Physical port is taken out of aggregate ethernet interface in LACP auto mode
106179
Created On 09/25/18 19:38 PM - Last Modified 12/15/23 17:45 PM
Symptom
When LACP is configured an AE group, system log messages are seen on the firewall indicating one of the physical ports assigned to a given Aggregate Ethernet (AE) interface is taken out of the AE group and then brought back after a minute.
System Log:
2015/03/08 19:55:44 critical lacp ethern nego-fa 0 LACP interface ethernet1/2 moved out of AE-group ae1. Selection state Selected
2015/03/08 19:55:45 critical lacp ethern lacp-up 0 LACP interface ethernet1/2 moved into AE-group ae1.
Environment
- PAN-OS 7.1 and above.
- Palo Alto Firewall.
- LACP (Link Aggregation Control Protocol) configured.
Cause
When the aggregate interface is enabled with LACP, LACP PDU (protocol data unit) messages are exchanged with a peer to dynamically negotiate LACP parameters and establish and maintain the AE interface status. LACPDU messages are sent out of every physical interface member of any given AE group.
LACP feature has 3 main state machines: Selection, MUX, and RX machine.
The RX machine examines data in the received LACPDUs and updates the peer’s state. If no LACPDU messages have been received by the peer device during the past 3 intervals the RX state machine for the given interface goes from CURRENT (operational) to EXPIRED (non-operational) status. This activity appears in the System log as an interface taken out of the AE group.