cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LACP issues on MS225-24 stack

Highlighted
Comes here often

LACP issues on MS225-24 stack

Hi all,

 

We have 2 x MS225-24 running in stack mode with latest stable version 10.45. A Cisco Firepower 2130 with a port-channel running LACP against the Meraki stack, 1 link per stack member. When powering off one of the stack members, it also affect the other switch, bringing the whole port-channel down. Once the port channel is down, the whole network will be down. Have you faced any similar issues?

 

We do not face any issues on MS425-16 stack.

 

for this test, the design was as follows:

laptop running ping to gateway and internet  -----> MS425-16 stack -----> Cisco Firepower working in Active/Spare mode ------> MS225-24 Stack  -----> Load balance -----> Internet.

 

Firewall 1 port 13 to MS225-24 Switch 1 Port 27
Firewall 1 port 14 to MS225-24 Switch 2 Port 27
Firewall 2 port 13 to MS225-24 Switch 1 Port 28

Firewall 2 port 14 to MS225-24 Switch 2 Port 28

 

Firewall configuration

Firewall 1 port 13 and 14 is port channel.
Firewall 2 port 13 and 14 is port channel

 

MS225-24 configuration

MS225-24 Switch 1 Port 27 & MS225-24 Switch 2 Port 27 (Aggregated)

MS225-24 Switch 1 Port 28 & MS225-24 Switch 2 Port 28 (Aggregated)

 

We try remove the link from one of the MS225-24 Switch 1 Port 27 and Port 28, the port channel never go down.

10 REPLIES 10
Highlighted
Kind of a big deal

Re: LACP issues on MS225-24 stack

>MS225-24 Switch 1 Port 27 and Port 28

 

According to your description, these are going to different firewalls and are different LACP groups - so the channel should not go down.

Highlighted
Comes here often

Re: LACP issues on MS225-24 stack

But it goes down when we power off one of the MS225-24 stack member

Highlighted
Kind of a big deal

Re: LACP issues on MS225-24 stack

Firepower is reporting that the LACP channel is down?

Highlighted
Comes here often

Re: LACP issues on MS225-24 stack

Yes at the firewall the status of the port channel is down

Highlighted
Kind of a big deal

Re: LACP issues on MS225-24 stack

The Meraki Dashboard is showing the two MS225's are both correctly stacked?  Have you definately got the two stacking cables plugged into the back of the switches?

 

Does it matter which MS225 you power off to make this happen?

Highlighted
Comes here often

Re: LACP issues on MS225-24 stack

Meraki dashboard have show both are correctly stacked. Stacking cables have plugged into the back of the switches too.

 

It does not matter which switch i power off

Highlighted
Kind of a big deal

Re: LACP issues on MS225-24 stack

I think out of desperation I would factory reset both switches and then let them re-provision.

 

If the problem is still happening you'll need to open a support case.

Highlighted
Comes here often

Re: LACP issues on MS225-24 stack

i already open a case already, meraki side say firewall issues, my firewall side said is your meraki lacp got issues. Cause the same thing happen to my load balance when we power of the switch, will cause my load balance side both link to down for couple sec. once the both link is down, my load balance will failed over. 

 

first things why when we power off the switch both link will down? we suspect on the meraki switch side.there is some limitation at the LACP side 

Highlighted
Head in the Cloud

Re: LACP issues on MS225-24 stack

Have you tried determining on which link the LACP messages are sent using packet capture.
Then try to power down the switch that does not send LACP messages and see if the port channel goes down and if messages are still sent on the active port.

Then try the same but disabling the switch that normally has the LACP messages.

That could help in determining which device is no longer sending the packets and report to the case owner.

Highlighted
Comes here often

Re: LACP issues on MS225-24 stack

once the switch is being shutdown the port channel will down. once the port channel no traffic able to pass through the firewall. 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.