2

If we were to connect two switches together using LACP (with 2 X 1Gbe ports on each side), does this mean that the max speed that a single MAC address will ever reach is 1Gb?

So for example, if a single MAC address decided to "abuse" the link (e.g. DoS attack) and saturate their connection, does this mean that their traffic will only ever flow down a single link, leaving the other MACs free to travel down the other?

Thanks

jtnire
  • 817
  • 2
  • 8
  • 16

1 Answers1

3

Yes, and no.

In the "usual" modes for LACP aggregation, which link a particular packet will flow down is determined entirely by either the source or dest MAC (or both, if hashed). So you are correct in saying that the most traffic that a single MAC address (or src+dest pair) can do is the speed of a single one of your links.

However, if a link is congested, traffic that would have used that link otherwise will still use it. This means that any other traffic that hashes out to use that link will also be caught in the congestion. This can cause some really weird diagnostic problems, where one person's pinging away happily (because they're on a MAC that gets sent down the empty link) while their colleague is getting poor RTTs and dropped packets. Fun for the whole NOC.

womble
  • 96,255
  • 29
  • 175
  • 230
  • Thanks for your answer. Given that the LACP link would be between a router and the servers (i.e. the SRC/DEST pair would never change), would this mean the MACs be permanently bound to a particular link? – jtnire Mar 29 '12 at 12:21
  • Until that link would loose connectivity, yes. Take a look at 'flow control', multicast and broadcast storm control - common options in todays switches. – 3molo Mar 29 '12 at 12:22
  • Hmm, then maybe LACP isn't a good solution to my problem at all then? – jtnire Mar 29 '12 at 12:25
  • 1
    It depends on the exact LACP algorithm each end uses. Layer 3 devices typically use IP addresses in their hash rather than, or in addition to, MAC addreses. (For precisely this reason.) For example, Linux's LACP driver uses the last two octets of the source and destination IP addresses in addition to the MAC addresses. – David Schwartz Mar 29 '12 at 12:26