Trunk group operation using LACP

The switch can automatically configure a dynamic LACP trunk group, or you can manually configure a static LACP trunk group.


[NOTE: ]

NOTE: LACP requires full-duplex (FDx) links of the same media type (10/100Base-T, 100FX, and so on) and the same speed and enforces speed and duplex conformance across a trunk group. For most installations, HP Switch recommends that you leave the port mode settings at Auto (the default). LACP also operates with Auto-10, Auto-100, and Auto-1000 (if negotiation selects FDx), and 10FDx, 100FDx, and 1000FDx settings.


LACP trunk status commands include:

Trunk display method Static LACP trunk Dynamic LACP trunk
CLI show lacp command Included in listing. Included in listing.
CLI show trunk command Included in listing. Not included.
Port/Trunk Settings screen in menu interface Included in listing. Not included

Thus, to display a listing of dynamic LACP trunk ports, you must use the show lacp command.

In most cases, trunks configured for LACP on the switches operate as described in LACP trunk types.

LACP trunk types

LACP port trunk configuration Operation
Dynamic LACP

This option automatically establishes an 802.3ad-compliant trunk group, with LACP for the port Type parameter and DynX for the port Group name, where X is an automatically assigned value from 1 to 60, depending on how many dynamic and static trunks are currently on the switch. (The switch allows a maximum of 60 trunk groups in any combination of static and dynamic trunks.)


[NOTE: ]

NOTE: Dynamic LACP trunks operate only in the default VLAN (unless GVRP is enabled and Forbid is used to prevent the trunked ports from joining the default VLAN). Thus, if an LACP dynamic port forms using ports that are not in the default VLAN, the trunk automatically moves to the default VLAN unless GVRP operation is configured to prevent this from occurring. In some cases, this can create a traffic loop in your network. For more information on this topic, seeVLANs and dynamic LACP.


Under the following conditions, the switch automatically establishes a dynamic LACP port trunk group and assigns a port Group name:

  • The ports on both ends of each link have compatible mode settings (speed and duplex).

  • The port on one end of each link must be configured for LACP Active and the port on the other end of the same link must be configured for either LACP Passive or LACP Active. For Example:

Either of the above link configurations allows a dynamic LACP trunk link.

Backup Links: A maximum of eight operating links are allowed in the trunk, but, with dynamic LACP, you can configure one or more additional (backup) links that the switch automatically activates if a primary link fails. To configure a link as a standby for an existing eight-port dynamic LACP trunk, ensure that the ports in the standby link are configured as either active-to-active or active-to-passive between switches.

Displaying dynamic LACP trunk data: To list the configuration and status for a dynamic LACP trunk, use the CLI show lacp command.


[NOTE: ]

NOTE: The dynamic trunk is automatically created by the switch and is not listed in the static trunk listings available in the menu interface or in the CLI show trunk listing.


Static LACP Provides a manually configured, static LACP trunk to accommodate these conditions:
  • The port on the other end of the trunk link is configured for a static LACP trunk.

  • You want to configure non-default Spanning Tree or IGMP parameters on an LACP trunk group.

  • You want an LACP trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled. (See VLANs and dynamic LACP.)

  • You want to use a monitor port on the switch to monitor an LACP trunk.

The trunk operates if the trunk group on the opposite device is running one of the following trunking protocols:

  • Active LACP

  • Passive LACP

  • Trunk

This option uses LACP for the port Type parameter and TrkX for the port Group parameter, where X is an automatically assigned value in a range corresponding to the maximum number of trunks the switch allows. (The table on Trunk types used in static and dynamic trunk groups lists the maximum number of trunk groups allowed on the switches.)

Displaying static LACP trunk data : To list the configuration and status for a static LACP trunk, use the CLI show lacp command. To list a static LACP trunk with its assigned ports, use the CLI show trunk command or display the menu interface Port/Trunk Settings screen.

Static LACP does not allow standby ports.

Default port operation

In the default configuration, LACP is disabled for all ports. If LACP is not configured as Active on at least one end of a link, the port does not try to detect a trunk configuration and operates as a standard, untrunked port. LACP port status data lists the elements of per-port LACP operation. To display this data for a switch, execute the following command in the CLI:

HP Switch> show lacp

LACP port status data

Status name Meaning
Port Numb Shows the physical port number for each port configured for LACP operation (C1, C2, C3 …). Unlisted port numbers indicate that the missing ports that are assigned to a static trunk group are not configured for any trunking.
LACP Enabled

Active: The port automatically sends LACP protocol packets.

Passive: The port does not automatically send LACP protocol packets and responds only if it receives LACP protocol packets from the opposite device.

A link having either two active LACP ports or one active port and one passive port can perform dynamic LACP trunking. A link having two passive LACP ports does not perform LACP trunking because both ports are waiting for an LACP protocol packet from the opposite device.


[NOTE: ]

NOTE: In the default switch configuration, LACP is disabled for all ports.


Trunk Group

TrkX: This port has been manually configured into a static LACP trunk.

Trunk group same as port number: The port is configured for LACP, but is not a member of a port trunk.

Port Status

Up: The port has an active LACP link and is not blocked or in standby mode.

Down: The port is enabled, but an LACP link is not established. This can indicate, For example, a port that is not connected to the network or a speed mismatch between a pair of linked ports.

Disabled: The port cannot carry traffic.

Blocked: LACP, Spanning Tree has blocked the port. (The port is not in LACP standby mode.) This may be caused by a (brief) trunk negotiation or a configuration error, such as differing port speeds on the same link or trying to connect the switch to more trunks than it can support. (See the table on Trunk configuration protocols.)


[NOTE: ]

NOTE: Some older devices are limited to four ports in a trunk. When eight LACP-enabled ports are connected to one of these older devices, four ports connect, but the other four ports are blocked.


Standby: The port is configured for dynamic LACP trunking to another device, but the maximum number of ports for the dynamic trunk to that device has already been reached on either the switch or the other device. This port will remain in reserve, or "standby" unless LACP detects that another, active link in the trunk has become disabled, blocked, or down. In this case, LACP automatically assigns a standby port, if available, to replace the failed port.

LACP Partner

Yes: LACP is enabled on both ends of the link.

No: LACP is enabled on the switch, but either LACP is not enabled or the link has not been detected on the opposite device.

LACP Status

Success: LACP is enabled on the port, detects and synchronizes with a device on the other end of the link, and can move traffic across the link.

Failure: LACP is enabled on a port and detects a device on the other end of the link, but is not able to synchronize with this device, and therefore is not able to send LACP packets across the link. This can be caused, For example, by an intervening device on the link (such as a hub), a bad hardware connection, or if the LACP operation on the opposite device does not comply with the IEEE 802.3ad standard.

LACP notes and restrictions

802.1X (Port-based access control) configured on a port

To maintain security, LACP is not allowed on ports configured for 802.1X authenticator operation. If you configure port security on a port on which LACP (active or passive) is configured, the switch removes the LACP configuration, displays a notice that LACP is disabled on the port, and enables 802.1X on that port.

HP Switch(config)# aaa port-access authenticator b1
LACP has been disabled on 802.1x port(s). 
HP Switch(config)#

The switch does not allow you to configure LACP on a port on which port access (802.1X) is enabled. For Example:

HP Switch(config)# int b1 lacp passive 
Error configuring port < port-number > : LACP and 802.1x cannot 
be run together. 
HP Switch(config)#

To restore LACP to the port, you must first remove the 802.1X configuration of the port and then re-enable LACP active or passive on the port.

Port securityconfigured on a port

To maintain security, LACP is not allowed on ports configured for port security. If you configure port security on a port on which LACP (active or passive) is configured, the switch removes the LACP configuration, displays a notice that LACP is disabled on the port, and enables port security on that port. For Example:

HP Switch(config)# port-security a17 learn-mode static address-
limit 2 LACP has been disabled on secured port(s).
HP Switch(config)#

The switch does not allow you to configure LACP on a port on which port security is enabled. For Example:

HP Switch(config)# int a17 lacp passive
Error configuring port A17: LACP and port security cannot be
run together.
HP Switch(config)#

To restore LACP to the port, you must remove port security and re-enable LACP active or passive.

Changing trunking methods

To convert a trunk from static to dynamic, you must first eliminate the static trunk.

Static LACP trunks

When a port is configured for LACP (active or passive), but does not belong to an existing trunk group, you can add that port to a static trunk. Doing so disables dynamic LACP on that port, which means you must manually configure both ends of the trunk.

Dynamic LACP trunks

You can configure a port for LACP-active or LACP-passive, but on a dynamic LACP trunk you cannot configure the other options that you can on static trunks. If you want to manually configure a trunk, use the trunk command.

VLANs and dynamic LACP

A dynamic LACP trunk operates only in the default VLAN (unless you have enabled GVRP on the switch and use Forbid to prevent the ports from joining the default VLAN).

If you want to use LACP for a trunk on a non-default VLAN and GVRP is disabled, configure the trunk as a static trunk.

Blocked ports with older devices

Some older devices are limited to four ports in a trunk. When eight LACP-enabled ports are connected to one of these older devices, four ports connect, but the other four ports are blocked. The LACP status of the blocked ports is shown as "Failure."

If one of the other ports becomes disabled, a blocked port replaces it (Port Status becomes "Up"). When the other port becomes active again, the replacement port goes back to blocked (Port Status is "Blocked"). It can take a few seconds for the switch to discover the current status of the ports.

Blocked ports with LACP

HP Switch(eth-B1-B8)# show lacp

                         LACP

  PORT   LACP      TRUNK   PORT     LACP      LACP
  NUMB   ENABLED   GROUP   STATUS   PARTNER   STATUS
  ----   -------   ------  ------   -------   ------
  B1     Active    Dyn1    Up       Yes       Success
  B2     Active    Dyn1    Up       Yes       Success
  B3     Active    Dyn1    Up       Yes       Success
  B4     Active    Dyn1    Up       Yes       Success
  B5     Active    Dyn1    Blocked  Yes       Failure
  B6     Active    Dyn1    Blocked  Yes       Failure
  B7     Active    B7      Down     No        Success
  B8     Active    B8      Down     No        Success

If there are ports that you do not want on the default VLAN, ensure that they cannot become dynamic LACP trunk members. Otherwise a traffic loop can unexpectedly occur. For Example:

A dynamic LACP trunk forming in a VLAN can cause a traffic loop

A dynamic LACP trunk forming in a VLAN can cause a traffic loop

Easy control methods include either disabling LACP on the selected ports or configuring them to operate in static LACP trunks.

Spanning Tree and IGMP

If Spanning Tree, IGMP, or both are enabled in the switch, a dynamic LACP trunk operates only with the default settings for these features and does not appear in the port listings for these features.

Half-duplex, different port speeds, or both not allowed in LACP trunks

Theports on both sides of an LACP trunk must be configured for the same speed and for full-duplex (FDx). The 802.3ad LACP standard specifies a full-duplex (FDx) requirement for LACP trunking. (10-gigabit ports operate only at FDx.)

A port configured as LACP passive and not assigned to a port trunk can be configured to half-duplex (HDx). However, in any of the following cases, a port cannot be reconfigured to an HDx setting:

  • If the port is a 10-gigabit port.

  • If a port is set to LACP Active, you cannot configure it to HDx.

  • If a port is already a member of a static or dynamic LACP trunk, you cannot configure it to HDx.

  • If a port is already set to HDx, the switch does not allow you to configure it for a static or dynamic LACP trunk.

Dynamic/static LACP interoperation

A port configured for dynamic LACP can properly interoperate with a port configured for static (TrkX) LACP, but any ports configured as standby LACP links are ignored.