Helpful ReplyHot!LACP to Unifi

Author
Philippe ASTIER
Bronze Member
  • Total Posts : 25
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/04/03 10:32:00
  • Location: France
  • Status: offline
2020/06/26 08:00:46 (permalink)
0

LACP to Unifi

Hi all,
 
I've been running a Fortigate 61E in LAG mode (ie: static) on an Edgeswitch for some months now and it has worked well. I never managed to make it work in LACP.
 
Now I'm moving to a Unifi Switch, which only supports LACP, and ... they don't negotiate. Wether I use passive or active, they just won't talk to each other.
 
Any clue ?
#1
brycemd
Silver Member
  • Total Posts : 89
  • Scores: 4
  • Reward points: 0
  • Joined: 2016/12/03 11:24:30
  • Status: offline
Re: LACP to Unifi 2020/06/26 08:12:22 (permalink)
0
What firmware are you on? I remember there was a bug when they introduced LAGs on the lower models that LACP didn't work properly. Pretty sure it was fixed in 6.2.3, but I haven't tested it.
#2
Philippe ASTIER
Bronze Member
  • Total Posts : 25
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/04/03 10:32:00
  • Location: France
  • Status: offline
Re: LACP to Unifi 2020/06/26 08:13:55 (permalink)
0
Yes, I can remember that (which is most certainly why I went to static on my Edgeswitch). I'm running 6.4.1.
#3
ede_pfau
Expert Member
  • Total Posts : 6340
  • Scores: 533
  • Reward points: 0
  • Joined: 2004/03/09 01:20:18
  • Location: Heidelberg, Germany
  • Status: offline
Re: LACP to Unifi 2020/06/26 08:46:50 (permalink)
0
I think it wasn't a bug but ... a missing feature. LACP on desktop models used to be unsupported.
Do you have any debug info on the LACP negos ('diag netlink aggregate name <nameOfTrunk>')?
 
Debugging is documented in the KB: http://kb.fortinet.com/kb/viewContent.do?externalId=FD30542
 

Ede

" Kernel panic: Aiee, killing interrupt handler!"
#4
Philippe ASTIER
Bronze Member
  • Total Posts : 25
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/04/03 10:32:00
  • Location: France
  • Status: offline
Re: LACP to Unifi 2020/06/26 08:49:24 (permalink)
0
Maybe but it has been supported for some months now. I will try to debug. Thanks for pointing to the doc.
(only issue is that this is on my internal side, so I'm currently forced to debug through serial console).
 
Let me look deeper.
#5
brycemd
Silver Member
  • Total Posts : 89
  • Scores: 4
  • Reward points: 0
  • Joined: 2016/12/03 11:24:30
  • Status: offline
Re: LACP to Unifi 2020/06/26 08:51:56 (permalink) ☄ Helpfulby Philippe ASTIER 2020/06/26 08:57:48
0
Pretty sure it was a bug when LAGs were introduced to sub 100 models in 6.2.1. Static LAGs worked but it wouldn't do LACP.
 
The fix may not have made it into 6.4.x
 
According to bug fixes in 6.2.3 they fixed:
 
Aggregate link does not work for LACP mode active for FG-60E internal ports but works for wan1 and wan2 combination.
#6
Philippe ASTIER
Bronze Member
  • Total Posts : 25
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/04/03 10:32:00
  • Location: France
  • Status: offline
Re: LACP to Unifi 2020/06/26 09:34:43 (permalink)
0
ok... I did a few tests.
 
They exchange LACPDU and stay in "negotiating". I have tried active, passive, slow, fast, ha-slave enabled or disabled, they keep "negotiating". I'm not a 802.3ad expert, but that sounds wrong. Any output that could provide you with more information ?
 
#7
ede_pfau
Expert Member
  • Total Posts : 6340
  • Scores: 533
  • Reward points: 0
  • Joined: 2004/03/09 01:20:18
  • Location: Heidelberg, Germany
  • Status: offline
Re: LACP to Unifi 2020/06/27 09:10:36 (permalink)
0
This is the moment when you have to collect data on the switch side.
"fast" and "slow" is about the exchange rate of BPDUs, so that's not important.
LACP mode either is "active" (FGT negotiating) or "passive" (awaiting negos). Allowed:
act-act
pas-act
act-pas
 
Static is (AFAIR) Cisco legacy mode bonding.

Ede

" Kernel panic: Aiee, killing interrupt handler!"
#8
Philippe ASTIER
Bronze Member
  • Total Posts : 25
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/04/03 10:32:00
  • Location: France
  • Status: offline
Re: LACP to Unifi 2020/06/29 13:00:43 (permalink)
0
Thanks for your help, I opened a support ticket with Fortinet.
#9
Jump to:
© 2020 APG vNext Commercial Version 5.5