3x10G (UP) + 1x10G (DOWN) -> connection working fine
2x10G (UP) + 2x10G (DOWN) -> connection working fine
1x10G (UP) + 3x10G (DOWN) -> connection working fine

Image Version:
Aruba 3810m: KB.16.09.0022
Juniper EX4600: JunOS 19.4R2.6

My topology:
access switches 2930f --> 3810m --> EX4600 --> Router  --> ISP

AP -> access switch 2930f ---------------\
IP Phone -> access switch 2930f -------+------> 3810m ------> EX4600 <----- Aruba 7210
PC etc. -> access switch 2930f ---------/