Aggregated Ethernet and LACP

Aggregated Ethernet

Aggregated Ethernet interfaces could be used, if you need a bundle of multiple homogenous links for load-sharing or redundancy.  In JunOS you can configure this kind of bundles with or without LACP.

A bundle will be created with the aeX interface in JunOS. The following image shows you, that the interface ge-1/0/0 and ge-1/0/1 on R4 and R5 forming a bundle interface ae0.

AE_Simple

You must configure a device-count with minimum of 1. This is needed to create the initial amount of aeX  interfaces in the system.

admin@R4# run show interfaces terse | match ae
[edit]
admin@R4# set chassis aggregated-devices ethernet device-count 1
[edit]
admin@R4# commit
commit complete

[edit]
admin@R4# run show interfaces terse | match ae
ae0                     up    down

[edit]
admin@R4#

A simple aggregated ethernet configuration contain only the member links and the ae interface. You must specify the 802.3ad option to member links and a reference to the ae interface.

The following configuration shows you such a configuration:

On R4:

chassis {
    aggregated-devices {
        ethernet {
            device-count 1;
        }
    }
}
interfaces { 
    ge-1/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-1/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ae0 {
        unit 0 {
            family inet {
                address 10.0.0.1/30;
            }
        }
    }
}

On R5:

chassis {
    aggregated-devices {
        ethernet {
            device-count 1;
        }
    }
}
interfaces {
    ge-1/0/0 {
        gigether-options {
            802.3ad ae0; 
        }
    }
    ge-1/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ae0 {
        unit 0 {
            family inet {
                address 10.0.0.2/30;
            }
        }
    }
}

Where does the MAC Address comes from?

Every ethernet interface need a MAC Address. This rule also match on aggregated ethernet interfaces. The MAC Address is chosen from an internal MAC Address pool of the juniper router and  not from the member links:

admin@R4> show chassis mac-addresses
MAC address information:
Public base address     00:05:85:3d:98:00
Public count            1008
Private base address    00:05:85:3d:9b:f0    <<<<  Starting base
Private count           16 

admin@R4> show interfaces ae0 | match Current
Current address: 00:05:85:3d:9b:f0, Hardware address: 00:05:85:3d:9b:f0

admin@R4>

 

LACP

Link Aggregation Control Protocol or LACP sending frames over the ethernet links to discover the other side and forming an aggregated ethernet.

LACP knows 2 modes of operation:

  • Active – as written in 802.1ax is a preference to speak regardless, which means it always sending LACPDU to the other side
  • Passive –  as written in 802.1ax is a preference not to speak unless spoken to, which means it only reply to LACPDU

The aggregated ethernet only comes up in the following combinations:

  • Active/Active
  • Active/Passive

Keep in mind, that LACP will never comes up if both sides are in Passive/Passive mode!

This is an example of a Active/Passive configuration between R4 and R5:

LACP_simple

On R4:

interfaces {
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
    }
}

On R5:

interfaces {
    ae0 {
        aggregated-ether-options {
            lacp {
                passive;
            }
        }
    } 
}

You can use LACP to provide a link protection between multiple links.  Link-Protection with LACP is based on the link priority. The link with the highest priority is chosen to be primary link. Traffic will only forwarded over the primary link. All other links will be backup links, the order depends on the priority.

LACP_with_link_protection

After a primary link fails and come back, LACP could use a revertive mode. That means the traffic goes back to primary link. The options for revertive mode are:

  • revertive – automatic switch from backup to primary link
  • non-revertive – no automatic switch

If you use „non-revertive“ mode, you have to use a request command for the manual switch:

admin@R4> request interface revert aex

Example configuration for link-protection with LACP:

On R4:

interfaces {
    ge-1/0/0 {
        gigether-options {
            802.3ad {
                lacp {
                    port-priority 128;
                }
            }
        }
    }
    ae0 {
        aggregated-ether-options {
             lacp { 
                 link-protection {
                     revertive;
                 }
             }
        }
    }
}

On R5:

interfaces {
    ae0 {
        aggregated-ether-options {
            lacp {
                link-protection {
                    revertive;
                }
            }
        }
    }
}

Link-Protection without LACP

You can configure a link protection for the member links in a primary/backup fashion. Traffic goes always over the primary link. If the primary link fails, the backup link would be used.  After failure of the primary link, the traffic will goes over the backup link. Even if the primary link comes back, the traffic will not automatically switch back. You have to use a request command for the manual switch:

admin@R4> request interface revert aex

Example configuration for link-protection without LACP:

AE_with_link_protection

On R4:

interfaces {
    ge-1/0/0 {
        gigether-options {
            802.3ad {
                ae0;
                primary;
            }
        }
    }
    ge-1/0/1 {
        gigether-options {
            802.3ad {
                ae0;
                secondary;
            }
        }
    }
    ae0 {
        aggregated-ether-options {
            link-protection;
        }
    }
}

On R5:

interfaces {
    ge-1/0/0 {
        gigether-options {
            802.3ad {
                ae0;
                primary;
            }
        }
    }
    ge-1/0/1 {
        gigether-options {
            802.3ad {
                ae0;
                secondary;
            }
        }
    }
    ae0 {
        aggregated-ether-options {
            link-protection;
        }
    }
}

Link Speed

To change the link speed of the bundle, you must configure on both routers:

interfaces {
    ae0 {
        aggregated-ether-options {
            link-speed 1g;
        }
    }
}

Minimum Member-Links

You can specify the minimum number of links, which should be up to form a link aggregation. Keep in mind that the default value is 1.

On both routers:

interfaces {
    ae0 {
        aggregated-ether-options {
            minimum-links 2;
        }
    }
}

Tagging with 802.1q

It is possible to configure 802.1q tagging on the ae interface. In order to do this you must configure  “vlan-tagging” on the ae interface and a “vlan-id <number>” on every unit.

AE_with_dot1q

On R4:

interfaces {
    ae0 {
        vlan-tagging;
        unit 100 { 
            vlan-id 100;
            family inet {
                address 10.0.0.1/30;
            }
        }
    }
}

On R5:

interfaces {
    ae0 {
        vlan-tagging;
        unit 100 {
            vlan-id 100;
            family inet {
                address 10.0.0.2/30;
            }
        }
    }
}

Load-Balancing

The load-balancing on aggregated ethernet is based on a hash-key. This hash-key include the source/destination mac addresses and the input logical interface number. If you want a load-balancing by source/destination ip addresses or layer-4 protocols  like udp/tcp then you must included them as well in the hash-key. This could be done by the following configuration:

forwarding-options {
    hash-key {
        family multiservice {
            source-mac;
            destination-mac;
            payload {
                ip {
                    layer-3;
                    layer-4;
                }
            }
        }
    }
}

If don’t want, that both source and destination ip address should be used, you can add the option “destination-ip-only” or “source-ip-only” to “layer-3”.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.