Cisco ASA EtherChannel Interfaces

With the ASA version 8.4 Cisco introduced port-channels (ASA5510 or higher) what is a really nice feature because you can share the load over more interfaces. When it comes to a physical interface the incoming or outgoing traffic is processed through Fifo queues and RX/TX-rings per interface, when theses queues or rings are full nothing can pass through. So its not always related to CPU load of the device also the phsical interfaces are in the scope when it comes to performance. With port-channel you share the load over more Fifo queues and RX/TX-rings but keep in mind about the port-channel balancing mode.

Physical interface configuration

interface GigabitEthernet0/0
  description GigTrunk-Po1
  channel-group 1 mode active
  no shutdown
  exit

interface GigabitEthernet0/1
  description GigTrunk-Po1
  channel-group 1 mode active
  no shutdown
  exit

interface GigabitEthernet0/2
  description GigTrunk-Po1
  channel-group 1 mode active
  no shutdown
  exit

interface GigabitEthernet0/3
  description GigTrunk-Po1
  channel-group 1 mode active
  no shutdown
  exit

Port-channel configuration with VLAN sub-interfaces

interface Port-channel1
  no shutdown
  exit

interface Port-channel1.100
  description Server VLAN
  vlan 100
  nameif SERVER
  security-level 100
  ip address 10.1.0.254 255.255.255.0 standby 10.1.0.253
  mac-address 0a00.0a00.0011 standby 0a00.0a00.0021
  no shutdown
  exit

interface Port-channel1.200
  description Clients VLAN
  vlan 200
  nameif CLIENTS
  security-level 100
  ip address 10.2.0.254 255.255.255.0 standby 10.2.0.253
  mac-address 0a00.0a00.0011 standby 0a00.0a00.0021
  no shutdown
  exit

For more information read the Cisco ASA 8.4 Configuration Guide РEtherChannels

Please share!

Leave a Reply

Your email address will not be published. Required fields are marked *