Skip to main content

Configuring Cisco WLC Link Aggregation (LAG) with Port-Channel EtherChannel. LAG Restrictions for WLC Models

Cisco Wireless Controllers (WLC) support the configuration of Link Aggregation (IEEE 802.3ad - LAG) which bundles the controller ports into a single port channel. This helps simplify the configuration of the WLC interface ports, increase available bandwidth between the wireless and wired network, provide load-balancing capabilities between physical WLC ports and increase port redundancy.

To learn more about WLC interfaces refer to our article Cisco WLC Interfaces, Ports & Their Functionality article

The diagram below shows an example of a WLC 2504 with ports P1 and P2 in a LAG configuration connecting to a Cisco Catalyst or Nexus switch. In the configuration below WLC ports P1 and P2 are aggregated to provide a total of 2Gbps bandwidth:

WLC LAG Configuration with Cisco Nexus and Catalyst Switch

Key Topics:

Related Articles

Link Aggregation Restrictions - Considerations

While LAG is the preferred method of connecting the WLC to the network there however a number of restrictions we need to be aware of to ensure we don’t stumble into any unpleasant surprises.

  • On 2504 and 3504 WLCs you can bundle all 4 ports into a single link.
  • On 5508 WLC you can bundle up to 8 ports into a single link.
  • Link Aggregation Control Protocol (LACP) or Cisco proprietary Port Aggregation Protocol (PAgP) are not supported by the WLC. Port-Channel members must be set unconditionally to LAG (shown in the configuration below).
  • Only one LAG Group is supported per WLC, you can therefore connect a WLC only to one switch unless using VSS (Catalyst) or vPC (Nexus) technologies.
  • When LAG is enabled, if a single link fails, traffic is automatically switched to the other links.
  • After enabling LAG the WLC must be rebooted.
  • When enabling LAG, all dynamic AP manager interfaces and untagged interfaces will be deleted. (See related article WLC Interfaces – Logical Interfaces)
  • After enabling LAG, all Virtual Interfaces use the LAG interface. No backup port (under the Virtual Interface settings) is configurable:

wlc virtual interfaces with and without lag port channelClick to enlarge

Wireless Controller LAG Configuration – Enabling LAG

First step is to enable LAG. Log into the WLC and click on the Advanced menu option (firmware v8 and above only). Next, select the Controller menu option and set the LAG Mode on next reboot option to Enabled and click on the Apply button:

How to enable LAG on Cisco WLC

At this point the WLC will pop up a warning window explaining the changes that are about to take place. As mentioned previously, all dynamic AP manager interfaces and untagged interfaces will be deleted. (See related article WLC Interfaces – Logical Interfaces to understand the implications):

WLC Configuration to enable LAG Support

Once we click on OK the WLC will proceed to enable LAG mode and present us with another notification requesting that we save the configuration and reboot the controller:

WLC LAG Mode Confirmation

Note: Ignore the DNS Server IP that was presented in our Lab environment.

Next, click on the Save Configuration button on the top right corner. To reboot the controller, click on Commands menu, select Reboot from the right menu column and finally click on the Reboot button on the right:

wlc 2504 reboot process

Click on OK in the popup message to confirm the reboot.

At this point the WLC will reboot and we won’t be able to ping or access the WLC web interface until we configure the switch. All access points and wireless networks will also be unavailable.

Configuring Switch Port-Channel to Support Link Aggregation

The Port-channel configuration is a straight forward process. It’s best to ensure all interfaces participating in the Port-channel are set to their default configuration. This will remove any existing configuration, minimizing errors during the switchport configuration process.

First remove existing configuration from the interfaces participating in the Port-channel (Gigabitethernet 0/6 & 0/7), then make them members of Port-channel 1. If the Port-channel doesn’t exist, it will be automatically created:

3560cx-HQ(config)# default interface range Gigabitethernet 0/6-7
3560cx-HQ(config)# interface range GigabitEthernet 0/6-7
3560cx-HQ(config-if-range)# channel-group 1 mode on

Creating a port-channel interface Port-channel 1
3560cx-HQ(config-if-range)# description WLC2504
3560cx-HQ(config-if-range)# switchport mode trunk
3560cx-HQ(config-if-range)# switchport trunk allowed vlan 2,15,16,22,26
3560cx-HQ(config-if-range)# no shutdown

Below is the complete Port-channel and interface configuration:

!
interface Port-channel1
description WLC2504
switchport trunk allowed vlan 2,15,16,22,26
switchport mode trunk
!
interface GigabitEthernet0/6
switchport trunk allowed vlan 2,15,16,22,26
switchport mode trunk
channel-group 1 mode on
!
interface GigabitEthernet0/7
switchport trunk allowed vlan 2,15,16,22,26
switchport mode trunk
channel-group 1 mode on
!

Notice that the channel-group mode is set to on which enables Etherchannel without any LACP or PAgP support. This is because the WLC doesn’t support LACP or PAgP and requires a plain vanilla Etherchannel.

When connecting the WLC to a modular Catalyst or Nexus switch its always advisable to use ports on different modules as this will increase redundancy in the event of a module failure.

Finally during the Port-channel configuration process, ensure to allow all necessary VLANs used by the WLC controller and wireless network.

Once the configuration is complete, we’ll should be able to ping and access the WLC again.

A simple show interface port-channel 1 will also confirm both configured links are up and we have a total bandwidth of 2Gbps:

3560cx-HQ# show interface port-channel 1

Port-channel1 is up, line protocol is up (connected)
Hardware is EtherChannel, address is 0076.8697.b607 (bia 0076.8697.b607)
Description: WLC2504
MTU 1500 bytes, BW 2000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, link type is auto, media type is unknown
input flow-control is off, output flow-control is unsupported
Members in this channel: Gi0/6 Gi0/7
ARP type: ARPA, ARP Timeout 04:00:00

<output ommited>

Additional useful commands that can be used to obtain more information on the Etherchannel are:

  • Show etherchannel 1 summary
  • Show etherchannel 1 status
  • Show etherchannel 1 port-channel
  • Show etherchannel 1 protocol

Summary

This article explained the advantages and showed how to configure Link Aggregation (LAG) on your Cisco WLC. We included a number of important LAG restrictions for WLCs while noting restrictions for specific WLC models (2504, 5508 etc). Cisco switch port configuration using Port-channel interfaces was also included along side with an explanation on why Etherchannel must be used as WLC LAG does not support LACP or PAgP. Finally we included a number of useful commands to verify and troubleshoot Link Aggregation or Port-channel interfaces.

Your IP address:

18.97.9.174

All-in-one protection for Microsoft 365

All-in-one protection for Microsoft 365

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Zoho Netflow Analyzer Free Download

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Security Podcast

Hornet-Security-The-Swarm-Podcast

Firewall Analyzer

zoho firewall analyzer