Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    LACP not working - Mikrotik Switch

    Hardware
    3
    4
    340
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Banobano last edited by Banobano

      SOLVED

      The issue was on the Mikrotik side - or my understanding of their implementation (which is not fully documented).

      SwOS needs at least two physical links to form a dynamic link aggregation via LACP. Testing with one interface does not work.

      Initial issue
      Hi together,

      I'm trying to set up an untagged LACP link aggregation with 2 LAN interfaces, connected to my Mikrotik Switch running the SwOS operating system (CRS326). Sadly it doesn't work after spending many hours. Right now, I'm testing with one interface (em0) to have a MGMT fallback (re0).

      My switch is capable to talk LACP passive and active. I set the link to active and the MAC of the pfSense shows up. My switch and the pfSense tell me the link is up and running I guess (pfSense shows me "Link up" in the dashboard), but the pfSense cannot ping clients in the same subnet as the LAGG.

      Configured Interfaces:

      • WAN: Disconnected on purpose
      • LAN: Not working, this is the issue - IP 192.168.1.1 /24, assigned to LAGG0 interface (Only physical interface em0 assigned)
      • OPT1: Working as intended - IP 192.168.0.254 /24, assigned to re0 interface (Mgmt until LAGG is working)

      When I set the interface LAN back to my physical interface em0, the IP is pingable from all clients. It seems to be an issue with the LAGG.

      I'd appreciate your help, please look up following screenshots:

      Switch Config
      Switch Link Status.PNG
      Switch LACP.PNG

      pfSense Config
      FW Dashboard.PNG
      FW LAGG Create.PNG
      FW LAGG Assignement.PNG
      FW Interface LAN.PNG FW Rules LAN.PNG

      Thanks a lot and stay healthy!

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        LACP lagg on em is a common deployment. It well tried and tested. Not so much a single port lagg but that should also work fine. The config you have there in pfSense looks fine.
        I would be looking at the switch end. The one screenshot of that I see looks odd. What is that we are looking at where re0 is set as 'passive'?

        Steve

        1 Reply Last reply Reply Quote 0
        • B
          Banobano last edited by

          SOLVED

          The issue was on the Mikrotik side - or my understanding of their implementation.

          SwOS needs at least two physical links to form a dynamic link aggregation via LACP. Testing with one interface does not work.

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by

            That's broken, but it's Mikrotik. What happens if you get the LACP up but go down to one link?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy