Group-Interface/MLT with VLAN tagging: LACP base circuit assumes non-visible "logical-all" statementThis inherent logical-all of the group-interface base circuit can pose potential problems for applications that rely on the use and proper receipt of broadcast or multicast packets on a specified interface (ie. Check Point state synchronization).
The following is an example of a misconfigured Cisco configuration related to Crossbeam configuration referenced below.
Within the following line of the XOS configuration, using the "wan" base circuit to establish LACP will automatically assume the "logical-all" statement, which is not visible within the CLI configuration.
... mode multi-link circuit wan ...
As a reminder, the "logical-all" statement accepts all valid vlans ranging from 1-4094.
In the Crossbeam configuration referenced, the circuit "wan" is considered the base template circuit. This base circuit exchanges LACP BPDUs and is used to establish the LACP interface bundle to the adjacent, connected device.
It is important to note that if the adjacent switch has been misconfigured to trunk additional, undesired vlans within the LACP interface bundle connected to the Crossbeam X-series NPM, all related non-unicast IP tagged packets will be accepted by the base circuit and passed to the vap-group due to the implied "logical-all" configuration.
Imported Document ID: 000020175
Subscribing will provide email updates when this Article is updated. Login is required.