3

I've got a Debian Jessie server with two Intel i350 onboard 1Gbps NICs which I would like to bridge using 802.3ad protocol to my HP 1920G 48port managed switch.

Here is the kernel I'm running

~ % uname -a
Linux ltsp 4.9.0-0.bpo.3-amd64 #1 SMP Debian 4.9.30-2+deb9u5~bpo8+1 (2017-09-28) x86_64 GNU/Linux

I've setup the switch's LACP ports 3 & 4 for the 802.3ad, but when I try to connect my bonded network it complains that 'The ports configuration is improper for being attached'. HP 1920 LACP config

In my /etc/modules I have

# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.

loop
vhost_net
bonding

I've installed ifenslave

sudo apt install ifenslave-2.6

Here is the /etc/network/interfaces file

auto lo
iface lo inet loopback

# bond0 is the bonding NIC and can be used like any other normal NIC.
# bond0 is configured using static network information.
auto bond0
iface bond0 inet static
    address 192.168.200.5
    gateway 192.168.200.1
    netmask 255.255.255.0
    dns-nameservers 8.8.8.8
    dns-search lan
    # Use IEEE 802.3ad LACP bonding protocol
    bond-mode 4
    bond-miimon 100
    bond-slaves none

#eth2 is manually configured, and slave to the “bond0” bonded NIC
allow_hotplug eth2
auto eth2
iface eth2 inet manual
      bond-master bond0
      bond-primary eth2

#eth3 ditto, thus creating a 2-link bond.
allow_hotplug eth3
auto eth3
iface eth3 inet manual
      bond-master bond0

Which gives the output

~ % cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable

Slave Interface: eth2
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:25:90:e6:e9:67
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: churned
Actor Churned Count: 0
Partner Churned Count: 1

Slave Interface: eth3
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:25:90:e6:e9:66
Slave queue ID: 0
Aggregator ID: 2
Actor Churn State: churned
Partner Churn State: churned
Actor Churned Count: 1
Partner Churned Count: 1

This doesn't work. I cannot ping this machine on 192.168.200.5. What am I missing here?

Update 23/08/2018

Tried setting bonding attributes in the modules file.

Edit /etc/modules

bonding mode=4 miimon=100 lacp_rate=1

Update 28/08/2018: more info from HP switch

display current-configuration in the HP command line gives me this output;

<HP 1920G Switch>display current-configuration
#
 version 5.20.99, Release 1106
#
 sysname HP 1920G Switch
#
 undo voice vlan mac-address 0003-6b00-0000
 undo voice vlan mac-address 00e0-7500-0000
 voice vlan mac-address 0004-1300-0000 mask ffff-ff00-0000 description SNOM phone
 voice vlan mac-address 0004-f200-0000 mask ffff-ff00-0000 description PolycomVVX phone
 undo voice vlan security enable
#
 domain default enable system
#
 ipv6
#
 telnet server enable
#
 lldp compliance cdp
#
 password-recovery enable
#
vlan 1
 description Data
#               
vlan 300
 description Voice_Polycom
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
 group-attribute allow-guest
#
local-user admin
 password cipher <snip>
 authorization-attribute level 3
 service-type ssh telnet terminal
 service-type web
#
 stp mode rstp
 stp enable
#
interface Bridge-Aggregation1
 link-aggregation mode dynamic
#
interface NULL0
#
interface Vlan-interface1
 ip address dhcp-alloc
#
#
interface GigabitEthernet1/0/1
 description firewall
 port link-type trunk
 port trunk permit vlan 1 300
 port auto-power-down
 poe enable
 stp edged-port enable
#
interface GigabitEthernet1/0/2
 description LTSP
 port auto-power-down
 poe enable
 stp edged-port enable
#
interface GigabitEthernet1/0/3
 description Workstation_Phone_Prn_Scan
 port link-type trunk
 port trunk permit vlan 1
 port auto-power-down
 poe enable
 stp edged-port enable
 lldp compliance admin-status cdp txrx
 port link-aggregation group 1
#
interface GigabitEthernet1/0/4
 description Workstation_Phone_Prn_Scan
 port link-type trunk
 port trunk permit vlan 1
 port auto-power-down
 poe enable
 stp edged-port enable
 lldp compliance admin-status cdp txrx
 port link-aggregation group 1
#
interface GigabitEthernet1/0/5
 description Workstation_Phone_Prn_Scan
 port link-type trunk
 port trunk permit vlan 1
 voice vlan 300 enable
 port auto-power-down
 poe enable
 stp edged-port enable
 lldp compliance admin-status cdp txrx

GigabitEthernet1/0/3 & GigabitEthernet1/0/4 are the ports I'm trying to bond. You can see that they are part of the link-aggregation group.

Update: Looking at the logfile

To check the logfile I had to do this through the web backend 'device -> syslog' and after restarting the network on my test bonding machine I got these four lines;

Aug 28 10:59:06:287 2018    IFNET   Error   LINK_UPDOWN GigabitEthernet1/0/4 link status is UP.
Aug 28 10:58:56:005 2018    IFNET   Error   LINK_UPDOWN GigabitEthernet1/0/3 link status is UP.
Aug 28 10:58:43:066 2018    IFNET   Error   LINK_UPDOWN GigabitEthernet1/0/3 link status is DOWN.
Aug 28 10:58:33:338 2018    IFNET   Error   LINK_UPDOWN GigabitEthernet1/0/4 link status is DOWN.
map7
  • 59
  • 1
  • 2
  • 15
  • Looks similar to https://serverfault.com/questions/795797/debian-lacp-bond-eth0-churning-state but unfortunately no answer there either. Could you check the HP switch for the column "partner state". It says ACG and ACGH. What do these characters mean? – Tommiie Aug 23 '18 at 08:43
  • It means A=LACP is enabled, C=system considers the link is aggregatable and G=system receives frames in default state. H=frames in expired state. https://www.manualslib.com/manual/913942/Hp-1920-Gigabit-Ethernet-Switch-Series.html?page=226 – map7 Aug 26 '18 at 23:25
  • Checking the link right now and neither have the 'H', they are both ACG – map7 Aug 26 '18 at 23:27
  • Can you collect logging on either device? What about CLI access on the switch to get some more information with "show" commands? – Tommiie Aug 27 '18 at 08:19
  • In the LAG creation, the LACP is dynamic or static ? I guess dynamic in your case, but I had difficulty to link a HP switch to an ESX in dynamic, in static it worked. – yagmoth555 Aug 28 '18 at 00:50
  • I tried setting up the LAG as static but now it doesn't show in LACP and if I restart my network it still says it's improperly configured with in the Link Aggregation settings screen. – map7 Aug 28 '18 at 01:16
  • Tom, I cannot see a 'show' command anywhere. – map7 Aug 28 '18 at 01:22
  • 1
    @map7, long time since I worked on HP switches, but try adding `port link-type trunk` and `port trunk permit vlan 1` to *interface Bridge-Aggregation1*. Right now it looks like your ports are set to be trunks, but your lag interface is not. – YLearn Aug 29 '18 at 06:49
  • @YLearn, Can this be done through the web interface or must it be through the command line? – map7 Aug 29 '18 at 22:23
  • @YLearn, I managed to add those lines you suggested and it worked. But I notice now that if I do a speed test from two machines with similar MAC addresses (ie: the first 6 characters are the same) then it doesn't get the speed benefit. – map7 Aug 30 '18 at 01:24
  • @map7, as for the speed issue, you may need/want to adjust the trunk (HP term for link aggregation - not to be confused with trunks from Cisco) load balancing. Traffic on link aggregated links use a hash to determine which link the traffic uses and depending on your needs, you may need to adjust what information is used to calculate this hash. The options available to you will vary by platform (and sometimes code version), so check the documentation. – YLearn Aug 30 '18 at 03:00
  • @YLearn Doesn't look like the HP 1920 has this ability could this be the case? – map7 Aug 30 '18 at 23:13
  • @map7, it is certainly possible and a quick check of the documentation I could find doesn't show any. You could always check if there is updated software that may add some options and/or poke around in the configuration for poorly documented/undocumented options. – YLearn Aug 31 '18 at 04:26

1 Answers1

2

Your individual interfaces and the Bridge-Aggregation1 interface have configuration that differ from each other enough to prevent them from becoming part of the link aggregation. Your configuration should look something like the following:

interface Bridge-Aggregation1
 port link-type trunk
 port trunk permit vlan 1
 link-aggregation mode dynamic
YLearn
  • 1,247
  • 7
  • 17