LACP configured ports interfere with PXE/DHCP on servers
Objective
Pre-OS PXE booting is not aware of LACP/Port-channels, so it will attempt to image over 1 link at a time.
All broadcast DHCP is fine, but DHCPACK unicast from the imaging server will have an approximately 50% (2 links) chance of returning on the correct link due to the hash algorithm that the sharing group will use on transmitting packets down 2 or more links in a group.
This causes the PXE boot process to fail and the node to reboot constantly with 100% failure every time.
Environment
EXOS All
Procedure
As of EXOS 16.2, the LACP fallback feature will allow this to work.
For more detailed information on this, see the LACP Fallback page from the EXOS User Guide.
Additional notes
On older EXOS versions, there is a workaround using Clearflow ACL:
Clearflow with the rule-count-true function to ensure the script/command is only run when the delta changes (first time no lacp packets are received and first time lacp packets are received).
This would be a policy like that. Create 1 ACL for each LAG and only apply to master port.
Policies at Policy Server: Policy: cnt_lacp entry LACP1 { if match all { ethernet-destination-address 01:80:c2:00:00:02 ; ethernet-type 0x8809 ; } then { count LACPpkt ; permit ; } } entry LACP_detect { if match all { delta LACPpkt > 0 ; period 40 ; } then { } } entry LACP_notdetect { if match all { delta LACPpkt == 0 ; period 40 ; } then { } } entry CF_enasharing { if match all { rule-true-count LACP_detect == 1 ; period 40 ; } then { syslog Enable_Sharing info ; cli "either run command here to enable sharing or do that with script that does additional checks" } } entry CF_dissharing { if match all { rule-true-count LACP_notdetect == 1 ; period 40 ; } then { syslog Disable_Sharing info ; cli "either run command here to disable sharing or do that with script that does additional checks"
} } Number of clients bound to policy: 1 Client: acl bound once
