Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

NSA5600 LAG / LACP

We have a 2Gb connection (2x1Gb) in to a Dell X1008 with LACP LAG configured, then out through via same LACP config to X1 & X4 LAG on the NSA5600, but I never get any X1 output over 1Gbps. It's stuck at about 980Mbps all the time when it's busy.

Do I need to set something else to get my throughput higher?

Category: Mid Range Firewalls
Reply

Answers

  • Hi @CHRISL,

    Thank you for visiting SonicWall Community.

    Have you configured Dynamic LAG or Static LAG on the firewall?  

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • ChrisLChrisL Newbie ✭

    Thanks for replying.

    Where would I check this? I don't see an obvious place to set this.

  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭

    Hi @ChrisL,

    I would like to know how you tested the maximum bandwidth? Example individual data traffic or multiple?

    For example, your total bandwidth of a 2 port LAG LACP is 2Gbps, an individual flow will max out at 1Gbps ( I think you are getting that).

    LAG without Link Aggregation Control Protocol (LACP) is a static configuration, in which each pair of ports in a LAG require manual configuration respectively. However, LACP enabled ports are dynamic configuration, which enable to auto-configure into trunk groups when building LAG.

  • Hi @ChrisL,

    If you have just enabled LAG in the advanced tab of the SonicWall interfaces, then its static. If you are using Switching tab and using LAG over there, its dynamic.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭

    Hi @ChrisL ,

    For more about the LAG & LACP configuration in sonicwall please refer below link;


  • ChrisLChrisL Newbie ✭

    I used Switching > Link Aggregation to set this up so it will be dynamic in that case.

    @Ajishlal - I am just checking the Ingress/Egress Bandwidth chart on the live monitor to see what the rate is. I thought I would see the bandwidth go above 1Gbps?

  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭
    edited November 18

    Hi @ChrisL

    you will not experience any increase in the throughput for one singular flow because that flow will still be carried by a single link in the bundle. Only when you have multiple flows between various sources and/or destinations, these flows will be distributed across multiple links in the bundle (LAG LACP), and the aggregate throughput will be higher.

    I hope its clear your doubts about the LAG throughput.

  • ChrisLChrisL Newbie ✭

    I'm not sure I follow, there are many hundreds of individual connections going through the FW at the moment.

  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭

    Hi @ChrisL,

     Link Aggregation requires a matching configuration on the switch. The switch's method of load balancing varies, depending on the vendor.

    As well as make sure Set the Link Speed for the interface to Auto-Negotiate.


  • ChrisLChrisL Newbie ✭

    Both sides are set to Auto-negotiate speeds. Flow control is disabled on the switch LAG but I don't see an option for that on the NSA side.

    The Load balance options on the Sonicwall are below, but I can't find a description of what each would be best used for and thus how that would match a Dell switch?

    • SRC_MAC, ETH_TYPE, VLAN, INTF (default)
    • DST_MAC, ETH_TYPE, VLAN, INTF
    • SRC_MAC, DST_MAC, ETH_TYPE, VLAN, INTF
    • SRC_IP, SRC_PORT
    • DST_IP, DST_PORT
    • SRC_IP, SRC_PORT, DST_IP, DST_PORT
  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭

    Hi @ChrisL

    I am not sure your X series switch will support below commands. Please contact your switch vendor before applying any changes.

    hashing-mode:

    Use the hashing-mode command to set the hashing algorithm on trunk ports. Use the no hashing-mode command to set the hashing algorithm on trunk ports to the default.

    Syntax

    hashing-mode mode

    mode — Mode value in the range of 1 to 7.

    Range: 1–7:

    1 — Source MAC, VLAN, EtherType, source module, and port ID

    2 — Destination MAC, VLAN, EtherType, source module, and port ID

    3 — Source IP and source TCP/UDP port

    4 — Destination IP and destination TCP/UDP port

    5 — Source/destination MAC, VLAN, EtherType, and source MODID/port

    6 — Source/destination IP and source/destination TCP/UDP port

    7 — Enhanced hashing mode. This mode is not available on Dell EMC Networking N1100-ON/N1500 Series switches.

    Default Configuration

    The default hashing mode is 7—Enhanced hashing mode. On Dell EMC Networking N1100-ON/N1500 Series switches, the default hashing mode is 5

Sign In or Register to comment.