04-27-2012 09:29 AM
Reading the documentation and forum posts, it doesn't appear that the PA is using LACP, therefore, it's not using one of the 3 common LACP load balancing algorithms.
Could someone describe how it's making the decision to send traffic down a particular link? Also, am I able to modify the behavior? (it doesn't seem like I can through the web interface).
Thanks!
04-28-2012 08:32 AM
Hi..You are correct and we don't support LACP at this time. We only support static link aggregation. To connect to other networking devices, simply set LAG to be static. Thanks.
04-28-2012 08:32 AM
Hi..You are correct and we don't support LACP at this time. We only support static link aggregation. To connect to other networking devices, simply set LAG to be static. Thanks.
04-29-2012 05:22 PM
So as of today PAN only use srcmac+dstmac as transmit hash?
Which gives that if you setup PA <- 2 cables -> switch <-> server only one of the cables will be used for traffic from PA to the server?
Would be great if this can be tweakable in future updates to at least involve a transmit hash such as srcip+srcport+dstip+dstport for added utilization of the available links in the aggregated group.
04-30-2012 07:58 AM
Do you have an ETA on when LACP or L4 hashing will be implemented? I've had several clients bring up the issue.
05-01-2012 09:51 AM
Please check with your local Palo Alto SE for update on upcoming features. Thanks.
03-01-2013 09:14 AM
Is there more information on this? Suppose I have 4 ethernet interfaces in an aggregate group, when a frame hits the aggregate group software, how does the Palo choose which of the 4 interfaces the frame goes out of and what algorithm does it use. If it's static, does that mean it goes out all interfaces as a pseudo broadcast?
03-01-2013 09:20 AM
We use the session ID to select the port, and a simple IP modulo to load balance (so even session IDs to one port and odd to another if the LAG has 2 ports). The last 3 bits of session id is used to distribute the flows into the outbound port. i.e with 3 bits we could identify 8 unique ports(max ports we support in ae bundle).
03-01-2013 09:44 AM
If you have an 8 port LAG the sessions still go out 1 and 2 for odd and even? Or do they go in a round-robin fashion where the first odd session goes out port 1 and the next out port 3 and so on? After the session has established it's physical port it is then load-balanced by the last three bits based off IP modulo source IP?
03-10-2022 04:54 AM
Just putting it out there that LACP has been supported for a while now:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClG8CAK
Cheers,
-Kiwi.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
