Configuring LACP Aggregate Ethernet Interfaces

When interconnecting Juniper Devices you can create aggregate ethernet interfaces to bundle together multiple physical ethernet links to increase bandwidth and redundancy between devices. On Cisco devices this is known as Ether-Channel.






  • Core Knowledge

  • Lab Topology

  • Initial Configurations

  • Lab Objectives

  • Lab Instruction




Core Knowledge


When it comes to building out redundant high bandwidth network up-links using aggregate ethernet links is a common practice. On a Cisco device this type of technology is known as Ether-Channel however Juniper has a different name for it. None the less the same concept applies.



Aggregate Ethernet links are logical interfaces defined on the device that bundle together multiple physical interfaces into a single interface for the use of redundancy and bandwidth aggregation. For example, you can take two 1Gbps interfaces and bundle them together into a single 2Gbps Aggregated Ethernet interface (Ae0).



Ethernet Aggregation however does have its architectural limitations. Due to the nature of how the technology works, a hashing algorithm is used to determine which interface to send traffic out of in a bundled aggregated ethernet interface. For example you have 4 members in ae0 (aggregate ethernet 0 interface). The default hashing algorithm on a Juniper EX Series switch for a layer 2 aggregate interface is SRC/DST MAC Address, SRC/DST IP Address and SRC/DST Port Number(s). So with this in mind if you have a single TCP session between two devices that pass traffic over an aggregate ethernet interface. The traffic would not be load balanced as the session is persistent and none of these variables change.



The hashing algorithm used on a Layer 3 aggregated interface is SRC/DST IP Address, SRC/DST Port number(s) in which case the same architectural limitation applies. When building aggregated ethernet links you should consider the type of traffic traversing the links if you are building the links solely for the purpose of bandwidth aggregation.



Unlike Cisco switches, the hashing algorithm cannot be changed on the Juniper EX Series switches.



When designing aggregated ethernet links, you have the option of using layer 2 links or layer 3 links whereas layer 2 links can be assigned to a single VLAN or configured as a trunk link to pass all or limited VLAN traffic. Layer 3 aggregated ethernet interfaces provide redundancy when building scalable routed networks using dynamic routing protocols.



When working with juniper you have the ability to configure two types of Aggregated Ethernet, static and LACP. Both types of aggregation perform the same function however LACP has a significant advantage over static.



Link Aggregation Control Protocol (LACP) IEEE 802.3ad is an industry standard and communicates using LACPDU’s over the member interfaces of an aggregated ethernet bundle. This LACPDU’s are responsible for negotiation parameters of the LAG and also capable of detecting unidirectional cable failures where the consecutive loss of 3 LACPDU’s on a single link in a given direction results in LACP setting the bundle member to expired and disabling the link in the LAG to prevent unintended network errors.



LACP also performs dynamic link configuration to ensure that end devices can support link aggregation. During this process, multiple items are negotiated such as link speed and primary interface. The primary interface by default is the member with the lowest interface number and is the default active interface.


Configuring Juniper Aggregated Ethernet Interfaces


When it comes to configuring Juniper Aggregated Ethernet (ae) Interfaces, you must first configure the system to enable them. By default Juniper devices do not have any aggregated ethernet interfaces created. To configure the device to support a given number of ae interfaces, you must define it on a per chassis basis using the set chassis aggregated-devices devices {1-32} in config mode. The number of devices you define will be the number of aggregated ethernet interfaces that the system will create which can be configured just like any other ethernet interface. Also you can view the interfaces created by using the show interface terse command.



Once you have defined the number of aggregated ethernet devices on the chassis you can then continue to configure the LAG members on a per ethernet interface basis using the set interfaces ge-0/0/23 ether-options 802.3ad ae# whereas the ae# is the aggregated ethernet interface number which you wish to assign the member interface to.



Also note when assigning ethernet interfaces to LAG you must remove the unit 0 from the interface before committing the configuration or it will give you an error. This can be done by the delete interface ge-0/0/23 unit 0 command.



Once you have assigned the member interfaces to the aggregated ethernet interface you can then configure the Aggregated Ethernet interface. From this point you can configure the Ae interface as layer 2 interface that is a member of a single VLAN or a trunk interface. You also have the option to configure the AE interface as a layer 3 interface using the inet family.



For example we’re going to use Ae0 and configure it to be a static member of the iSCSI VLAN. The command to do this would be set interfaces ae0 unit 0 family ethernet-switching port-mode access vlan iSCSI This type of example is common when you want to configure two interfaces connected to a server to a specific VLAN such as iSCSI traffic.



You can also configure Ae0 as a trunk interface in which case you would use the set interfaces ae0 unit 0 family ethernet-switching port-mode trunk vlan members all command to permit all VLAN’s. You also have the ability to specify which VLAN’s can traverse the Aggregated Ethernet trunk by specifying members by name.



Lastly, you can configure the Aggregated Ethernet interface as a layer 3 interface which can be used for routing traffic. This is done through the use of the set interfaces ae0 unit 0 family inet address 10.1.1.1/24 However you must remove the ether-switching family from the interface before committing the configuration or you’ll receive an error. Once your Aggregated Ethernet interface is configured to operate in layer 3 mode you can then use that interface as you would any other layer 3 interface. For example, establish OSPF neighbors on it.



When it comes to verification of static Aggregated Ethernet interfaces its best to view the configuration and use the show interfaces ae# detail command in user mode. This command will display the member interfaces and member interface statistics. An example is given below;


root@SW1> show interfaces ae0 detail
Physical interface: ae0, Enabled, Physical link is Up
  Interface index: 153, SNMP ifIndex: 553, Generation: 156
  Link-level type: Ethernet, MTU: 1514, Speed: 2Gbps, BPDU Error: None,
  MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled,
  Flow control: Disabled, Minimum links needed: 1, Minimum bandwidth needed: 0
  Device flags   : Present Running
  Interface flags: SNMP-Traps Internal: 0x0
  Current address: 00:23:9c:1a:a3:43, Hardware address: 00:23:9c:1a:a3:43
  Last flapped   : 2013-09-13 03:54:38 EDT (02:16:40 ago)
  Statistics last cleared: Never
  Traffic statistics:
   Input  bytes  :               238977                    0 bps
   Output bytes  :               994114                    0 bps
   Input  packets:                 1497                    0 pps
   Output packets:                 9294                    0 pps
   IPv6 transit statistics:
    Input  bytes  :                   0
    Output bytes  :                   0
    Input  packets:                   0
    Output packets:                   0

  Logical interface ae0.0 (Index 93) (SNMP ifIndex 554) (HW Token 4294967295)
   (Generation 162)
    Flags: SNMP-Traps 0x0 Encapsulation: ENET2
    Statistics        Packets        pps         Bytes          bps
    Bundle:
        Input :            33          0          2758            0
        Output:            39          0          2970            0
    Adaptive Statistics:
        Adaptive Adjusts:          0
        Adaptive Scans  :          0
        Adaptive Updates:          0
    Link:
      ge-0/0/22.0
      ge-0/0/23.0
    Marker Statistics:   Marker Rx     Resp Tx   Unknown Rx   Illegal Rx
      ge-0/0/22.0                0           0            0            0
      ge-0/0/23.0                0           0            0            0
    Protocol eth-switch, Generation: 179, Route table: 0
      Flags: Trunk-Mode

root@SW1>

If you are trying to view the interface statistics for an LACP Aggregated Ethernet bundle than the show lacp interfaces command is going to display the useful LACP information. An example given below;


root@SW1> show lacp interfaces
Aggregated interface: ae0
    LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
      ge-0/0/22      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      ge-0/0/22    Partner    No    No   Yes  Yes  Yes   Yes     Fast   Passive
      ge-0/0/23      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      ge-0/0/23    Partner    No    No   Yes  Yes  Yes   Yes     Fast   Passive
    LACP protocol:        Receive State  Transmit State          Mux State 
      ge-0/0/22                 Current   Fast periodic Collecting distributing
      ge-0/0/23                 Current   Fast periodic Collecting distributing

root@SW1>



Physical Lab Topology


The following physical topology is used in all labs found throughout section 4 of the Junos JNCIA Workbook.





JNCIA Workbook Physical Switching Topology

Logical Lab Topology


JNCIA Workbook Lab 4-3 Logical Topology


Initial Configurations


To load the initial configurations provided below first zeroize your Juniper device using the request system zeroize. This will reset the device back to factory defaults and reboot the device.



After the device has rebooted, log in using the root account with no password and copy and paste the following configurations into the terminal window of the respective device(s).





Lab Prerequisites


This lab must be completed on an EX Series Juniper Switch or a hardware based SRX Platform. The vSRX does NOT support ethernet-switching.



Prior to starting the lab objectives zeroize your Juniper switches and load the initial configurations provided. The root password is Juniper


Lab Objectives


In this lab you will create 3 types of Aggregated Ethernet interfaces. First you will build a static access aggregated ethernet group between SW1 and SW3 where SW3 will simulate a server using static LAG, commonly found on Intel and Broadcom NIC’s. Then you will configure a second LAG trunk between SW1 and SW4 commonly found on up-links between switches and finally a routed LAG Aggregated Ethernet Interface between SW1 and SW2 which are commonly deployed on routed devices such as switches and routers.



Note that SW2, SW3 and SW4 have been per-configured if you correctly loaded the initial configurations.



To complete this lab you must perform the following objectives;



  • On SW1, define three (3) Aggregate Ethernet interfaces.

  • Configure interfaces Ge-0/0/18 and Ge-0/0/19 on SW1 as members of Ae0 and configure interface Ae0 as an access interface for VLAN iSCSI.

  • Verify the static access LAG by pinging the simulated host (SW3) 192.168.50.3 from SW1.

  • Configure interfaces Ge-0/0/20 and Ge-0/0/21 on SW1 as members of Ae1 and configure interface Ae1 as a trunk interface permitting all VLAN’s.

  • Verify the trunk LAG by pinging 192.168.10.4 (VLAN Sales) and 192.168.20.4 (VLAN Marketing) from SW1.

  • Configure interfaces Ge-0/0/22 and Ge-0/0/23 on SW1 as members of Ae2 and configure interface Ae2 as a routed LACP layer 3 interface with the IP Address of 172.16.20.1/24

  • Verify your L3 LACP LAG by viewing the LACP interface status and by pinging 172.16.20.2 from SW1.


Before you Continue


It is recommended that you attempt to complete these lab objectives the first time without looking at the Lab Instruction section.



If you are a student preparing for the Juniper JNCIA Certification Exam than you are more likely to remember how to complete these objectives if you attempt to complete them the first time on your own with the use of the core knowledge section found in this lab. You should only resort to the Lab Instruction section to verify your work.



Lab Instruction


The following Lab Instruction is demonstrated using Juniper EX3200 Series Switches.



  • On SW1, define three (3) Aggregate Ethernet interfaces.



root@SW1> configure
Entering configuration mode

[edit]
root@SW1# set chassis aggregated-devices ethernet device-count 3

[edit]
root@SW1#

  • Configure interfaces Ge-0/0/18 and Ge-0/0/19 on SW1 as members of Ae0 and configure interface Ae0 as an access interface for VLAN iSCSI.



root@SW1# delete interfaces ge-0/0/19.0

[edit]
root@SW1# delete interfaces ge-0/0/19.0

[edit]
root@SW1# set interfaces ge-0/0/18 ether-options 802.3ad ae0

[edit]
root@SW1# set interfaces ge-0/0/19 ether-options 802.3ad ae0

[edit]
root@SW1# set interfaces ae0 unit 0 family ethernet-switching port-mode access vlan members iSCSI

[edit]
root@SW1# commit and-quit
commit complete
Exiting configuration mode

root@SW1>

  • Verify the static access LAG by pinging the simulated host (SW3) 192.168.50.3 from SW1.



root@SW1> ping 192.168.50.3 count 5 
PING 192.168.50.10 (192.168.50.10): 56 data bytes
64 bytes from 192.168.50.3: icmp_seq=0 ttl=64 time=2.554 ms
64 bytes from 192.168.50.3: icmp_seq=1 ttl=64 time=2.025 ms
64 bytes from 192.168.50.3: icmp_seq=2 ttl=64 time=2.026 ms
64 bytes from 192.168.50.3: icmp_seq=3 ttl=64 time=2.061 ms
64 bytes from 192.168.50.3: icmp_seq=4 ttl=64 time=2.258 ms

--- 192.168.50.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.025/2.185/2.554/0.204 ms

root@SW1>

  • Configure interfaces Ge-0/0/20 and Ge-0/0/21 on SW1 as members of Ae1 and configure interface Ae1 as a trunk interface permitting all VLAN’s



root@SW1> configure
Entering configuration mode

[edit]
root@SW1# delete interfaces ge-0/0/20.0

[edit]
root@SW1# delete interfaces ge-0/0/21.0

[edit]
root@SW1# set interfaces ge-0/0/20 ether-options 802.3ad ae1

[edit]
root@SW1# set interfaces ge-0/0/21 ether-options 802.3ad ae1

[edit]
root@SW1# set interfaces ae0 unit 1 family ethernet-switching port-mode trunk vlan members all

[edit]
root@SW1# commit and-quit
commit complete
Exiting configuration mode

root@SW1>

  • Verify the trunk LAG by pinging 192.168.10.4 (VLAN Sales) and 192.168.20.4 (VLAN Marketing) from SW1.



root@SW1> ping 192.168.10.4 count 5
PING 192.168.10.4 (192.168.10.4): 56 data bytes
64 bytes from 192.168.10.4: icmp_seq=0 ttl=64 time=3.829 ms
64 bytes from 192.168.10.4: icmp_seq=1 ttl=64 time=2.475 ms
64 bytes from 192.168.10.4: icmp_seq=2 ttl=64 time=2.407 ms
64 bytes from 192.168.10.4: icmp_seq=3 ttl=64 time=2.527 ms
64 bytes from 192.168.10.4: icmp_seq=4 ttl=64 time=2.399 ms

--- 192.168.10.4 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.399/2.727/3.829/0.553 ms

root@SW1> ping 192.168.20.4 count 5
PING 192.168.20.4 (192.168.20.4): 56 data bytes
64 bytes from 192.168.20.4: icmp_seq=0 ttl=64 time=3.645 ms
64 bytes from 192.168.20.4: icmp_seq=1 ttl=64 time=2.256 ms
64 bytes from 192.168.20.4: icmp_seq=2 ttl=64 time=2.281 ms
64 bytes from 192.168.20.4: icmp_seq=3 ttl=64 time=2.447 ms
64 bytes from 192.168.20.4: icmp_seq=4 ttl=64 time=2.443 ms

--- 192.168.20.4 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.256/2.614/3.645/0.521 ms

root@SW1>

  • Configure interfaces Ge-0/0/22 and Ge-0/0/23 on SW1 as members of Ae2 and configure interface Ae2 as a routed LACP layer 3 interface with the IP Address of 10.1.1.1/24



root@SW1> configure
Entering configuration mode

[edit]
root@SW1# delete interfaces ge-0/0/22.0

[edit]
root@SW1# delete interfaces ge-0/0/23.0

[edit]
root@SW1# set interfaces ge-0/0/22 ether-options 802.3ad ae2

[edit]
root@SW1# set interfaces ge-0/0/23 ether-options 802.3ad ae2

[edit]
root@SW1# set interfaces ae2 unit 0 family inet address 172.16.20.1/24

[edit]
root@SW1#  set interfaces ae2 aggregated-ether-options lacp active

[edit]
root@SW1# commit and-quit
commit complete
Exiting configuration mode

root@SW1>

  • Verify your L3 LACP LAG by viewing the LACP interface status and by pinging 172.16.20.2 from SW1.



root@SW1> show lacp interfaces
Aggregated interface: ae0

Aggregated interface: ae1

Aggregated interface: ae2
    LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
      ge-0/0/22      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      ge-0/0/22    Partner    No    No   Yes  Yes  Yes   Yes     Fast   Passive
      ge-0/0/23      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      ge-0/0/23    Partner    No    No   Yes  Yes  Yes   Yes     Fast   Passive
    LACP protocol:        Receive State  Transmit State          Mux State 
      ge-0/0/22                 Current   Fast periodic Collecting distributing
      ge-0/0/23                 Current   Fast periodic Collecting distributing

root@SW1> 

root@SW1> ping 172.16.20.2 count 5
PING 172.16.20.2 (172.16.20.2): 56 data bytes
64 bytes from 172.16.20.2: icmp_seq=0 ttl=64 time=2.041 ms
64 bytes from 172.16.20.2: icmp_seq=1 ttl=64 time=1.830 ms
64 bytes from 172.16.20.2: icmp_seq=2 ttl=64 time=1.735 ms
64 bytes from 172.16.20.2: icmp_seq=3 ttl=64 time=1.636 ms
64 bytes from 172.16.20.2: icmp_seq=4 ttl=64 time=1.781 ms

--- 172.16.20.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.636/1.805/2.041/0.134 ms

root@SW1>


◄ Previous Lab
Next Lab ►