Disclaimer: This article contains configuration and image references for SDX appliances prior to firmware 11.0. Link aggregation (including LACP) is not configured in the same manner on firmware 11.0 and newer.

The NetScaler SDX appliance supports static or manual configuration of 802.3ad Link Aggregation (LA) channels at the NetScaler VPX instance level. For static LA, the appropriate external switch ports connected to the physical interfaces on the NetScaler SDX appliance must be statically configured as an etherchannel, with LACP disabled on the external switch.

Each NetScaler VPX instance has na LA channel configured, with the physical interfaces corresponding to the etherchannel specified within the LA channel. With LA channel configured, each NetScaler VPX instance has a single MAC address corresponding to that channel.

On each NetScaler VPX instance, an LA channel is created with the corresponding virtual interfaces of each instance added to the LA channel on each instance:

The state is set as Enable for the LA/1 channel and the mode is MANUAL.

Note: You must configure any NetScaler VPX instance that is using 10/1 or 10/2 with an LA channel, so that both 10/1 and 10/2 are in the LA channel. Both corresponding virtual interfaces on each instance must be assigned to the respective LA channel of the NetScaler VPX instance. Assigning only one interface that is part of an LA channel is not supported. In this scenario, all NetScaler VPX instances configured to communicate through the etherchannel must have both 10/1 and 10/2. Additionally, 10/1 or 10/2 cannot be assigned for use by any NetScaler VPX instance that is not intended for communication through the etherchannel.

In this example, each NetScaler VPX instance has LA channel with ID LA/1, with bindings to virtual interfaces 10/1 and 10/2 on the NetScaler VPX instance, which correspond to physical interfaces 10/1 and 10/2 on the NetScaler SDX appliance.

After the configuration, if the switch receives network packets with destination MAC address of either of the two NetScaler VPX instances, then it forwards using the etherchannel, to either 10/1 or 10/2.

Adding VLANs to an LA Channel

You can add one or more VLANs to an LA channel. In this example, VLAN 100 is added to VPX1 LA/1 channel, as shown in the following screen shot:

On VPX2, VLAN 200 is added to LA/1, as shown in the following screen shot:

VLAN Filtering

VLAN filtering is supported with static link aggregation.

In this example, the following four packet flows are illustrated.

• Broadcast, VLAN Filtering Enabled

Unicast, VLAN Filtering Disabled

In this scenario, the flow of the network packet is as follows:

1. The switch forwards the network packet with destination MAC 1 on etherchannel.

2. The network packet arrives at the physical NIC 10/1 or 10/2.

3. The NIC applies MAC filter and forwards to the queue for VPX1.

4. The network packet arrives at VPX1 on vNIC 10/1 or 10/2.

5. The VLAN policy is applied at VPX1.

Unicast, VLAN Filtering Enabled

In this scenario, the flow of the network packet is as follows:

1. The switch forwards the network packet with the destination MAC 1 on etherchannel.

2. The network packet arrives at the physical NIC 10/1 or 10/2.

3. The NIC applies MAC filter, VLAN filter and then forwards to queue for VPX1.

4. The network packet arrives at VPX1 on vNIC 10/1 or 10/2.

5. The VLAN policy is applied at VPX1.

In this scenario, in Step 3, with VLAN filtering enabled, the NIC applies L2 sorting or classification, that indicates which queues the packet must be forwarded to.

Broadcast, VLAN Filtering Disabled

In this scenario, the flow of the network packet is as follows:

1. The switch broadcasts VLAN100 packet on etherchannel.

2. The network packet arrives at the physical NIC 10/1 or 10/2.

3. The NIC broadcasts packet to queues for VPX1 and VPX2.

4. The network packet arrives at VPX1 (10/1 or 10/2) and VPX2 (10/1 or 10/2).

5. The VLAN policy is applied at VPX1 and VPX2.

6. The network packet is dropped at VPX2.

Broadcast, VLAN Filtering Enabled

In this scenario, the flow of the network packet is as follows:

1. The switch broadcasts VLAN100 packet on etherchannel.

2. The network packet arrives at physical NIC 10/1 or 10/2.

3. The NIC applies MAC filter, VLAN filter.

4. The NIC forwards the network packet to queue for VPX1 only.

5. The network packet arrives at VPX1 (10/1 or 10/2).

6. The VLAN policy is applied at VPX1.

Note: The SR-IOV capable NIC in the NetScaler SDX appliance applies a layer 2 classification that includes MAC lookup and VLAN filtering, prior to forwarding to any proper destination queue(s).