[HELP]Port Channeling

  • Hello,

    I have 2 ISP and from one of them i got 2 connections: first for Metro and second for International. My provider told me to make port channeling in order to work the metro and international.
    How can i do that ? I tried with LAGGs but don't allow me to add only one interface.

    What im doing wrong ? or how can i do it right ?

  • To add interface ports to a LAGG they must not be assigned to any interface in "Interfaces > Interface Assignments".

  • I have made like this:

    em0 = ISP METRO
    em2 = LAGG

    I assigned em0 and em1 to em2 (LAGG) as RoundRobin.  Now from em2 i need to go with cable in switch ?
    Is this correct configuration ?

    PS: I need to change some configurations in BGP ?

  • As I understand your first post, you have 3 WAN links:

    • ISP1

    • ISP2 Metro

    • ISP2 International

    Isn't it like that?

    And ISP2 told you to combine the 2 lines in a port channeling aggregation?

    So your box need at least 4 network ports. 3 for the ISPs and one for the internal network. This may look like this:

    • em0 = ISP1

    • em1 = ISP2 Metro

    • em2 = ISP2 International

    • em3 = LAN

    Where you may assign an interface to em0 and em3, creat a LAGG using em1 and em2 and then assign an interface to the LAGG.

    I not really familiar with port channeling, but as I know it's a Cisco solution of link aggregation. So this should be done with LAGG - FEC in pfSense, I think.

  • I have this interfaces:

    bce0 = Main ISP(another provider)
    bce1 = LAN
    em0 = ISP METRO
    em2 = LAGG

    The bce's interface i wanna let them like it is.

    Yes the ISP2 told me to combine the 2 lines in port channeling.

  • What is LAGG here. em2? What is connected to em2?

    LAGG doesn't make any sense till it has not at least two member ports.

    So in your case, as already told you above, delete the assignings of em0 and em1. Add a LAGG - FEC and select that two interfaces to be used by the LAGG. Then go back to Interface > assign, select the LAGG at available network ports and add a new interface. Then open the setting of the newly added interface, enable it and configure it.

  • Yes the LAGG is em2 and assigned the em0 and em1.

    I see that FEC is "Supports Cisco EtherChannel. This is a static setup and does not negotiate aggregation with the peer or exchange frames to monitor the link."

    I added the LAGG interface and now i can configure.. but the thing is that i received from my ISP : 2 IP's , 2 BGP Neighbors(each link have their IP and BGP Neighbor … how can i configure them ?

  • LAYER 8 Global Moderator

    So your isp is running these 2 different networks they gave you over the same layer 2?  If they want you to lagg the connections?

    If you have 2 "different" connections.. Why would you lagg them?  Why would you not just create your 2 different interfaces in pfsense?

  • Yes i have 2 different connections from my ISP
    1 is for Metropolitan access - 1Gbps
    1 is for International access - 1Gbps

    They told me to make port channeling in order to work okay.

  • LAYER 8 Global Moderator

    "They told me to make port channeling in order to work okay."

    Well ask them to explain what they mean by that because it makes ZERO sense..

  • They have changed the configuration to only one cable(fiber) but told me to do this:

    That the port need to be trunk and carry the vlan 403 and 404
    Also they have give me 2 BGP configurations for international(vlan 404) and metro(vlan 403)

    How can i do that ?

  • LAYER 8 Global Moderator

    Setup your to vlans on your interface your going to connect to on pfsense and tag them 403 and 404..

    And sure pfsense can run bgp…

    Did you not buy support?  I would suggest you call pfsense for help if you do not understand how to setup a vlan.. How are you involved in this project exactly if you do not understand what a vlan is?


    You cold for sure run your vlans over a lagg or port channel.. Why did you not mention the vlans before? That makes more sense.. Maybe you should contract someone to set this up for you... I would suggest you contact pfsense support, or hire someone local to get you up and running.

Log in to reply