Error Message for AE1 Aggregate Group

L3 Networker

Error Message for AE1 Aggregate Group

Hello,

 

We are getting below messages on and off for our HA pair.

eth 1/5 and 1/6 are part of the ae1 aggregate group

 

nego-fail,ethernet1/6,0,0,general,critical,"LACP interface ethernet1/6 moved out of AE-group ae1. Selection state Selected",450025,0x0,0,0,0,0,,FW-1
lacp-up,ethernet1/6,0,0,general,critical,"LACP interface ethernet1/6 moved into AE-group ae1.",450026,0x0,0,0,0,0,,FW-1
nego-fail,ethernet1/5,0,0,general,critical,"LACP interface ethernet1/5 moved out of AE-group ae1. Selection state Selected",161108,0x0,0,0,0,0,,FW-2
lacp-up,ethernet1/5,0,0,general,critical,"LACP interface ethernet1/5 moved into AE-group ae1.",161109,0x0,0,0,0,0,,FW-2

 

What exactly needs to be checked?

L7 Applicator

Re: Error Message for AE1 Aggregate Group

@FarzanaMustafa,

You need to look at the switch configuration and determine why LACP is failing to negotiate correctly. As it appears you are getting errors across both links the switch LACP configuration is likely either severly wrong or the uplinks were never actually configured to utilize LACP on the switch side of things. 

L4 Transporter

Re: Error Message for AE1 Aggregate Group

Was it working?

Has somone changed something?

 

Rob

L1 Bithead

Re: Error Message for AE1 Aggregate Group

I think the switch is missing LACP mode
L3 Networker

Re: Error Message for AE1 Aggregate Group

 
The Dell switch ports are configured as below
Are they not configured correctly?
 
interface GigabitEthernet 1/21
 description member port-channel 21
 no ip address
!
 port-channel-protocol LACP
  port-channel 21 mode active
 no shutdown
!
interface GigabitEthernet 1/22
 description member port-channel 22
 no ip address
!
 port-channel-protocol LACP
  port-channel 22 mode active
 no shutdown
 
interface Port-channel 21
 description Port-Channel to fw-1 lan ae2
 no ip address
 switchport
 vlt-peer-lag port-channel 21
 no shutdown
!
interface Port-channel 22
 description Port-Channel to fw-2 lan ae2
 no ip address
 switchport
 vlt-peer-lag port-channel 22
 no shutdown
L7 Applicator

Re: Error Message for AE1 Aggregate Group

@FarzanaMustafa,

Are you running both of these interfaces into the same AE group on the firewall, or is fw-1 and fw-2 utilizing port-channel 21 and port-channel 22 respectivly? From the configuration that you've shared it looks like you are only utilizing a sole interface to each firewall, at that point why are you using an AE at all? The configuration for the port-channel looks perfectly fine from the switch perspective, you could verify the LACP status by doing 'show lacp 21' and 'show lacp 22' to see why your members are dropping out, it should also be showing something within logging. 

L4 Transporter

Re: Error Message for AE1 Aggregate Group

Yeah, are both ports on the switch connected to the AE1 on the firewall.

 

If so port Group 22 should not be used, both swithc ports in same group.

 

 

interface GigabitEthernet 1/21
 description member port-channel 21
 no ip address
!
 port-channel-protocol LACP
  port-channel 21 mode active
 no shutdown
!
interface GigabitEthernet 1/22
 description member port-channel 21
 no ip address

 

interface Port-channel 21
 description Port-Channel to fw-1 lan ae2
 no ip address
 switchport
 vlt-peer-lag port-channel 21
 no shutdown

 

L4 Transporter

Re: Error Message for AE1 Aggregate Group

Get that stable on the 1st of the HA pair.

 

Then create the second port group, and associated interfaces for the second firewall.

 

 

Rob

L4 Transporter

Re: Error Message for AE1 Aggregate Group

Also, from the logs..

 

Are you running ACTIVE-ACTIVE? It's not the "recomended" configuration.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!