LACP Transmission Rate in Active and Passive Settings
Symptom
What is the expected behaviour for LACP transmission rate when our firewall is set to passive or active?
Resolution
As per RFC:
If devices have different transmission rates, each uses the rate of its peer. A port in passive mode will generally not transmit LACP messages unless its partner is in the active mode; that is, it will not speak unless spoken to. Meaning that I do expect the passive firewall to speak (transmit) as it has been spoken to by active firewall.
Below is the behaviour given different scenarios when peering with Cisco as an example:
1) PA Passive Slow & Cisco Active Fast
Cisco sends with a slow rate (peer rate); PA sends with fast rate (peer rate) even though it is set to passive.
2) PA Passive Fast & Cisco Active Fast
Cisco sends with fast rate (peer rate); PA sends with fast rate (peer rate) even though it is set to passive.
3) PA Active Fast & Cisco Passive Slow
Cisco sends with fast rate (peer rate) ; PA sends with slow rate (peer rate).
4) PA Active Slow & Cisco Passive Slow
Cisco sends with slow rate (peer rate) ; PA sends with slow rate (peer rate).
5) PA Passive Slow & Cisco Active Slow
Cisco sends with slow rate (peer rate) ; PA sends with slow rate (peer rate).
6) PA Passive Fast & Cisco Active Slow
Cisco seems to send at a fast rate (<1sec). PA sends at a slow rate (peer rate).
7) PA Passive Slow & Cisco Passive Slow
No traffic as none of them initiate the communication.
8) PA Passive Fast & Cisco Passive Fast
No traffic as none of them initiate the communication.
In summary:
++ LACP rate is applicable in passive mode. It doesn't matter whether it is active or passive, we will still transmit packets using the peer's rate. Active or passive simply dictates who sends the first packet. It has not bearing on the transmission rate of packets. As long as we have an active to passive scenario, the same rules for transmission rates apply as in active to active in that, we still send using the peer's rate.
++ Once the initial negotiation between actor and peer is completed, the transmission rate is based on the value set by the peer. For example, if actor (oneself) is set to slow and the peer is set to fast then the actor will send packets at a fast rate and will receive packets at a slow rate.