How to use Aggregate interfaces LACP?

Reply
jeremylo
L2 Linker

How to use Aggregate interfaces LACP?

Testing a PA-220. Create an Aggregate group with 2 interfaces.

Both interfaces connect to an unmanaged D-Link switch. And it connected to the company network.

The aggregate interface can up when LACP is not enable.

After enable LACP. It down and hover the mouse on it show below info:

 

ethernet1/2: not active (negotiation failed)

ethernet1/1: not active (peer not detected)

 

Is there any prerequisite to use LACP?


Accepted Solutions
BPry
Cyber Elite

@jeremylo,

As @JoeAndreini already stated any unmanaged switch isn't going to work with LACP.

LACP (Link Aggregation Control Protocol) only has a few real advantages, but they are actually pretty important in most enviroments over a standard LAG configuration. 

- The failover will always occur automatically: When a link fails, even if a MC is between the devices, the peer will remove a link from the aggregate group because it fails to negotiate with the LACP peer. Major advantage depending on how your network is setup. 

- Since this is a control protocol that negotiates the connection, the device can confirm that the other end can handle link aggregation before bringing up the interfaces. This helps prevent miscabling causing a loop or similar issues. 

 

 

View solution in original post


All Replies
JoeAndreini
L4 Transporter

Your switch must support it and be configured as such.

 

An unmanaged switch would not have that capability.

BPry
Cyber Elite

@jeremylo,

As @JoeAndreini already stated any unmanaged switch isn't going to work with LACP.

LACP (Link Aggregation Control Protocol) only has a few real advantages, but they are actually pretty important in most enviroments over a standard LAG configuration. 

- The failover will always occur automatically: When a link fails, even if a MC is between the devices, the peer will remove a link from the aggregate group because it fails to negotiate with the LACP peer. Major advantage depending on how your network is setup. 

- Since this is a control protocol that negotiates the connection, the device can confirm that the other end can handle link aggregation before bringing up the interfaces. This helps prevent miscabling causing a loop or similar issues. 

 

 

View solution in original post

jeremylo
L2 Linker

Thanks BPry and JoeAndreini.

In my production environment. The PA device will place between 2 x Juniper SSG140 (formed in HA) and 1 x Cisco 2960 switch like below:

 

internal <--> 2960 <--> PA <--> 2xSSG140(HA) <--> internet

 

My plan is

1. Aggregate interfaces connect to 2 ports in 2960.

2. Aggregate interfaces with eth1/1 connect to 1st SSG140. eth1/2 connect to 2nd SSG140.

 

Do you think LACP is going to work with those network device? 

JoeAndreini
L4 Transporter

your "external" aggregate interface will not work as you expect, it will need to be two separate interfaces, one to each SSG.  Or there will need to eb a switch between the NGFW and the SSG(s)

RobinClayton
L4 Transporter

The 2960 though will be fine with Etherchannel for LACP.

 

 

You could use the 2960 on both sides of the PA with seperate VLANS for internal and external traffic (but it's not ideal).

 

Rob

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!