Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX/EX] Link aggregation (LACP) supported/non-supported configurations on SRX and EX

0

1

Article ID: KB22474 KB Last Updated: 10 Feb 2020Version: 14.0
Summary:

This article provides information about the supported Link Aggregation Control Protocol (LACP) configuration on SRX, when connected with EX, to perform LACP.

 

Symptoms:

Supported LACP configuration on EX and SRX in various scenarios

 

Solution:

Let's consider the following example:

SRX Configuration

set interfaces ge-3/0/0 gigether-options redundant-parent reth1
set interfaces ge-15/0/0 gigether-options redundant-parent reth1
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 redundant-ether-options minimum-links 1
set interfaces reth1 redundant-ether-options lacp passive
set interfaces reth1 redundant-ether-options lacp periodic slow

EX Configuration

set chassis aggregated-devices ethernet device-count 10
set interfaces ge-0/0/0 ether-options 802.3ad ae1
set interfaces ge-0/0/1 ether-options 802.3ad ae1
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregate-ether-options lacp periodic slow

Topology

SRX (ge-3/0/0) is connected to EX (ge-0/0/0)
SRX (ge-15/0/0) is connected to EX (ge-0/0/1)

Notice that the switch interfaces are in one LACP bundle and it is supposed to load balance; which means that it will send one packet to ge-3/0/0 and the next packet to ge-15/0/0, toward the SRX device.

Assume that Node0 is active. Therefore, the first packet sent to ge-3/0/0 will go through and the packet to ge-15/0/0 will be dropped because Node1 is passive.

This is a non-supported configuration.

The supported configuration would be as follows:

SRX Configuration

set interfaces ge-3/0/0 gigether-options redundant-parent reth1
set interfaces ge-3/0/1 gigether-options redundant-parent reth1
set interfaces ge-15/0/0 gigether-options redundant-parent reth1
set interfaces ge-15/0/1 gigether-options redundant-parent reth1
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 redundant-ether-options lacp passive
set interfaces reth1 redundant-ether-options lacp periodic slow

EX Configuration

set chassis aggregated-devices ethernet device-count 10
set interfaces ge-0/0/0 ether-options 802.3ad ae1
set interfaces ge-0/0/2 ether-options 802.3ad ae1
set interfaces ge-0/0/1 ether-options 802.3ad ae2
set interfaces ge-0/0/3 ether-options 802.3ad ae2
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae2 aggregated-ether-options lacp active
set interfaces ae1 aggregate-ether-options lacp periodic slow
set interfaces ae2 aggregate-ether-options lacp periodic slow

Topology

LACP ae1:

SRX (ge-3/0/0) is connected to EX (ge-0/0/0)
SRX (ge-3/0/1) is connected to EX (ge-0/0/2)

LACP ae2:
SRX (ge-15/0/0) is connected to EX (ge-0/0/1)
SRX (ge-15/0/1) is connected to EX (ge-0/0/3)

The same configuration can be done without using LACP on either side. The SRX device can do load-balancing without using LACP. It is needed only when the other side is configured to do LACP.

In cases where LACP is not configured on the other side, remove the LACP configuration from the SRX device in the following manner:

SRX Configuration  (Without LACP)

delete interfaces reth1 redundant-ether-options lacp

EX Configuration (Without LACP)

delete interfaces ae1 aggregated-ether-options lacp
delete interfaces ae2 aggregated-ether-options lacp

Note: Removing LACP from the network will come with a downtime. Branch devices (SRX100 to SRX650) generally show a downtime of 30 seconds to a minute, whereas high-end devices generally show an average of 5 to 6 minutes downtime.

The following diagram clearly illustrates the difference between the supported and non-supported configurations:

 

Modification History:

2020-02-10: Article reviewed for accuracy. No changes made. Article is correct and complete.

 

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search