This article explains the concept of the link aggregation protocol in the world of networking and its benefits.
Link aggregation refers to the numerous methods of combining multiple network connections in parallel, in order to increase throughput beyond what a single connection could sustain, and to provide redundancy in case one of the links should fail. In order to understand the concept better, it is suggested that the reader be familiar with the basics of HTTP computer networking, which includes knowledge of the TCP/IP stack and of interconnecting devices like switches, routers or firewalls.
In Figure 1, two layer 3 switches are connected via a single 100Mbps link. If the link fails, communication between all hosts is lost. One solution to this problem is the creation of redundant links between switches. But we know that in case multiple links connect switches, a loop is formed. So we need to enable the spanning tree protocol (STP) to overcome this issue. Spanning tree will define a link fault-tolerant design. But what if the bandwidth of 100Mbps is not able to handle the network load and we need to increase it? Replacing 100Mbps with 1Gbps may increase bandwidth. But all the devices will then need to be upgraded, which can be a costly affair.
The solution is to logically bundle multiple links to make them work as one single logical link, with an aggregated bandwidth of all links. For example, five such 100Mbps links can become a single 500Mbps link. This protocol is referred to as the link aggregation protocol. Each bundle of links is referred to as a link aggregated group (LAG). There can be one or more LAGs between switches of firewalls.
This method is described by many other terminologies like trunking, bonding or teaming. It encompasses all vendor-dependent proprietary solutions as well as standard solutions like LACP, etc. There can be many links between two devices, with or without LAG.
Link aggregation control protocol
The IEEE 802.3 working group has established a standard protocol for interoperable link bundling. Called the link aggregation control protocol or LACP (IEEE 802.3ad or 802.1ax), it provides dynamic configuration with auto negotiation of link bundling by sending LACP packets to peers. The maximum number of ports for bundling is eight (though it can vary in vendor-dependent implementations). ‘Keep alive’ packets are sent during runtime between link members.
This protocol supports two modes of operation.
Active: In this mode it always sends LACP packets/data units (LACPDUs).
Passive: In this mode a node responds only when it receives LACPDUs from a peer. It does not initiate any packet communication.
Generally, the bundled ports are assigned one unique MAC address. If there is a port that is not getting a keep alive packet, it is considered a downlink and will be removed from the LAG. When it is active again, it will be restored in the LAG. This works for both layer 2 and layer 3 switches.
Handling packets through a group of links
The question now is: How do you load balance the link and send the packets so that they don’t arrive out of order from switch1 to switch2? The solution is to create a hash code by XORing a combination of the destination MAC address, IP address and port number. Some implementations only make a string of these three entities and take the lower 3 or 4 bits for making a hash value. For example, in Figure 2, the hash values for five links are stated as:
|Link number||Hash code|
For a single process in a destination host, the hash value will always be the same. Thus load balancing will be done for multiple hosts without affecting the packet order.
Linux bonding driver
This driver can be enabled in Linux kernel 2.0 or greater. It provides multiple methods of link aggregation including:
- Active-backup mode
- Round robin mode
- Balanced XOR mode
- LACP protocol
A detailed discussion on these modes is not in the scope of this article and is available in the Linux documentation page.
Limitations of link aggregation
Link aggregation does have a few limitations, however.
- Both the switches should support the same sort of protocol. So inter-compatibility is important.
- All ports of the trunked link should reside on the same switch. They cannot be split into multiple switches. So there is always a chance of a single point of failure.
- All the links should be of the same speed—100Mbps and 1Gbps links cannot be mixed.