Configuring LACP for Aggregated Ethernet Interfaces
For aggregated Ethernet interfaces, you can configure the Link Aggregation Control Protocol (LACP). LACP is one method of bundling several physical interfaces to form one logical interface. You can configure both VLAN-tagged and untagged aggregated Ethernet with or without LACP enabled.
Starting with Junos OS Release 14.1, you can configure aggregated Ethernet interfaces with LACP on logical systems within an MX Series router.
For Multichassis Link Aggregation (MC-LAG), you must specify the system-id and admin key. MC-LAG peers use the same system-id while sending the LACP messages. The system-id can be configured on the MC-LAG network device and synchronized between peers for validation.
LACP exchanges are made between actors and partners. An actor is the local interface in an LACP exchange. A partner is the remote interface in an LACP exchange.
LACP is defined in IEEE 802.3ad, Aggregation of Multiple Link Segments.
LACP was designed to achieve the following:
Automatic addition and deletion of individual links to the aggregate bundle without user intervention
Link monitoring to check whether both ends of the bundle are connected to the correct group
The Junos OS implementation of LACP provides link monitoring but not automatic addition and deletion of links.
The LACP mode can be active or passive. If the actor and partner are both in passive mode, they do not exchange LACP packets, which results in the aggregated Ethernet links not coming up. If either the actor or partner is active, they do exchange LACP packets. By default, LACP is turned off on aggregated Ethernet interfaces. If LACP is configured, it is in passive mode by default. To initiate transmission of LACP packets and response to LACP packets, you must configure LACP in active mode.
LACP can link together multiple different physical interfaces, but only features that are supported across all of the linked devices will be supported in the resulting link aggregation group (LAG) bundle. For example, different PICs can support a different number of forwarding classes. If you use link aggregation to link together the ports of a PIC that supports up to 16 forwarding classes with a PIC that supports up to 8 forwarding classes, the resulting LAG bundle will only support up to 8 forwarding classes. Similarly, linking together a PIC that supports WRED with a PIC that does not support it will result in a LAG bundle that does not support WRED.
To enable LACP active mode, include the lacp statement at the [edit interfaces interface-name aggregated-ether-options] hierarchy level, and specify the active option:
The LACP process exists in the system only if you configure the system in either active or passive LACP mode.
If you restart the Link Aggregation Control Protocol (LACP) process consecutively without adequate sleep or pause time between the successive restarts, the LACP links might flap. To avoid this problem, you must restart the LACP process only after the refresh time of the periodic packet management (PPM) process is completed.
To restore the default behavior, include the lacp statement at the [edit interfaces interface-name aggregated-ether-options] hierarchy level, and specify the passive option:
Starting with Junos OS Release 12.2, you can also configure LACP to override the IEEE 802.3ad standard and to allow the standby link always to receive traffic. Overriding the default behavior facilitates subsecond failover.
To override the IEEE 802.3ad standard and facilitate subsecond failover, include the fast-failover statement at the [edit interfaces interface-name aggregated-ether-options lacp] hierarchy level.
When you configure the accept-data statement at the [edit interfaces aeX aggregated-ether-options lacp] hierarchy level, the router processes packets received on a member link irrespective of the LACP state if the aggregated Ethernet bundle is up.
When you use the accept-data statement at the [edit interfaces aeX aggregated-ether-options lacp] hierarchy level, this behavior occurs:
By default, the accept-data statement is not configured when LACP is enabled.
You can configure the accept-data statement to improve convergence and reduce the number of dropped packets when member links in the bundle are enabled or disabled.
When LACP is down and a member link receives packets, the router does not process packets as defined in the IEEE 802.1ax standard. According to this standard, the packets should be dropped, but they are processed instead because the accept-data statement is configured.
For more information, see the following sections:
Configuring the LACP Interval
By default, the actor and partner send LACP packets every second. You can configure the interval at which the interfaces send LACP packets by including the periodic statement at the [edit interfaces interface-name aggregated-ether-options lacp] hierarchy level:
The interval can be fast (every second) or slow (every 30 seconds). You can configure different periodic rates on active and passive interfaces. When you configure the active and passive interfaces at different rates, the transmitter honors the receiver’s rate.
Starting with Junos OS Release 11.4, source address filtering does not work when LACP is enabled., This behavior is not applicable to T Series routers and PTX Series Packet Transport Routers. For more information about source address filtering, see Configuring MAC Address Filtering for Ethernet Interfaces.
Percentage policers are not supported on aggregated Ethernet interfaces with the CCC protocol family configured. For more information about percentage policers, see the Routing Policies, Firewall Filters, and Traffic Policers Feature Guide.
Generally, LACP is supported on all untagged aggregated Ethernet interfaces. For more information, see Configuring Untagged Aggregated Ethernet Interfaces.
For M Series Multiservice Edge Routers with enhanced Flexible PIC Concentrators (FPCs) and T Series routers, LACP over VLAN-tagged aggregated Ethernet interfaces is supported. For 8-port, 12-port, and 48-port Fast Ethernet PICs, LACP over VLAN-tagged interfaces is not supported.
LACP Fast Periodic, which is achieved by configuring fast (every second) intervals for periodic transmission of LACP packets, is supported with graceful Routing Engine switchover (GRES) on MX Series routers only.
Configuring LACP Link Protection
To force active and standby links within an aggregated Ethernet, you can configure LACP link protection and system priority at the aggregated Ethernet interface level using the link-protection and system-priority statements. Configuring values at this level results in only the configured interfaces using the defined configuration. LACP interface configuration also enables you to override global (chassis) LACP settings.
LACP link protection also uses port priority. You can configure port priority at the Ethernet interface [gigether-options] hierarchy level using the port-priority statement. If you choose not to configure port priority, LACP link protection uses the default value for port priority (127).
When using LACP link protection, you can configure only two member links to an aggregated Ethernet interface: one active and one standby.
LACP link protection supports per-unit scheduling configuration on aggregated Ethernet interfaces.
Enabling LACP Link Protection
To enable LACP link protection for an aggregated Ethernet interface, use the link-protection statement at the [edit interfaces aeX aggregated-ether-options lacp] hierarchy level:
By default, LACP link protection reverts to a higher-priority (lower-numbered) link when that higher-priority link becomes operational or a link is added to the aggregator that is determined to be higher in priority. However, you can suppress link calculation by adding the non-revertive statement to the LACP link protection configuration. In nonrevertive mode, once a link is active and collecting and distributing packets, the subsequent addition of a higher-priority (better) link does not result in a switch and the current link remains active.
If LACP link protection is configured to be nonrevertive at the global ([edit chassis] hierarchy) level, you can add the revertive statement to the LACP link protection configuration to override the nonrevertive setting for the interface. In revertive mode, the addition of a higher-priority link to the aggregator results in LACP performing a priority recalculation and switching from the current active link to the new active link.
If both ends of an aggregator have LACP link protection enabled, make sure to configure both ends of the aggregator to use the same mode. Mismatching LACP link protection modes can result in lost traffic.
We strongly recommend that you use LACP on both ends of the aggregator, when you connect an aggregated Ethernet interface with two member interfaces of MX Series routers to any other vendor device. Otherwise, the vendor device (say a Layer 2 switch, or a router) will not be able to manage the traffic coming from the two link aggregated Ethernet bundle. As a result, you might observe the vendor device sending back the traffic to the backup member link of the aggregated Ethernet interface.
Currently, MX-MPC2-3D, MX-MPC2-3D-Q, MX-MPC2-3D-EQ, MX-MPC1-3D, MX-MPC1-3D-Q, and MPC-3D-16XGE-SFPP do not drop traffic coming back to the backup link, whereas DPCE-R-Q-20GE-2XGE, DPCE-R-Q-20GE-SFP, DPCE-R-Q-40GE-SFP, DPCE-R-Q-4XGE-XFP, DPCE-X-Q-40GE-SFP, and DPCE-X-Q-4XGE-XFP drop traffic coming to the backup link.
Configuring LACP System Priority
To configure LACP system priority for aggregated Ethernet interfaces on the interface, use the system-priority statement at the [edit interfaces aeX aggregated-ether-options lacp] hierarchy level:
The system priority is a 2-octet binary value that is part of the LACP system ID. The LACP system ID consists of the system priority as the two most-significant octets and the interface MAC address as the six least-significant octets. The system with the numerically lower value for system priority has the higher priority. By default, system priority is 127, with a range of 0 to 65,535.
Configuring LACP System Identifier
To configure the LACP system identifier for aggregated Ethernet interfaces, use the system-id statement at the [edit interfaces aeX aggregated-ether-options lacp] hierarchy level:
Starting with Junos OS Release 13.3, youmust not configure the LACP system identifier by using the system-id system-id statement at the [edit interfaces aeX aggregated-ether-options lacp] hierarchy level to be all zeros (00:00:00:00:00:00). If you attempt to commit a configuration with the system identifier to be all zeros, an error occurs during the commit operation.
The user-defined system identifier in LACP enables two ports from two separate routers (M Series or MX Series routers) to act as though they were part of the same aggregate group.
The system identifier is a 48-bit (6-byte) globally unique field. It is used in combination with a 16-bit system-priority value, which results in a unique LACP system identifier.
Configuring LACP administrative Key
To configure an administrative key for LACP, include the admin-key number statement at the [edit interfaces aex aggregated-ether-options lacp] hierarchy level:
You must configure MC-LAG to configure the admin-key statement. For more information about MC-LAG, see Configuring Multichassis Link Aggregation on MX Series Routers.
Configuring LACP Port Priority
To configure LACP port priority for aggregated Ethernet interfaces, use the port-priority statement at the [edit interfaces interface-name gigether-options 802.3ad aeX lacp] or [edit interfaces interface-name fastether-options 802.3ad aeX lacp] hierarchy levels:
The port priority is a 2-octet field that is part of the LACP port ID. The LACP port ID consists of the port priority as the two most-significant octets and the port number as the two least-significant octets. The system with the numerically lower value for port priority has the higher priority. By default, port priority is 127, with a range of 0 to 65,535.
Port aggregation selection is made by each system based on the highest port priority and is assigned by the system with the highest priority. Ports are selected and assigned starting with the highest priority port of the highest priority system and working down in priority from there.
Starting with Junos OS Release 9.3, port aggregation selection (discussed previously) is performed for the active link when LACP link protection is enabled. Without LACP link protection, port priority is not used in port aggregation selection.
Configuring LACP Hold-Up Timer to Prevent Link Flapping on LAG Interfaces
On link aggregation group (LAG) interfaces, when a member (child) link goes down, its state changes from current to expired. This link might flap from the current state to the expired state and back to current state when it receives intermittent LACP protocol data units (PDUs) and keepalive timeouts. Such flapping can adversely affect the traffic on the link.
To prevent excessive flapping of a LAG child link, you can configure a hold-up timer on the LAG interface that is applicable to all member links on that particular interface. To hold up, in networking terms, means to prevent the transitioning of an interface from down to up for a specified time interval.
When configured, the hold-up timer is triggered when an LACP state machine tries to move to the current state from the expired or default state when it receives an LACP PDU. The hold-up timer is triggered only if the LACP state machine had acquired the current state at least once earlier. The timer is not triggered if LACP attempts to transition to the current state for the first time. LACP monitors the PDUs received on the child link but prevents the link from transitioning to current state. If no flapping is observed when the link receives the PDUs, the hold-up timer expiries and triggers the member link to transition back to the current state. This transition is triggered as soon as the hold-up timer expires and not necessarily when the link receives a PDU.
To configure LACP hold-up timer for LAG interface, use the hold-time up statement at the [edit interfaces aex aggregated-ether-options lacp] hierarchy level.
The hold-up timer keeps running even when the interface that receives the LACP PDU moves to the port disable state. The timer is then restarted if, before the timer expires, the interface comes up again and receives an LACP PDU from its neighbor. This ensures that the timer is maintained even during a quick physical port flap.
When the following events occur, a hold-up timer is not triggered until the member link acquires the current state after the event:
LACP daemon restart
Deactivation and reactivation of child or aggregated Ethernet interface
Deletion and reconfiguration of child or aggregated Ethernet interface
Routing Engine switchover
Tracing LACP Operations
To trace the operations of the LACP process, include the traceoptions statement at the [edit protocols lacp] hierarchy level:
Sample Configuration for Configuring Aggregated Ethernet LACP on Tagged and Untagged Interfaces
Following configurations are examples of configuring aggregated Ethernet LACP on VLAN-tagged and untagged interfaces:
LACP with VLAN-Tagged Aggregated Ethernet
LACP with Untagged Aggregated Ethernet