lacp yaptıgımızda paketler destination ip adresinin son bitine göre hatlardan gönderilir ve destination adresimiz bir tane oldugu için sadece yedeklilik sağlamış olur alsında load balacing olayını atlamış oluyoruz.
Onun ıcın lacp de farklı load balacing metotları secebiliriz.
Orneklerde genellikle mode on kulladım ama mode active lacp ve bunu tercih edilmesi daha avantajlı.
Lacp ve Pagp Etherchannel kontrol mekanizmalarıdır. Mode on sadece etherchannel kurar, active ise dtp paketlere bakar active passive gibi.
Desirable = active
Auto= passive
Lacp priority dusuk olan aktif porttur.
channel-protocol lacp
channel-group 2 mode active
lacp port-priority priority dusuk olan aktif
Sekizden fazla port Etherchannel'a atanabilir. Seçim yaparken yine en düşük port priority değerlerine bakılır. Fazla olanlar bekleme (standby) durumunda kalacak, diğer portlarda bir sorun olması durumunda aktif hale geçecektir. Port priority değerleri de 1 ile 65535 arasında bir değer alabilir. Bu değer varsayılan olarak 32768'dir. Bu değerlerin eşit olması durumunda en düşük port numarasına bakılarak seçim yapılır.
Router(config)# interface range gig 2/1 – 4 , gig 3/1 – 4
Router(config-if)# channel-protocol lacp
Router(config-if)# channel-group 1 mode active
Router(config-if)# lacp port-priority 100
Router(config-if)# exit
Router(config)# interface range gig 2/15– 8 , gig 3/5– 8
Router(config-if)# channel-protocol lacp
Router(config-if)# channel-group 1 mode active
Yukarıdaki yapılandırmada dikkat edilmesi gereken nokta gig 2/15– 8 ve gig 3/5– 8 aralarındaki portlara öncelik (priority) atanmamış olmasıdır. O halde varsayılan değerler kullanılacaktır. Varsayılan değer 32768'dir ve bu değer 100'den büyük olduğu için bu portlar bekleme (standby) durumunda kalacaktır.
conf t
port-channel load-balance ?
The default is src-mac
port-channel load-balance src-mac
src-mac
dst-mac
src-dst-mac
src-ip
dst-ip
src-dst-ip
src-port
dst-port
src-dst-port
ile bir sürü secenek arasından istediğimizi seçebiliriz...
set chassis aggregated-devices ethernet device-count 2
set interfaces ge-0/0/0 gigether-options 802.3ad ae0
set interfaces ge-0/0/1 gigether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members ALI
set interfaces vlan unit 10 family inet address 10.1.1.1/24
set security zones security-zone Server host-inbound-traffic system-services all
set security zones security-zone Server host-inbound-traffic protocols all
set security zones security-zone Server interfaces vlan.10
set vlans ALI vlan-id 10
set vlans ALI l3-interface vlan.10
SW1;
set chassis aggregated-devices ethernet device-count 2
set interfaces ge-0/0/10 ether-options 802.3ad ae0
set interfaces ge-0/0/11 ether-options 802.3ad ae0
set interfaces ge-0/0/12 unit 0 family ethernet-switching vlan members ALI
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members ALI
set interfaces vlan unit 10 family inet address 10.1.1.2/24
set routing-options static route 0.0.0.0/0 next-hop 10.1.1.1
set vlans ALI vlan-id 10
set vlans ALI l3-interface vlan.10
You can see output about Interface transmit statistics
LACP for Juniper SW to SW
you have two or more than layer 2 device and they are connected with each other .Spanning tree rules dont give a permission two or a lot of connections between these devices.But If you use lacp you can provide more bandwith and redundancy.
set chassis aggregated-devices ethernet device-count 2 [How many links we need I use two links for directly connection between these devices , aex numbers]
set interfaces ge-0/0/10 ether-options 802.3ad ae0
set interfaces ge-0/0/11 ether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members ALI
set vlans ALI vlan-id 200
set vlans ALI l3-interface vlan.200
set interfaces vlan unit 200 family inet address 192.168.2.2/24
or
set interfaces ge-0/0/10 ether-options 802.3ad ae0
set interfaces ge-0/0/11 ether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family ethernet-switching port-mode access
set interfaces ae0 unit 0 family ethernet-switching vlan members ALI
LACP for Cisco Switchs
Switch-1(config-if-range)#channel-group 1 mode active
Switch-1(config-if-range)#channel-protocol lacp
Switch-1(config)#interface port-channel 1
Switch-1(config-if)#switchport trunk encapsulation dot1q
Switch-1(config-if)#switchport mode trunk
Switch-2(config)#interface range fastEthernet 0/1 - 2
Switch-2(config-if-range)#channel-group 1 mode active
Switch-2(config-if-range)#channel-protocol lacp
Switch-2(config)#interface port-channel 1
Switch-2(config-if)#switchport trunk encapsulation dot1q
Switch-2(config-if)#switchport mode trunk
Between cisco router to switch
SW;
interface Port-channel 1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/1
channel-group 1 mode active (for lacp If cısco router doesnt support lacp you have to use on , not active)
!
interface FastEthernet0/2
channel-group 1 mode active
interface Vlan10
ip address 10.0.0.2 255.255.255.0
R1
interface Port-channel 1
ip address 10.0.0.1 255.255.255.0
!
interface GigabitEthernet0/0
channel-group 1 mode active(for lacp If cısco router doesnt support lacp you have to use on , not active)
no ip address
!
interface GigabitEthernet0/1
channel-group 1 mode active
no ip address
------
interface Port-channel1
no ip address
interface Port-channel1.34
encapsulation dot1Q 34
ip address 10.34.20.251 255.255.255.0
standby 34 ip 10.34.20.1
standby 34 priority 200
standby 34 preempt
interface Port-channel1.35
encapsulation dot1Q 35
ip address 10.35.20.251 255.255.255.0
standby 35 ip 10.35.20.250
standby 35 priority 200
standby 35 preempt
interface GigabitEthernet1/0/2
no ip address
negotiation auto
channel-group 1 mode active
R1:
interface Port-channel1
ip address 10.0.0.1 255.0.0.0
!
interface GigabitEthernet0/0
no ip address
negotiation auto
channel-group 1
!
interface GigabitEthernet0/1
no ip address
negotiation auto
channel-group 1
R2:
interface Port-channel1
ip address 10.0.0.2 255.0.0.0
!
interface GigabitEthernet0/0
no ip address
negotiation auto
channel-group 1
!
interface GigabitEthernet0/1
no ip address
negotiation auto
channel-group 1
---
ASA FİREWALL to SW
ASA:
interface Port-channel1
lacp max-bundle 8
nameif outside
security-level 1
ip address 10.53.100.1 255.255.255.0
interface GigabitEthernet1/0
channel-group 1 mode on
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/1
channel-group 1 mode on
no nameif
no security-level
no ip address
SW:
interface Vlan11
ip address 10.53.100.2 255.255.255.0
interface Port-channel1
switchport access vlan 11
switchport mode access
interface GigabitEthernet1/0/1
switchport access vlan 11
switchport mode access
channel-group 1 mode on
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 11
switchport mode access
channel-group 1 mode on
spanning-tree portfast
**
interface Eth-Trunk22
port link-type trunk
port trunk allow-pass vlan 2 to 4094
mode lacp //The link aggregation protocol is LACP.
#
interface GigabitEthernet0/0/1
eth-trunk 22
Hiç yorum yok:
Yorum Gönder