Solved: Cisco port channel member is suspended

oliver_gao36 · ‎2020-08-31

Hi all,

Here we have a CP6200p NGFW, i set a bond group to connect with Cisco switch, below is the configurations on both Checkpoint & Cisco side.

Cisco:

interface Port-channel2
switchport access vlan 254
switchport mode access

interface TenGigabitEthernet1/0/11
switchport access vlan 254
switchport mode access
channel-protocol lacp
channel-group 2 mode active

interface TenGigabitEthernet2/0/11
switchport access vlan 254
switchport mode access
channel-protocol lacp
channel-group 2 mode active

Checkpoint:

My question is: after setting, i found there is only one link member is active, is it normal? or are there anything that i setup wrong? please advise, thanks a lot.

Timothy_Hall · ‎2020-08-31

Once a port goes into a suspended state due to a configuration mismatch, I don't believe it will try to recover on its own (kind of like errdisable). It is possible a mismatch was detected when you were still setting things up, try a shut/no shut on Te1/0/11 and see what happens. If it goes right back to a suspended state, do a show log which should have an error message showing the suspension reason.

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm

View solution in original post

mk1 · ‎2020-08-31

Hello Oliver,

Is there any particular reason to leave "Transmit Hash Policy" to Layer 2 instead of Layer 3+4? Could you also send the result from command: cat /proc/net/bonding/bond10

oliver_gao36 · ‎2020-08-31

Hi Nickel,

Actually no other particular reason, i just use the default settings in Advanced Option.

oliver_gao36 · ‎2020-08-31

Hi Nickel,

Thank you for your reply first.

In fact, we don't have any particular reason to set that, the screenshot above(Bond group advanced option) is the default settings when i configuring ether-channel on CP side.

Timothy_Hall · ‎2020-08-31

Once a port goes into a suspended state due to a configuration mismatch, I don't believe it will try to recover on its own (kind of like errdisable). It is possible a mismatch was detected when you were still setting things up, try a shut/no shut on Te1/0/11 and see what happens. If it goes right back to a suspended state, do a show log which should have an error message showing the suspension reason.

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm

oliver_gao36 · ‎2020-08-31

Thank you very much Timothy_Hall, i tried your suggestion, and then the portchannel came back normally.

mreza_998 · ‎2023-06-19

I seen the log off my switch and problem was:

Gii1/0/47 is not compatible with Gi1/0/48 and will be suspended (speed of Gi1/0/47 is 100M, Gi1/0/48 is 1000M)

Thanks you Timothy_Hall

Are you a member of CheckMates?

Cisco port channel member is suspended

Cisco port channel member is suspended