Passing VLANs over an LACP trunk in OpenBSD
It took me a little while to figure this out, so for anyone stuck on this, here’s what I did.
I did this with a Cisco 3750 switch. The switch config was:
Port-channel
interface Port-channel42
description etherchannel fw
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 56-61,63
switchport mode trunk
spanning-tree portfast
spanning-tree bpduguard enable
!Interfaces
interface GigabitEthernet1/0/23
description fw-pc42-1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 56-61,63
switchport mode trunk
channel-protocol lacp
channel-group 42 mode active
!
interface GigabitEthernet1/0/24
description fw-pc42-2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 56-61,63
switchport mode trunk
channel-protocol lacp
channel-group 42 mode active
!Then on the firewall:
# cat /etc/hostname.em0
up
# cat /etc/hostname.em1
up
# cat /etc/hostname.trunk0
trunkproto lacp trunkport em0 trunkport em1
upand lastly the VLAN interfaces:
# cat /etc/hostname.vlan57
inet 172.29.57.1 255.255.255.0 NONE vlan 57 vlandev trunk0 descr WIFI
# cat /etc/hostname.vlan58
inet 172.29.58.1 255.255.254.0 NONE vlan 58 vlandev trunk0 descr SERVERS
# cat /etc/hostname.vlan60
inet 172.29.60.1 255.255.255.0 NONE vlan 60 vlandev trunk0 descr WIRED
# cat /etc/hostname.vlan61
inet 172.29.61.1 255.255.255.0 NONE vlan 61 vlandev trunk0 descr IPMI
# cat /etc/hostname.vlan63
inet 172.29.63.1 255.255.255.0 NONE vlan 63 vlandev trunk0 descr MGMTYou can set this up by executing sh /etc/netstart without having to run a bunch of ifconfig commands.
Your interfaces should look like this when it’s up:
em0: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
lladdr 0c:c4:7a:ac:70:02
index 1 priority 0 llprio 3
trunk: trunkdev trunk0
media: Ethernet autoselect (1000baseT full-duplex)
status: active
em1: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
lladdr 0c:c4:7a:ac:70:02
index 2 priority 0 llprio 3
trunk: trunkdev trunk0
media: Ethernet autoselect (1000baseT full-duplex)
status: active
trunk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 0c:c4:7a:ac:70:02
index 8 priority 0 llprio 3
trunk: trunkproto lacp
trunk id: [(8000,0c:c4:7a:ac:70:02,4044,0000,0000),
(8000,00:1a:e2:1f:0b:00,002A,0000,0000)]
trunkport em1 active,collecting,distributing
trunkport em0 active,collecting,distributing
groups: trunk
media: Ethernet autoselect
status: active
vlan58: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 0c:c4:7a:ac:70:02
description: SERVERS
index 11 priority 0 llprio 3
vlan: 58 parent interface: trunk0
vnetid: 58
parent: trunk0
groups: vlan
status: active
inet 172.29.58.1 netmask 0xfffffe00 broadcast 172.29.59.255and the switch:
core-3750-1#show etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 3
Number of aggregators: 3
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi1/0/15(P) Gi1/0/16(P)
2 Po2(SU) LACP Gi1/0/13(P) Gi1/0/14(P)
42 Po42(SU) LACP Gi1/0/23(P) Gi1/0/24(P)A few things that got me:
- You will get an error if the
em*interfaces are not marked asupwhen you add them as trunkports. Set them as up withifconfig em0 upbefore yourifconfig trunk0 trunkport em0command. - When the tunnel is configured with
ifconfigit doesn’t automatically start, so you’ll need an explicitifconfig trunk0 upto bring it up.
