Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 26 subscribers
  • Views 5587 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LACP LAG in Bridge with single port

KamalFIKRI

Hi, I plan to deploy XG 550 in HA, and add extension card for optical fiber 1GBe, i need to know if there is any known issue with bridging an LACP LAG with a single port. the LACP LAG is formed with two optical fiber in the extension card and the single port is RJ45 native port.



This thread was automatically locked due to age.
  • 0

    Kamal,

    In order to configure a lag interface you need to add at least 2 physical interfaces to it.

    Regards

  • 0 in reply to lferrara

    Hi lferrara,

    Thank you for the replay, after finishing the project, I want to share with you the tip that is not documented anywhere, also the support wasn't sure.

    As I said, We have XG550 firewall, it come with native card of 8 x 1G ports (RJ45) named A, and we added another card for optical fiber with 8 Ports SFP named B:

    A1-A2-A3-A4        B1-B2-B3-B4

    A5-A6-A7-A8        B5-B6-B7-B8

    After many tests, here is my remark:

    • When creating LACP LAG in the extension card (B), you can chose more than 2 ports, but the LACP negotiation will not work properly, so use only 2 port in the same LAG
    • When selecting ports, you can't use ports freely, you have to respect this combinations: B1-B5 ,B2-B6, B3-B7 and B4-B8 (I suppose that the extension card is B in my example), If you create a LAG for example using B1 with B2 it will pass the LACP negotiation successfully, but the traffic will not pass through the LAG (I think is a bug related with the hardware)
    • This limitations are related only to the Optical Fiber extension card, with RJ45 we have not this limitations.
    • For the question that I posted about the possibility to create a Bridge using LACP LAG with RJ45 single Port, is YES, We did it and it work without any problem, For those who will ask the question "why we need to make a bridge between LAG of 2 optical fiber ports and a single RJ45 port ?" I did it because we have two Datacenter with the same subnet and in different site, the remote one is the replication Datacenter and the costumer want to inspect traffic between them event if its a level 2 network.

     

  • 0 in reply to KamalFIKRI

    [Y]

    Thanks for sharing such an experience. More feedback like yours should be shared here. This will help, for sure, a lot of people.

    I am sure the LAG combination is a bug. Open a ticket with Support.

    , can you take a look at what is writing here?

    Thanks

  • 0 in reply to KamalFIKRI
    Hi Kamal,
     
    Prerequisites for LACP (802.3ad) mode
     
    • For LACP to be functional, it must be enabled at both ends of the link.
    • All the member interfaces (ports) in the LAG must be of the same type and have the same interface speed.
    • All the links must be full-duplex.
     
    Limitations
     
    • Only unbound static physical interfaces can be members of the LAG.
    • PPPoE, 3G, 4G, Cellular WAN, WLAN and Transport mode are not supported in LAG.
    • A maximum of 4 ports can be configured on a single LAG interface.
     
    These points should be taken care before implementing a LAG. There is no limitation of using a particular combination of ports as you mentioned, known to me! If you are facing the issue I would recommend you to get it checked by the support and dev team.
     
    Thanks