Understanding and collecting evidence: How the dynamic negotiation mechanism of Ethernet channels works
Understanding and collecting evidence: How the dynamic negotiation mechanism of Ethernet channels works
Obtained from the trial version of Cisco CCNP exchange technical explanation and experiment Guide
3.1 understanding the theory of Ethernet Channels
3.1.1 reasons for proposing the Ethernet channel, role and functions of the Ethernet Channel
3.1.2 establishing Ethernet channels (static, PagP, LACP)
3.1.3 understanding and collecting evidence: Working Principle of dynamic negotiation mechanism of Ethernet Channel
3.1 understanding the theory of Ethernet Channels
This section describes the reasons why Cisco proposed the Ethernet channel, the role and functions of the Ethernet channel, the characteristics of the Ethernet channel, and the methods for establishing the Ethernet channel (static, PagP, LACP), as well as the negotiation modes of PagP and LACP, understanding and collecting evidence of the working principles of the dynamic negotiation mechanism of the Ethernet channel.
3.1.1 why Cisco proposed the Ethernet channel, role and functions of the Ethernet Channel
When link aggregation occurs in the exchange network, there may be N access links that need to be aggregated into one link and connected to the aggregation layer switch. In this case, network congestion may occur, at this time, we may think of two solutions: Case 1 constantly increases the bandwidth of the S2. obviously, this solution is not scalable; solution 2 adds a dotted line between S1 and S2. It seems that solution 2 has higher scalability than solution 1, but do not forget that when more new links are added between S2 and S1, the S1 and S2 switches form a ring, and the Spanning Tree STP runs. Redundant link ports are blocked between S1 and S2, at the same time, there is only one link for data forwarding. In fact, this is the challenge faced by multiple links. However, the Ethernet channel can solve this problem. So what is an Ethernet channel.
EtherChannel ):
In short, the Ethernet channel is to bind multiple physical links between switches into a logical channel ,, to provide more bandwidth, Server Load balancer, and redundancy, while avoiding the problems caused by the spanning tree when multiple physical links of the switch are connected, in this case, multiple physical links between vswitches are processed as one link. For example, the four MB physical links shown in the figure can be considered as one link after the Ethernet channel is implemented, and the bandwidth of the Ethernet channel can reach 8 GB in full duplex mode.
Features of Ethernet channels:
Ü provide more bandwidth.
Ü perform logical aggregation on links with the same attributes.
Ü at this time, the Ethernet channel seems to be a link to avoid tree generation problems.
Ü provides load balancing and redundancy.
Ü supports both Layer 2 and Layer 3.
3.1.2 establishing Ethernet channels (static, PagP, LACP)
There are two ways to implement the Ethernet Channel Technology: static and dynamic. Static means that the Administrator does not rely on any protocol to manually bind multiple physical links to an Ethernet channel; dynamic configuration depends on the dynamic negotiation between the Pagp and LCAP protocols on the switch port to determine whether it is an Ethernet channel. Note that Page (Port Aggregation Protocol) is a Cisco proprietary Protocol for ethereum negotiation. It cannot negotiate with other manufacturers' ethereum channels, while LCAP (LinkAggregation control Protocol) is the industrial standard defined by 802.3ad, so manufacturers support LCAP.
NOTE: If static Ethernet channels are configured, Pagp and LCAP protocols are not required on the port!
The working mode of PagP (Port Aggregation Protocol) negotiation:
On: no protocol is used for negotiation. It is also called non-negotiation mode. The related ports are directly configured as Ethernet channels in static mode.
Desirable: actively hopes to become a channel. If the other party can become a channel, a channel will be formed.
Auto: passively waiting for the other party's requirements. If the other party asks me to form a channel, I will form a channel, but I do not require it.
Off: Disable the Ethernet channel function. You cannot use the Ethernet channel on the port with the off function configured.
The diagram of the results produced by different combinations of modes when Pagp is used to complete Ethernet channel negotiation is described above. It is worth noting that if both sides are Auto, the channel will never be formed; the combination of Off and any mode will never form a channel. Then, the combination of Auto and on cannot form an energy channel, because Auto is passive and On can become a channel, however, static channels do not generate any negotiation data frames in the On mode. If you know this part, it is also the result of the three combinations described above.
About the working mode of LCAP (Link Aggregation control Protocol) negotiation:
On: no protocol is used for negotiation. It is also called non-negotiation mode. The related ports are directly configured as Ethernet channels in static mode.
Active: actively seek to become a channel. If the other party can become a channel, a channel will be formed. Equivalent to the Desirable of PagP Protocol
Passive: passively waiting for the other party's request. If the other party asks me to form a channel, I will form a channel, but I do not require it. It is equivalent to the Auto of the PagP protocol.
Off: Disable the Ethernet channel function. You cannot use the Ethernet channel on the port with the off function configured.
Configure the negotiation mode of the Ethernet channel on the Port:
You can select a specific negotiation mode by executing the channel-group 1 mode command on a physical interface that needs to be added to the Ethernet channel. Note that Cisco does not set any protocol (PagP or LACP) as the default negotiation protocol here, so does the port use PagP or LACP? This is entirely determined by the parameters that the user follows after the channel-group 1 mode. To put it simply, if you keep up with active or passive, LACP is used for this interface; on the contrary, if you keep up with desirable or auto, the interface uses PagP. If you keep up with on, this interface does not use any dynamic negotiation.
Of course, you can use the channel-protocol command to declare whether LACP or PagP is used, but note the following: if the user is following the channel-group1 mode with the LACP parameter (active or passive), but uses PagP in the channel-protocol declarative protocol, which is in conflict with the mode parameter, the system reports that a different protocol has been used for this interface ,.
Tip: in fact, if you use the Ethernet channel technology, static configuration of the Ethernet channel is the first choice. For dynamic negotiation, LCAP is generally used. If you want to use the Pagp protocol, unless your work environment is a "clear color" Cisco System! Therefore, in the CCNP stage, we need to further collect evidence about the LCAP dynamic negotiation process. Why does it perform dynamic negotiation and how it completes dynamic negotiation, what is the critical working status.
3.1.3 understanding and collecting evidence: Working Principle of dynamic negotiation mechanism of Ethernet Channel
In the forensics environment, the current S1 and S2 use LACP to dynamically complete Ethernet channel negotiation. S1 is in Active mode and S2 is in Passive mode, the author describes the LACP's working process step by step. In this process, we need to understand the Actor state (behavior state machine) of LACP, including Activity (active state) aggregation, synchronization, collecting, and Distributing ). Each process is as follows:
Step 1: S1 sends the negotiated data frame of the LCAP data frame. For details, see LACP Activity (active State): Yes (1) in the data frame ), it indicates that S1 is being configured as the Active mode of LACP. At the same time, Aggregation (Aggregation capability status) = 1 indicates that this port is an aggregated port, if this field is set to 0, the port is an independent port that does not have the aggregation capability. Currently, S2 is completely silent, so all status bit fields are 0.
Evidence collection for "silent" behaviors in Passive mode:
The current S2 is in Passive mode. Note that when S2 does not receive the LACP negotiation data frame sent from S1, S2 will not send any LACP-related data frame, because when S2 is in Passive mode, its Activity state will always be 0. However, once S2 receives the LACP data frame sent from S1, S2 will end the silent State and turn to the negotiation process. If you want to obtain evidence to the silent State of S2, configure S2 as Passive before performing LACP Ethernet channel negotiation, then, if the protocol analyzer is used to collect evidence of the port S2 before S1 is configured as Activity, the silent behavior of S2 will be discovered. S2 will not send any data frame about LACP, until S1 is configured as Activity. When S1 is configured as the Activity model, S1 actively sends LACP data frames, but when S2 does not respond, the LACP data frame of S1 is set to short timeout.
Step 2: When S2 interfaces are started and configured in Passive mode, when S2 receives the data frame sent from S1, it immediately ends the silence and switches to the LACP negotiation process, it (S2) responds to S1. S2 sets Aggregation (Aggregation capability status) to 1 in the LACP message, indicating that the port is an aggregated port and enters synchronization (synchronization status) = 1, indicating that the port has been successfully allocated to the aggregation group (logical expression of Channel Interface), if synchronization (synchronization status) = 0 indicates that the port cannot be selected as the correct aggregation group.
Step 3: S1 sends LACP data frames with Activity = 1, Aggregation = 1, synchronization = 1, collecting = 1, and Distributing = 1 ,, at this stage, we mainly focus on collecting = 1 and Distributing = 1. It indicates that the port added to the Ethernet channel can successfully receive packets and send packets. collecting = 1 indicates that packets can be collected successfully, if the value is 0, the packet fails to be collected. If the value is Distributing = 1, the packet can be successfully sent. If the value is 0, the packet fails to be sent.
Note: the key to the success or failure of an Ethernet channel negotiation lies in the location of four fields: Aggregation, synchronization, collecting, and Distributing. In this process, the channel can be successfully negotiated, make sure that the four key fields at one end (for example, S1) are set to 1, and that the four key fields at the other end must also be 1 row, this is very important for the troubleshooting of Ethernet channels, because the protocol data frame never "lie "!
Step 4: The ethereum channel negotiated by LACP will succeed only after the four fields Aggregation, synchronization, collecting, and Distributing are set to 1 are sent to S2 as described above, so at this time, S2 will send a data frame with four key fields. From this data frame, we can see that the four key fields of S1 and S2 are both set to 1, this means that the Ethernet channel negotiation is successful and related interfaces have been added to the channel. In the S2 data frame, you can also see the LACP status of the neighboring S1, however, note that at any time, the activity field of S2 is always 0 because it is in passvie mode. In contrast, the activity field of S2 is always 1 because it is in active mode.