7100 series LACP ports not dormant after connecting to server NIC team

  • 0
  • 1
  • Problem
  • Updated 1 year ago
  • Solved
Hi,

We are trying to configure a lag on a 7100 series switch. We have good experience with creating lags between switches, and ESXi hosts. However, this is the first time we have done this using Microsoft 2012 R2 NIC teaming.

On the server, I created a 2 port team, using two 10GB ports on the server. The Teaming mode is LACP, and the Load balancing mode is Dynamic.

Configured the lag on the 7100 series switch with the following commands:
set lacp aadminkey lag.0.9 265
set port lacp port tg.1.3 aadminkey 265
set port lacp port tg.2.3 aadminkey 265
set port lacp port tg.1.3 enable
set port lacp port tg.2.3 enable
set port alias lag.0.9 “naz-as-60 Veeam tape server (2x10GB)”
set port alias tg.1.3 “LAG9 naz-as-62 Veeam tape server”
set port alias tg.2.3 “LAG9 naz-as-62 Veeam tape server”
set port vlan tg.1-2.3 1063 mod
set port vlan lag.09 1063 mod

We first attempted this last week, but the individual ports did not go dormant, yet the lag was active when they were connected, so we backed out, concerned about a loop forming.

When comparing the new lags (lag.0.9) config against other working lags on the switch, we saw that there were differences. The following was configured on lag.0.9, from an earlier lag that was configured in the past:
set port lacp port tg.1.3 padminstate lacpagg
set port lacp port tg.2.3 padminstate lacpagg

So we figured that we could run the following to change this:
clear port lacp port tg.1-2.3 padminstate all
clear port lacp port tg.1-2.3 aadminstate all

We then physically connected the server ports to the switch again, but as before, the lag member ports were still active.

Then we saw another difference between this lag, and other working ones, these lag ports had a padminkey value set:
set port lacp port tg.1.3 padminkey 149
set port lacp port tg.2.3 padminkey 149

So we did the following:
clear port lacp port tg.1.3 padminkey
clear port lacp port tg.2.3 padminkey

We again physically connected the server to the switch, and we think a loop occurred.

Below is the current output of show lacp, and show port lacp port:

PH-DC-RB2_7100-2(su)->show lacp lag.0.9
Global Link Aggregation state: enabled
Single Port LAGs: enabled

Aggregator: lag.0.9
Actor Partner
System Identifier: 20:b3:99:92:c1:c6 84:2b:2b:58:02:b8
System Priority: 32768 0
Admin Key: 265
Oper Key: 265 0
Attached Ports: None.
Standby Ports: None.

PH-DC-RB2_7100-2(su)->show port lacp port tg.1-2.3 status detail

Global Link Aggregation state : enabled

Port Instance: tg.1.3 Port enable state: Enabled
ActorPort: 259 PartnerAdminPort: 259
ActorSystemPriority: 32768 PartnerOperPort: 259
ActorPortPriority: 32768 PartnerAdminSystemPriority: 32768
ActorAdminKey: 265 PartnerOperSystemPriority: 32768
ActorOperKey: 265 PartnerAdminPortPriority: 32768
ActorAdminState: -----GlA PartnerOperPortPriority: 32768
ActorOperState: -F----lA PartnerAdminKey: 259
ActorSystemID: 20-b3-99-92-c1-c6 PartnerOperKey: 259
SelectedAggID: none PartnerAdminState: --DCS-lp
AttachedAggID: none PartnerOperState: --DC--lp
MuxState: Detached PartnerAdminSystemID: 00-00-00-00-00-00
DebugRxState: port Disabled PartnerOperSystemID: 00-00-00-00-00-00
portStandbyReason: none

Port Instance: tg.2.3 Port enable state: Enabled
ActorPort: 451 PartnerAdminPort: 451
ActorSystemPriority: 32768 PartnerOperPort: 451
ActorPortPriority: 32768 PartnerAdminSystemPriority: 32768
ActorAdminKey: 265 PartnerOperSystemPriority: 32768
ActorOperKey: 265 PartnerAdminPortPriority: 32768
ActorAdminState: -----GlA PartnerOperPortPriority: 32768
ActorOperState: -F----lA PartnerAdminKey: 451
ActorSystemID: 20-b3-99-92-c1-c6 PartnerOperKey: 451
SelectedAggID: none PartnerAdminState: --DCS-lp
AttachedAggID: none PartnerOperState: --DC--lp
MuxState: Detached PartnerAdminSystemID: 00-00-00-00-00-00
DebugRxState: port Disabled PartnerOperSystemID: 00-00-00-00-00-00
portStandbyReason: none

Here is the VLAN config:
set port vlan tg.1.3 1063
set port vlan tg.2.3 1063
set port vlan lag.0.9 1063
set vlan egress 1063 lag.0.8-9;tg.1.3,19-20;tg.2.3,19-20 untagged

Any suggestions at to what we may be doing wrong would be greatly appreciated.

Thanks,
Ken
Photo of Ken Applebaum

Ken Applebaum

  • 224 Points 100 badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Bastian Sprotte

Bastian Sprotte, Employee

  • 1,610 Points 1k badge 2x thumb
hello,
to understand if loops happen,
get these commands entered.
this will show you on console/ssh/telnet
if an MAC moves which means loop-


set logging here enable
set movedaddrtrap enable
set movedaddrtrap *.*.* enable


regards
BAstian
.
Photo of Ken Applebaum

Ken Applebaum

  • 224 Points 100 badge 2x thumb
Thanks Bastian, I will review this with our team. Looks like a great suggestion to determine if what we think is happening, really is.
Photo of Jason Parker

Jason Parker, Employee

  • 2,918 Points 2k badge 2x thumb
Here is what you need
Configuring a Static LAG Identify the logical LAG ports (aggregator) you wish to Utilize (ex. lag.0.9)
Identify the underlying physical ports that will comprise the LAG(ex: tg.1-2.3)
Configure the aggregator and ports to use all the same aadminkey which is unique from the aadminkey used by other LAG's and ports
Cli command format: set LACP static
Example: set LACP static lag.0.9 tg.1-2.3
Note1. The portion is the virtual command will appear in the output of the show configuration LACP
The following commands are set by the example Set LACP static lag.0.9
Set LACP aadminkey lag.0.9 1063
Set port LACP port that.1-2.3 aadminkey 1063
Set port LACP port this.1-2.3 disable
Note 2.
As with any Cli command issued, the above commands will only appear in the output of a Show configuration
Verify the Static LAG status Cli command format: show LACP
Example: show LACP lag.0.9
Good Luck
Jason
Photo of Ken Applebaum

Ken Applebaum

  • 224 Points 100 badge 2x thumb
Jason,
I don't 100% understand the difference between a static & dynamic lag. The NIC teaming mode is set to LACP, and according to Microsoft, then this should work with a LAG configured on the switch. Would you please explain the benefit of configuring a static lag in this case? Also, we did not run Set port LACP port tg.1-2.3 disable. Does the static lag command automatically issue this? Will the ports then be dormant, or disabled? And if disabled, is there a reason they are not dormant when creating a dynamic lag?

Thanks,
Ken
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hi Ken,

a static LAG does not use LACP. On EOS, this is most easily configured using the "set lacp static" command.

A dynamic LAG uses LACP. This is configured on EOS by setting the aadminkey of logical and physical ports and enabling LACP on the physical ports. Show commands can be used to verify protocol operation.

HTH,
Erik
Photo of Ken Applebaum

Ken Applebaum

  • 224 Points 100 badge 2x thumb
Thanks Eric,
Am I correct in thinking that a static lag consisting of two 10GB ports, will have 20GB throuput, and that an active/standby port configuration would not occur?

Thanks again,
Ken
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hi Ken,

all active ports in a LAG are used, for both static and dynamic LAGs.

While dynamic LAGs using LACP support standby links, using this is unusual.

Static LAGs do not negotiate port use by definition, thus every physical port of the LAG that is up is active in the LAG.

Thanks,
Erik
Photo of Ken Applebaum

Ken Applebaum

  • 224 Points 100 badge 2x thumb
Great, Thanks for the info Erik. A static lag seems the way to go.
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hi Ken,

your output shows "Attached Ports: None." for lag.0.9. Thus the LAG is not active, but the physical ports are used, if they have link and are enabled.

I would expect "show port status tg.1-2.3;lag.0.9" to display the ten gig ports as up, but the LAG as oper down.

If both ten gig ports are forwarding and the remote side is switching between them, a loop occurs. An ESXi host does not switch between vSwitch uplink ports, a Linux bridge does, Open vSwitch should not, I have no idea what Hyper-V does or is supposed to do in this situation. The output of "show spantree stats active" might give an idea what is going on, as might "show port egress tg.1-2.3;lag.0.9".

You can use "show port lacp port tg.1-2.3 counter" to check if LACP PDUs are received on the ports. Those counters should be slowly increasing. If they are increasing quickly (once per second), the remote side uses fast timers, and you would need to configure those on the Extreme switch as well. If the counters are not increasing, LACP  is probably not active on the Hyper-V host uplinks.

Thanks,
Erik
Photo of Ken Applebaum

Ken Applebaum

  • 224 Points 100 badge 2x thumb
Thanks Eric,

Right now, the server is not connected to the switch. The server is not an ESX host. It is a MS 2012 R2 that will serve as a backup repository and tape server, and this is what makes it new to us. Thanks for the commands to get some visibility into the lag activity, this will be helpful when we attempt this again.

- ken