LACP issues on MS225-24 stack

youzhi
Comes here often

LACP issues on MS225-24 stack

Hi all,

 

We have 2 x MS225-24 running in stack mode with latest stable version 10.45. A Cisco Firepower 2130 with a port-channel running LACP against the Meraki stack, 1 link per stack member. When powering off one of the stack members, it also affect the other switch, bringing the whole port-channel down. Once the port channel is down, the whole network will be down. Have you faced any similar issues?

 

We do not face any issues on MS425-16 stack.

 

for this test, the design was as follows:

laptop running ping to gateway and internet  -----> MS425-16 stack -----> Cisco Firepower working in Active/Spare mode ------> MS225-24 Stack  -----> Load balance -----> Internet.

 

Firewall 1 port 13 to MS225-24 Switch 1 Port 27
Firewall 1 port 14 to MS225-24 Switch 2 Port 27
Firewall 2 port 13 to MS225-24 Switch 1 Port 28

Firewall 2 port 14 to MS225-24 Switch 2 Port 28

 

Firewall configuration

Firewall 1 port 13 and 14 is port channel.
Firewall 2 port 13 and 14 is port channel

 

MS225-24 configuration

MS225-24 Switch 1 Port 27 & MS225-24 Switch 2 Port 27 (Aggregated)

MS225-24 Switch 1 Port 28 & MS225-24 Switch 2 Port 28 (Aggregated)

 

We try remove the link from one of the MS225-24 Switch 1 Port 27 and Port 28, the port channel never go down.

10 REPLIES 10
PhilipDAth
Kind of a big deal
Kind of a big deal

>MS225-24 Switch 1 Port 27 and Port 28

 

According to your description, these are going to different firewalls and are different LACP groups - so the channel should not go down.

But it goes down when we power off one of the MS225-24 stack member

PhilipDAth
Kind of a big deal
Kind of a big deal

Firepower is reporting that the LACP channel is down?

Yes at the firewall the status of the port channel is down

PhilipDAth
Kind of a big deal
Kind of a big deal

The Meraki Dashboard is showing the two MS225's are both correctly stacked?  Have you definately got the two stacking cables plugged into the back of the switches?

 

Does it matter which MS225 you power off to make this happen?

Meraki dashboard have show both are correctly stacked. Stacking cables have plugged into the back of the switches too.

 

It does not matter which switch i power off

PhilipDAth
Kind of a big deal
Kind of a big deal

I think out of desperation I would factory reset both switches and then let them re-provision.

 

If the problem is still happening you'll need to open a support case.

i already open a case already, meraki side say firewall issues, my firewall side said is your meraki lacp got issues. Cause the same thing happen to my load balance when we power of the switch, will cause my load balance side both link to down for couple sec. once the both link is down, my load balance will failed over. 

 

first things why when we power off the switch both link will down? we suspect on the meraki switch side.there is some limitation at the LACP side 

GIdenJoe
Kind of a big deal
Kind of a big deal

Have you tried determining on which link the LACP messages are sent using packet capture.
Then try to power down the switch that does not send LACP messages and see if the port channel goes down and if messages are still sent on the active port.

Then try the same but disabling the switch that normally has the LACP messages.

That could help in determining which device is no longer sending the packets and report to the case owner.

youzhi
Comes here often

once the switch is being shutdown the port channel will down. once the port channel no traffic able to pass through the firewall. 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels