pfSense LAGG-LACP with HP VC FlexFabric Switch

trexman

Hi,
we are planning to move our physical pfSense into a bay of a HP BladeSystem c7000 Enclosure.
Because of the setup with the Virtual Connect switches we have to use LACP for the network to have full redundancy in the BladeSystem.
The HP BladeSystem is in productive use and other ESX and Debian Server in the Bays are running fine with LACP.

But with the PFSense Server I have problems using LAGG with LACP. The Interface it getting no IP address and also no connection to the network. We checked and tried different setting for e.g. VLANs without success.

If we use Failover instead of LACP for the LAGG Interface, than we get a network connect. But this is not our preferred goal.

We activated the LACP debugging and got theses messages here:

Mar 28 09:58:17 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:58:24 test-pfsense kernel: oce1: lacpdu transmit
Mar 28 09:58:24 test-pfsense kernel: actor=(8000,9C-B6-54-99-37-60,0132,8000,0002)
Mar 28 09:58:24 test-pfsense kernel: actor.state=47<ACTIVITY,TIMEOUT,AGGREGATION,DEFAULTED>
Mar 28 09:58:24 test-pfsense kernel: partner=(FFFF,00-00-00-00-00-00,0000,FFFF,0000)
Mar 28 09:58:24 test-pfsense kernel: partner.state=0
Mar 28 09:58:24 test-pfsense kernel: maxdelay=0
Mar 28 09:58:24 test-pfsense kernel: oce0: lacpdu transmit
Mar 28 09:58:24 test-pfsense kernel: actor=(8000,9C-B6-54-99-37-60,0132,8000,0001)
Mar 28 09:58:24 test-pfsense kernel: actor.state=47<ACTIVITY,TIMEOUT,AGGREGATION,DEFAULTED>
Mar 28 09:58:24 test-pfsense kernel: partner=(FFFF,00-00-00-00-00-00,0000,FFFF,0000)
Mar 28 09:58:24 test-pfsense kernel: partner.state=0
Mar 28 09:58:24 test-pfsense kernel: maxdelay=0
Mar 28 09:58:42 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:58:44 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:58:45 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:58:47 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:58:50 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:58:55 test-pfsense kernel: oce1: lacpdu transmit
Mar 28 09:58:55 test-pfsense kernel: actor=(8000,9C-B6-54-99-37-60,0132,8000,0002)
Mar 28 09:58:55 test-pfsense kernel: actor.state=47<ACTIVITY,TIMEOUT,AGGREGATION,DEFAULTED>
Mar 28 09:58:55 test-pfsense kernel: partner=(FFFF,00-00-00-00-00-00,0000,FFFF,0000)
Mar 28 09:58:55 test-pfsense kernel: partner.state=0
Mar 28 09:58:55 test-pfsense kernel: maxdelay=0
Mar 28 09:58:55 test-pfsense kernel: oce0: lacpdu transmit
Mar 28 09:58:55 test-pfsense kernel: actor=(8000,9C-B6-54-99-37-60,0132,8000,0001)
Mar 28 09:58:55 test-pfsense kernel: actor.state=47<ACTIVITY,TIMEOUT,AGGREGATION,DEFAULTED>
Mar 28 09:58:55 test-pfsense kernel: partner=(FFFF,00-00-00-00-00-00,0000,FFFF,0000)
Mar 28 09:58:55 test-pfsense kernel: partner.state=0
Mar 28 09:58:55 test-pfsense kernel: maxdelay=0
Mar 28 09:58:55 test-pfsense kernel: lacp_select_tx_port: no active aggregator
Mar 28 09:59:02 test-pfsense kernel: lacp_select_tx_port: no active aggregator

Any ideas about this?

Thanks

Update:
I booted a Debian Live CD on the Server Bay were pfSense is installed and there was no problems with the network connection via LACP. So the hardware and switch settings are OK.

stephenw10

Timeouts might be a fast/slow mismatch.

Can you see any debug info from the switch stack?

Havanna

@trexman said in pfSense LAGG-LACP with HP VC FlexFabric Switch:

Hi, color tunnel
we are planning to move our physical pfSense into a bay of a HP BladeSystem c7000 Enclosure.
Because of the setup with the Virtual Connect switches we have to use LACP for the network to have full redundancy in the BladeSystem.
The HP BladeSystem is in productive use and other ESX and Debian Server in the Bays are running fine with LACP.
But with the PFSense Server I have problems using LAGG with LACP. The Interface it getting no IP address and also no connection to the network. We checked and tried different setting for e.g. VLANs without success.
If we use Failover instead of LACP for the LAGG Interface, than we get a network connect. But this is not our preferred goal.
We activated the LACP debugging and got theses messages here:

You can try:
#####delete the default configuration of the 2 ports xe-0/0/0 and xe-0/0/1- if left, do not config dc lacp####

delete interfaces xe-0/0/0 unit 0

delete interfaces xe-0/0/1 unit 0

#######config lacp#######

set chassis aggregated-devices ethernet device-count 1 ## indicates the port channel number on the QFX

set interfaces xe-00/0 gigether-options 802.3ad ae1

set interfaces xe-0/0/1 gigether-options 802.3ad ae1

########Put interface lacp ae1 into trunk mode, allow vlan 100#########

set interfaces ae1 aggregated-ether-options lacp active

set interfaces ae1 aggregated-ether-options lacp periodic fast ## Helps LACP initiate remote handshakes faster

set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk

set interfaces ae1 unit 0 family ethernet-switching vlan members 100

######## Put xe-00/02 interface into vlan access mode 100#########

set interfaces xe-0/0/2 unit 0 family ethernet-switching vlan members 100

commit

trexman

Thanks for all feedbacks!

@stephenw10 said in pfSense LAGG-LACP with HP VC FlexFabric Switch:

Timeouts might be a fast/slow mismatch.

Can you see any debug info from the switch stack?

Changing of the Timeout did not help. I tried it on both side so that every side had the same setting.
We are looking for the debug log, so far there are not many info's in the log.

@havanna said in pfSense LAGG-LACP with HP VC FlexFabric Switch:

You can try:
...

Hmm non of the command are working.
We are using the HPE Virtual Connect Management CLI v4.85

Are you commands for this type of switch? I look around and could not find any similar commands. We configured everything on the WEBgui.