Задача:
Нужно настроить LAG с LACP из 2-х портов с сабинтерфейсами, терминирующими VLAN ID 100/120, а также проверить что LAG поднялся и работает:
Решение:
FG300D # show system interface DMZ
config system interface
edit "DMZ"
set vdom "root"
set type aggregate
set member "port3" "port4"
set role dmz
set snmp-index 16
next
end
FG300D # show system interface DMZ_VLAN100
config system interface
edit "DMZ_VLAN100"
set vdom "root"
set ip 172.30.100.1 255.255.255.0
set allowaccess ping
set role dmz
set snmp-index 18
set interface "DMZ"
set vlanid 100
next
end
FG300D # show system interface DMZ_VLAN120
config system interface
edit "DMZ_VLAN120"
set vdom "root"
set ip 172.30.120.1 255.255.255.0
set allowaccess ping
set role dmz
set snmp-index 19
set interface "DMZ"
set vlanid 120
next
end
и проверка:
FG300D-Pri-0355 # diag netlink aggregate name DMZ
LACP flags: (A|P)(S|F)(A|I)(I|O)(E|D)(E|D)
(A|P) - LACP mode is Active or Passive
(S|F) - LACP speed is Slow or Fast
(A|I) - Aggregatable or Individual
(I|O) - Port In sync or Out of sync
(E|D) - Frame collection is Enabled or Disabled
(E|D) - Frame distribution is Enabled or Disabled
status: up
npu: y
flush: n
asic helper: y
oid: 133
ports: 2
link-up-delay: 50ms
min-links: 1
ha: master
distribution algorithm: L4
LACP mode: active
LACP speed: slow
LACP HA: enable
aggregator ID: 2
actor key: 17
actor MAC address: 90:6c:ac:f5:86:4e
partner key: 32768
partner MAC address: 00:11:88:f2:95:c0
slave: port3
link status: up
link failure count: 2
permanent MAC addr: 90:6c:ac:f5:86:4e
LACP state: established
actor state: ASAIEE
actor port number/key/priority: 1 17 255
partner state: ASAIEE
partner port number/key/priority: 1 32768 32768
partner system: 34817 00:11:88:f2:95:c0
aggregator ID: 2
speed/duplex: 1000 1
RX state: CURRENT 6
MUX state: COLLECTING_DISTRIBUTING 4
slave: port4
link status: up
link failure count: 1
permanent MAC addr: 90:6c:ac:f5:86:4f
LACP state: established
actor state: ASAIEE
actor port number/key/priority: 2 17 255
partner state: ASAIEE
partner port number/key/priority: 53 32768 32768
partner system: 34817 00:11:88:f2:95:c0
aggregator ID: 2
speed/duplex: 1000 1
RX state: CURRENT 6
MUX state: COLLECTING_DISTRIBUTING 4
и проверяем сетевое взаимодействие поверх LAG c хостами из VLAN100,120:
FG300D # execute ping 172.30.100.254
PING 172.30.100.254 (172.30.100.254): 56 data bytes
64 bytes from 172.30.100.254: icmp_seq=0 ttl=64 time=7.3 ms
64 bytes from 172.30.100.254: icmp_seq=1 ttl=64 time=3.8 ms
64 bytes from 172.30.100.254: icmp_seq=2 ttl=64 time=4.0 ms
64 bytes from 172.30.100.254: icmp_seq=3 ttl=64 time=3.7 ms
64 bytes from 172.30.100.254: icmp_seq=4 ttl=64 time=3.7 ms
--- 172.30.100.254 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 3.7/4.5/7.3 ms
FG300D # execute ping 172.30.120.254
PING 172.30.120.254 (172.30.120.254): 56 data bytes
64 bytes from 172.30.120.254: icmp_seq=0 ttl=64 time=5.2 ms
64 bytes from 172.30.120.254: icmp_seq=1 ttl=64 time=3.7 ms
64 bytes from 172.30.120.254: icmp_seq=2 ttl=64 time=3.7 ms
64 bytes from 172.30.120.254: icmp_seq=3 ttl=64 time=3.7 ms
64 bytes from 172.30.120.254: icmp_seq=4 ttl=64 time=3.7 ms
--- 172.30.120.254 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 3.7/4.0/5.2 ms
Комментариев нет:
Отправить комментарий