Cisco Catalyst SD-WAN Interfaces Configuration Guide, Releases 26.x and Later

PDF

EtherChannels on the transport side

Want to summarize with AI?

Log in

Explains EtherChannels on the transport side, covering supported devices, prerequisites, restrictions, configuration using CLI templates, and step-by-step instructions for implementing load-balancing and hash algorithms for port channels.


EtherChannels on the transport side is a capability that

  • extends EtherChannel functionality to the transport-facing interfaces of Cisco IOS XE Catalyst SD-WAN devices

  • enables advanced network services like load balancing for aggregated links.

  • is configurable through CLI device templates, CLI add-on feature templates, and configuration groups.


Supported devices for transport side EtherChannel

This section provides a comprehensive list of Cisco platforms that support EtherChannel functionality on the transport side. This information is crucial for planning and deploying Cisco Catalyst SD-WAN solutions that leverage EtherChannels for enhanced connectivity and resilience on transport-facing interfaces. It also indicates which platforms support load balancing for these EtherChannels.

The following platforms support EtherChannels, and also offer load balancing for EtherChannels on the service side:

  • Cisco 4000 Series Integrated Services Routers

    • Cisco 4461 Integrated Services Router

  • Cisco ASR 1000 Series Aggregation Services Routers

    • Cisco ASR 1001-HX Router

    • Cisco ASR 1002-HX Router

  • Cisco Catalyst 8200 Series Edge Routers

  • Cisco Catalyst 8300 Series Routers

  • Cisco Catalyst 8500 Series Edge Routers

Note

Starting with Cisco IOS XE Catalyst SD-WAN Release 17.14.1a, the load balancing configuration command portchannel load-balance-hash-algo sdwan is supported only on the Cisco 4461 Integrated Services Router and Cisco Catalyst 8300 Series routers.


Prerequisites for EtherChannels on the transport side

Before configuring EtherChannels on the transport side, ensure that the following prerequisties are met. These prerequisites are essential for your EtherChannel configuration.

  • All the member links in each EtherChannel must be of the same speed.

  • All the member links must be configured on Layer 3 transport side ports.

  • All member interfaces in a portchannel must have the same speed and duplex, when using platforms that support multiple rate SFPs on the same port.


Restrictions for EtherChannels on the transport side

Maximum port channel interfaces

The maximum number of port channel interfaces that a device can support varies depending on the particular model of the device.

Port channel configuration

You can configure EtherChannels on a device by using the CLI, or using only the CLI templates or CLI add-on feature templates in Cisco SD-WAN Manager.

Hardware and platform compatibility

  • Network Interface Modules (NIMs) with L2 ports do not support EtherChannels on the transport side.

  • The use of port channel on virtual devices such as Cisco Catalyst 8000V is not supported.

  • Platforms such as the Cisco Catalyst 8500 Series Edge Routers support multi-rate interfaces, allowing 1G SFP modules to be used in default 10G interfaces. Despite this, in the output of show commands, the interfaces appear as TenGigabitEthernet x/x/x. You can bundle the 1G SFP interfaces together to form a port channel.

Deployment

  • In a deployment involving an EtherChannel Link Aggregation Group (LAG) from a Cisco IOS XE Catalyst SD-WAN device to a multichassis LAG (MC-LAG) between two upstream paths, SLA-based Application-Aware Routing (AAR) forwarding can be inaccurate if the traffic load on the two upstream paths is not symmetric.

  • Cisco IOS XE Catalyst SD-WAN Release 17.13.1a does not include support for an endpoint tracker on port-channel TLOCs.


Configure a transport side EtherChannels using a CLI template

Use this procedure to create a logical EtherChannel interface on the transport side of a Cisco IOS XE Catalyst SD-WAN device, bundling multiple physical links for increased bandwidth and redundancy.

This procedure describes how to configure EtherChannels on the transport side using CLI templates in Cisco SD-WAN Manager.

In Cisco SD-WAN Manager, you can configure EtherChannels on the transport side using CLI templates.

For more information about using CLI templates, see CLI add-on feature templates and CLI templates for Cisco IOS XE Catalyst SD-WAN devices.

.

Note

By default, CLI templates execute commands in global config mode.

Before you begin

Complete these steps to configure a transport side EtherChannel using a CLI template.

Procedure

1.

Configure a Layer 3 port channel.


 interface Port-channel channel-number 
 ip address ip-address mask  
 ipv6 address ipv6-address/prefix-length 
2.

Assign Interfaces to a Layer 3 port channel with LACP active or passive options.

  1. 
     interface GigabitEthernet slot/subslot/port 
     no ip address 
     channel-group channel-group-number mode {active passive} 
     exit 
  2. Configure EtherChannel with LACP Paramaters.

    
     lacp system-priority priority 
     interface GigabitEthernet slot/subslot/port 
     lacp port-priority priority 
  3. Configure a static EtherChannel.
    
     interface GigabitEthernet slot/subslot/port 
     no ip address 
     channel-group channel-group-number 
3.

Configure tunnels.


 interface Tunnel tunnel-number 
 ip unnumbered Port-channel channel-group-number 
 no ip redirects 
 tunnel source  Port-channel channel-group-number 
 tunnel mode sdwan 

 sdwan 
  interface Port-channel channel-group-number 
   tunnel-interface 
    encapsulation {ipsec gre} 
    color color-type 

This example shows how to configure a Layer 3 EtherChannel, and how to assign two ports to channel 1 with the LACP mode as active and passive:

interface Port-channel1
ip address 10.48.48.15 255.255.255.0
ip ospf priority 0
ip ospf 65535 area 51
load-interval 30
no negotiation auto

interface GigabitEthernet0/0/0
no ip address
negotiation auto
lacp rate fast
channel-group 1 mode active
end
 
interface GigabitEthernet0/0/4
no ip address
negotiation auto
lacp rate fast
channel-group 1 mode passive
end

The following is a configuration example for creating an EtherChannel on the transport side.

interface Tunnel2
ip unnumbered Port-channel1
tunnel source Port-channel1
tunnel mode sdwan

interface Port-channel1
  tunnel-interface
   encapsulation ipsec
   color lte

A transport side EtherChannel is configured and operational, providing aggregated bandwidth and redundancy for your Cisco Catalyst SD-WAN transport connections.

What to do next

Verify the EtherChannel status using CLI commands like show etherchannel summary and show etherchannel load-balancing .


Configure load balancing for EtherChannels on the Transport Side using CLI Commands

Enable load balancing on individual portchannel interface

Minimum supported releases: Cisco IOS XE Catalyst SD-WAN Release 17.15.1a Cisco Catalyst SD-WAN Manager Release 20.15.1

Note

We recommend using this method to configure load balancing for EtherChannels on the transport side.

  1. Enter the port channel interface configuration mode.

    interface Portchannel channel number

  2. Enable load balancing on an individual port channel.

    load-balance-hash-algo sdwan

Enable load balancing globally for EtherChannels on the Transport Side

Minimum supported releases: Cisco IOS XE Catalyst SD-WAN Release 17.14.1a and Cisco Catalyst SD-WAN Manager Release 20.14.1

For more information about using CLI templates, see CLI add-on feature templates and CLI templates for Cisco IOS XE Catalyst SD-WAN devices.

Enable load balancing globally for EtherChannels on the transport side.
port-channel load-balance-hash-algo sdwan 
Note

In this command, port-channel load-balance-hash-algo sdwan , the sdwan option was added in Cisco IOS XE Catalyst SD-WAN Release 17.14.1a.

Enable hash algorithms globally for EtherChannels on the Transport Side

  1. Configure the algorithm used for load balancing.

    To configure load balancing for IPv4 addresses, which is the default setting, use the following configuration:

     sdwan 
     ip load-sharing algorithm {src-dst-ip|ip-and-ports|src-ip-only} 

    To configure load balancing for IPv6 addresses, use the following configuration:

     sdwan 
     ipv6 load-sharing algorithm {src-dst-ip|ip-and-ports|src-ip-only} 
    • src-dst-ip : Balances traffic based on both source and destination IP addresses.

    • ip-and-ports : Balances traffic using a combination of IP addresses and port numbers.

    • src-ip-only : Balances traffic based solely on the source IP address.

    The ip load-sharing algorithm command is a global configuration that applies to all Cisco Catalyst SD-WAN tunnels. Changing the algorithm with options such as src-dst-ip or src-dst-mixed-ip-port affects the load-sharing mechanism for other Cisco Catalyst SD-WAN tunnel traffic as well.

    When you configure a port channel on both the service side and the transport side, using the port-channel load-balance-hash-algo sdwan command applies load balancing to the transport side. For the Service side, the port channel defaults to the src-dst-ip load balancing mode.

    To change the load-balancing algorithm for the Service side when a Transport-VPN port-channel is also configured, use the port-channel load-balance-hash-algo command. This command allow you to switch from the default sdwan mode to alternative modes such as dst-ip , dst-mac , src-dst-ip , src-dst-mac , src-dst-mixed-ip-port , src-ip , or src-mac . However, this change disables the SD-WAN-based load balancing for the transport side.

Here's the complete configuration for enabling load balancing and apply the desired hash algorithm for traffic distribution on the transport side of Cisco IOS XE Catalyst SD-WAN devices.

port-channel load-balance-hash-algo sdwan
sdwan
 ip load-sharing algorithm src-dst-ip

port-channel load-balance-hash-algo sdwan
sdwan
 ipv6 load-sharing algorithm src-dst-ip

This example shows configuration enabling load balancing for each port channel interface. When sdwan hash algorithm is configured on the transport side, you can enable different hash algorithm options on the service side.


device(config)# interface Port-channel 1
device(config-if)# load-balance-hash-algo sdwan
device(config-if)# exit

device(config)# interface Port-channel 2    
device(config-if)# load-balance-hash-algo src-dst-mixed-ip-port 
device(config-if)# exit

device(config)# interface Port-channel 3                    
device(config-if)# no shut 
device(config-if)# commit
device(config-if)# end

The following is a sample output to view the configuration for per-interface port channel using show etherchannel load-balancing command.

device# show etherchannel load-balancing 
flow-based
LB Algo type: Source Destination IP

 Port-Channel:                       LB Method
    Port-channel1                   :  flow-based (SDWAN Inner packet LB)
    Port-channel2                   :  flow-based (Source Destination Port, IP addr)
    Port-channel3                   :  flow-based (Source Destination IP)

Enable load balancing on individual portchannel interface on the transport side

Use this procedure to enable load balancing on a specific EtherChannel port channel interface on the transport side.

This method is recommended for configuring load balancing on the transport side, providing granular control over traffic distribution for individual port channels. This feature is supported from Cisco IOS XE Catalyst SD-WAN Release 17.15.1a and Cisco Catalyst SD-WAN Manager Release 20.15.1.

Before you begin

An EtherChannel port channel must already be configured on the transport side.

Complete these steps to enable load balancing on an individual port channel interface.

Procedure

1.

Enter the port channel interface configuration mode.

interface Portchannel channel number

Replace channel number with the number of your port channel.

2.

Enable load balancing on an individual port channel.

load-balance-hash-algo sdwan

The specified transport side port channel interface is now configured for SD-WAN load balancing.

What to do next

Verify the individual port channel load balancing configuration using the show etherchannel load-balancing command.


Enable load balancing globally for EtherChannels on the transport side

Use this procedure to enable load balancing globally for all EtherChannels on the transport side of your device.

This configuration applies a default load balancing method to all transport side EtherChannels for which no individual load balancing method is explicitly configured. This feature is supported from Cisco IOS XE Catalyst SD-WAN Release 17.14.1a and Cisco Catalyst SD-WAN Manager Release 20.14.1.

Before you begin

Complete these steps to enable load balancing globally for EtherChannels on the transport side.

Procedure

Enable load balancing globally for EtherChannels on the transport side.

port-channel load-balance-hash-algo sdwan 

SD-WAN load balancing is now enabled globally for transport side EtherChannels.

What to do next

Verify the global load balancing configuration using the show etherchannel load-balancing command.


Enable hash algorithms globally for EtherChannels on the transport side

Use this procedure to configure specific hash algorithms for IP and IPv6 load balancing globally for EtherChannels on the transport side.

This global configuration applies to all Cisco Catalyst SD-WAN tunnels. Changing these algorithms affects the load-sharing mechanism for other SD-WAN tunnel traffic as well. This feature is supported from Cisco IOS XE Catalyst SD-WAN Release 17.14.1a and Cisco Catalyst SD-WAN Manager Release 20.14.1.

Before you begin

Complete these steps to enable hash algorithms globally for EtherChannels on the transport side.

Procedure

Configure the algorithm used for load balancing.

  • To configure load balancing for IPv4 addresses, which is the default setting, use the following configuration:

     sdwan 
     ip load-sharing algorithm {src-dst-ip|ip-and-ports|src-ip-only} 
    • src-dst-ip : Balances traffic based on both source and destination IP addresses.

    • ip-and-ports : Balances traffic using a combination of IP addresses and port numbers.

    • src-ip-only : Balances traffic based solely on the source IP address.

  • To configure load balancing for IPv6 addresses, use the following configuration:

     sdwan 
     ipv6 load-sharing algorithm {src-dst-ip|ip-and-ports|src-ip-only} 

    The options are the same as for IPv4 load balancing.

The ip load-sharing algorithm command is a global configuration that applies to all Cisco Catalyst SD-WAN tunnels. Changing the algorithm with options such as src-dst-ip or src-dst-mixed-ip-port affects the load-sharing mechanism for other Cisco Catalyst SD-WAN tunnel traffic as well.

When you configure a port channel on both the service side and the transport side, using the port-channel load-balance-hash-algo sdwan command applies load balancing to the transport side. For the Service side, the port channel defaults to the src-dst-ip load balancing mode.

To change the load-balancing algorithm for the Service side when a Transport-VPN port-channel is also configured, use the port-channel load-balance-hash-algo command. This command allow you to switch from the default sdwan mode to alternative modes such as dst-ip , dst-mac , src-dst-ip , src-dst-mac , src-dst-mixed-ip-port , src-ip , or src-mac . However, this change disables the SD-WAN-based load balancing for the transport side.

Here's the complete configuration for enabling load balancing and apply the desired hash algorithm for traffic distribution on the transport side of Cisco IOS XE Catalyst SD-WAN devices.

port-channel load-balance-hash-algo sdwan
sdwan
 ip load-sharing algorithm src-dst-ip

port-channel load-balance-hash-algo sdwan
sdwan
 ipv6 load-sharing algorithm src-dst-ip

This example shows configuration enabling load balancing for each port channel interface. When sdwan hash algorithm is configured on the transport side, you can enable different hash algorithm options on the service side.


device(config)# interface Port-channel 1
device(config-if)# load-balance-hash-algo sdwan
device(config-if)# exit

device(config)# interface Port-channel 2    
device(config-if)# load-balance-hash-algo src-dst-mixed-ip-port 
device(config-if)# exit

device(config)# interface Port-channel 3                    
device(config-if)# no shut 
device(config-if)# commit
device(config-if)# end

The following is a sample output to view the configuration for per-interface port channel using show etherchannel load-balancing command.

device# show etherchannel load-balancing 
flow-based
LB Algo type: Source Destination IP

 Port-Channel:                       LB Method
    Port-channel1                   :  flow-based (SDWAN Inner packet LB)
    Port-channel2                   :  flow-based (Source Destination Port, IP addr)
    Port-channel3                   :  flow-based (Source Destination IP)

The specified IPv4 and IPv6 load-sharing algorithms are now applied globally for transport side EtherChannels.

What to do next

Verify the global load balancing configuration using the show etherchannel load-balancing command.