LAG Groups

Some collection of LAG configurations and status commands seen over time.

1. Linux
   1. Manually Configuration
   2. Status
2. FreeBSD
   1. Config
   2. Example
   3. Status
   4. Permanent
3. Checkpoint
   1. Config
   2. Status – Clish
   3. Status – Expert Mode
4. Fortigate
   1. Config
   2. Status
5. Cisco – Catalysts
   1. Config
   2. Status
6. Links

Linux

Manually Configuration

 modprobe bonding mode=802.3ad
 ifconfig bond1 192.168.1.1 netmask 255.255.255.0 up
 ifenslave bond1 eth0
 ifenslave bond1 eth1

The Permanent way depends on the distribution.

Status

cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer3+4 (1)
Use RxHash: 0
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 200
Down Delay (ms): 200

802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
System priority: 65535
System MAC address: <redacted>
Active Aggregator Info:
Aggregator ID: 1
    Number of ports: 2
    Actor Key: 15
    Partner Key: 26
    Partner Mac Address: <redacted>

Slave Interface: eth0
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: <redacted>
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 0
details actor lacp pdu:
    system priority: 65535
    system mac address: <redacted>
    port key: 15
    port priority: 255
    port number: 1
    port state: 61
details partner lacp pdu:
    system priority: 32768
    system mac address: <redacted>
    oper key: 26
    port priority: 32768
    port number: 271
    port state: 61

Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: <redacted>
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 0
details actor lacp pdu:
    system priority: 65535
    system mac address: <redacted>
    port key: 15
    port priority: 255
    port number: 2
    port state: 61
details partner lacp pdu:
    system priority: 32768
    system mac address: <redacted>
    oper key: 26
    port priority: 32768
    port number: 270
    port state: 61

FreeBSD

Config

Load the Module at startup

echo 'if_lagg_load="YES"' >> /boot/loader.conf

In the current session

# kldload if_lagg
# kldstat

Create the lagg interface

# ifconfig laggN create
# ifconfig lagg0 create

Example

Members

# ifconfig em0 up
# ifconfig em1 up

Create a lagg interface called lagg0, enter:
# ifconfig lagg0 create

Finally, assign an IP address to lagg0:

# ifconfig lagg0 laggproto lacp laggport em0 laggport em1 10.24.116.2 netmask 255.255.255.192

Status

You can see the status with ifconfig lagg0

    laggproto lacp lagghash l2,l3,l4
    laggport: em0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
    laggport: em1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>

Permanent

# vi /etc/rc.conf

ifconfig_em0="up"
ifconfig_em1="up"
cloned_interfaces="lagg0"
ifconfig_lagg0="laggproto failover laggport em0 laggport em1"
ipv4_addrs_lagg0="10.24.116.2/32"
defaultrouter="10.24.116.100"

Checkpoint

Config

add bonding group 1
add bonding group 1 interface eth1-01
add bonding group 1 interface eth2-01
set bonding group 1 mode 8023AD
set bonding group 1 lacp-rate slow
set bonding group 1 min-links 0
set bonding group 1 mii-interval 100
set bonding group 1 down-delay 200
set bonding group 1 up-delay 200
set bonding group 1 xmit-hash-policy layer3+4

Status – Clish

show bonding group 1
Bond Configuration
    xmit-hash-policy layer3+4
    down-delay 200
    primary Not configured
    lacp-rate slow
    mode 8023AD
    up-delay 200
    mii-interval 100
    min-links 0
    Bond Interfaces
        eth1-01
        eth2-01

Status – Expert Mode

This is basically the same as with Linux, Check Point gaia based on Linux

cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer3+4 (1)
Use RxHash: 0
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 200
Down Delay (ms): 200

802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
System priority: 65535
System MAC address: <redacted>
Active Aggregator Info:
        Aggregator ID: 1
        Number of ports: 2
        Actor Key: 15
        Partner Key: 26
        Partner Mac Address: <redacted>

Slave Interface: eth2-01
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: <redacted>
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 0
details actor lacp pdu:
    system priority: 65535
    system mac address: <redacted>
    port key: 15
    port priority: 255
    port number: 1
    port state: 61
details partner lacp pdu:
    system priority: 32768
    system mac address: <redacted>
    oper key: 26
    port priority: 32768
    port number: 271
    port state: 61

Slave Interface: eth1-01
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: <redacted>
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 0
details actor lacp pdu:
    system priority: 65535
    system mac address: <redacted>
    port key: 15
    port priority: 255
    port number: 2
    port state: 61
details partner lacp pdu:
    system priority: 32768
    system mac address: <redacted>
    oper key: 26
    port priority: 32768
    port number: 270
    port state: 61

Fortigate

Config

config system global
    config system interface 
        edit lagg0
            set vdom "root"
            set allowaccess ping
            set type aggregate
            set member "port1" "port2" 
            set lacp-mode active 
            set lacp-ha-slave enable  
            set lacp-speed slow       
            set algorithm L4          
        next
    end
end

config system global and set vdom "root" does only apply to systems with VDOMs enabled.

Status

diagnose netlink aggregate list
List of 802.3ad link aggregation interfaces:
1 name lagg0 status up algorithm L4 lacp-mode active

diag netlink aggregate name lagg0

Status should be ASAIEE for a port.

diagnose netlink aggregate name lagg0
LACP flags: (A|P)(S|F)(A|I)(I|O)(E|D)(E|D)
(A|P) - LACP mode is Active or Passive
(S|F) - LACP speed is Slow or Fast
(A|I) - Aggregatable or Individual
(I|O) - Port In sync or Out of sync
(E|D) - Frame collection is Enabled or Disabled
(E|D) - Frame distribution is Enabled or Disabled

status: up
npu: y
flush: n
asic helper: y
oid: 168
ports: 2
link-up-delay: 50ms
min-links: 1
ha: master
distribution algorithm: L4
LACP mode: active
LACP speed: slow
LACP HA: enable
aggregator ID: 1
actor key: 33
actor MAC address: <redacted>
partner key: 7
partner MAC address: <redacted>

slave: port1
  index: 0
  link status: up
  link failure count: 0
  permanent MAC addr: <redacted>
  LACP state: established
  actor state: ASAIEE
  actor port number/key/priority: 1 33 255
  partner state: ASAIEE
  partner port number/key/priority: 31 7 32768
  partner system: <redacted>
  aggregator ID: 1
  speed/duplex: 10000 1
  RX state: CURRENT 6
  MUX state: COLLECTING_DISTRIBUTING 4

slave: port2
  index: 1
  link status: up
  link failure count: 0
  permanent MAC addr: <redacted>
  LACP state: established
  actor state: ASAIEE
  actor port number/key/priority: 2 33 255
  partner state: ASAIEE
  partner port number/key/priority: 32 7 32768
  partner system: <redacted>
  aggregator ID: 1
  speed/duplex: 10000 1
  RX state: CURRENT 6
  MUX state: COLLECTING_DISTRIBUTING 4

Cisco – Catalysts

Config

interface Port-channel1
description LACP Bundle 1
switchport mode access
switchport access vlan 1
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/1
description LACP Bundle 1 – 1/2
switchport mode access
switchport access vlan 1
switchport nonegotiate
channel-group 1 mode active
spanning-tree portfast
!
interface GigabitEthernet2/0/1
description LACP Bundle 1 – 2/2
switchport mode access
switchport access vlan 1
switchport nonegotiate
channel-group 1 mode active
spanning-tree portfast

Status

show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port

        A - formed by Auto LAG


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         LACP        Gi1/0/1(P) Gi2/0/1(P)   

Additional info

As mentioned earlier (https://pp52.de/2024/03/05/source-port-selection-on-linux/) Aggregates come with some limitations that may impact performance.

You may want to have a look into RFC8900.

Links

• https://wiki.linuxfoundation.org/networking/bonding
• https://www.cyberciti.biz/faq/freebsd-network-link-aggregation-trunking/
• https://community.fortinet.com/t5/FortiGate/Technical-Tip-Initial-troubleshooting-steps-for-LACP-Link/ta-p/198339
• https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/Bond-Interfaces.htm
• https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/gigeth.html
• https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c03503743
• https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-implementations-12-1-0/25.html
• https://my.f5.com/manage/s/article/K1689
• https://datatracker.ietf.org/doc/html/rfc8900