Set up LACP bonding for high-availability network interfaces with automatic failover. Configure both Linux bonding drivers and switch-side LACP for enterprise network redundancy and increased bandwidth.
Prerequisites
- Multiple network interfaces
- LACP-capable network switch
- Root or sudo access
- Basic networking knowledge
What this solves
Network interface bonding with Link Aggregation Control Protocol (LACP) combines multiple physical network interfaces into a single logical interface, providing both increased bandwidth and automatic failover capability. This tutorial shows you how to configure LACP bonding on Linux servers for enterprise environments where network reliability and performance are critical.
Understanding LACP and bonding modes
Linux bonding supports multiple modes, but for enterprise LACP configuration, you'll primarily use mode 4 (802.3ad). This mode requires switch support and provides both load balancing and fault tolerance through the Link Aggregation Control Protocol.
| Bonding Mode | Description | Switch Support Required |
|---|---|---|
| Mode 0 (balance-rr) | Round-robin load balancing | No |
| Mode 1 (active-backup) | Active/passive failover | No |
| Mode 4 (802.3ad) | LACP dynamic aggregation | Yes |
| Mode 6 (balance-alb) | Adaptive load balancing | No |
LACP mode 4 negotiates link aggregation dynamically with the switch, automatically detecting link failures and redistributing traffic. This provides the most robust enterprise solution for network bonding.
Step-by-step configuration
Install bonding kernel module
Load the bonding kernel module and ensure it loads on boot for network interface bonding support.
sudo modprobe bonding
echo "bonding" | sudo tee -a /etc/modulesConfigure bonding with NetworkManager
NetworkManager provides the most reliable method for configuring LACP bonding on modern Linux distributions. Create the bond interface first.
sudo nmcli connection add type bond con-name bond0 ifname bond0 bond.options "mode=802.3ad,miimon=100,lacp_rate=fast,xmit_hash_policy=layer2+3"Add slave interfaces to the bond
Add your physical network interfaces as slaves to the bond. Replace ens3 and ens4 with your actual interface names.
sudo nmcli connection add type ethernet slave-type bond con-name bond0-slave1 ifname ens3 master bond0
sudo nmcli connection add type ethernet slave-type bond con-name bond0-slave2 ifname ens4 master bond0Configure IP addressing for the bond
Set up static IP configuration for the bonded interface. Adjust the IP address, gateway, and DNS servers for your network.
sudo nmcli connection modify bond0 ipv4.addresses 203.0.113.10/24
sudo nmcli connection modify bond0 ipv4.gateway 203.0.113.1
sudo nmcli connection modify bond0 ipv4.dns "203.0.113.1,8.8.8.8"
sudo nmcli connection modify bond0 ipv4.method manualActivate the bonded interface
Bring up the bond interface and its slave interfaces to establish the LACP aggregation.
sudo nmcli connection up bond0-slave1
sudo nmcli connection up bond0-slave2
sudo nmcli connection up bond0Alternative systemd-networkd configuration
For systems using systemd-networkd instead of NetworkManager, create these configuration files for LACP bonding.
[NetDev]
Name=bond0
Kind=bond
[Bond]
Mode=802.3ad
LACPTransmitRate=fast
MIIMonitorSec=100ms
TransmitHashPolicy=layer2+3Configure bond network settings
Create the network configuration file for the bonded interface with IP addressing.
[Match]
Name=bond0
[Network]
Address=203.0.113.10/24
Gateway=203.0.113.1
DNS=203.0.113.1
DNS=8.8.8.8Configure slave interfaces for systemd-networkd
Create configuration files for each physical interface that will be part of the bond.
[Match]
Name=ens3
[Network]
Bond=bond0[Match]
Name=ens4
[Network]
Bond=bond0Enable systemd-networkd
If using systemd-networkd configuration, enable and restart the networking service.
sudo systemctl enable systemd-networkd
sudo systemctl restart systemd-networkdSwitch-side LACP configuration examples
Your network switch must be configured to support LACP aggregation. Here are examples for common enterprise switches.
Cisco switch LACP configuration
interface port-channel 1
switchport mode access
switchport access vlan 100
interface GigabitEthernet1/0/1
switchport mode access
channel-group 1 mode active
interface GigabitEthernet1/0/2
switchport mode access
channel-group 1 mode activeHP/Aruba switch LACP configuration
trunk 1-2 trk1 lacp
vlan 100
untagged trk1
exitImplement failover testing and monitoring
Create network monitoring script
This script monitors bond status and logs failover events for troubleshooting and validation.
#!/bin/bash
BOND_INTERFACE="bond0"
LOG_FILE="/var/log/bond-monitor.log"
while true; do
BOND_STATUS=$(cat /proc/net/bonding/$BOND_INTERFACE 2>/dev/null)
ACTIVE_SLAVE=$(echo "$BOND_STATUS" | grep "Currently Active Slave" | awk '{print $4}')
SLAVE_COUNT=$(echo "$BOND_STATUS" | grep -c "Slave Interface:")
echo "$(date): Bond $BOND_INTERFACE - Active: $ACTIVE_SLAVE, Slaves: $SLAVE_COUNT" >> $LOG_FILE
if [ $SLAVE_COUNT -lt 2 ]; then
logger "WARNING: Bond $BOND_INTERFACE has only $SLAVE_COUNT active slaves"
fi
sleep 30
donesudo chmod 755 /usr/local/bin/monitor-bond.shCreate systemd service for monitoring
Set up a systemd service to run the bond monitoring script continuously.
[Unit]
Description=Network Bond Monitor
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/monitor-bond.sh
Restart=always
User=root
[Install]
WantedBy=multi-user.targetsudo systemctl enable bond-monitor.service
sudo systemctl start bond-monitor.serviceTest failover functionality
Simulate interface failure to verify LACP failover works correctly. Run these tests during maintenance windows.
# Test by disabling one interface
sudo ip link set ens3 down
Check bond status
cat /proc/net/bonding/bond0
Test connectivity
ping -c 5 203.0.113.1
Re-enable interface
sudo ip link set ens3 upVerify your setup
Check that LACP bonding is working correctly and both interfaces are active participants in the aggregation.
# Check bond interface status
cat /proc/net/bonding/bond0
Verify network connectivity
ip addr show bond0
ping -c 3 203.0.113.1
Check LACP negotiation
ethtool bond0
Monitor traffic distribution
watch -n 1 'cat /proc/net/dev | grep -E "(ens3|ens4|bond0)"'You should see both slave interfaces in "up" state with LACP partner information showing successful negotiation with the switch.
Troubleshoot LACP negotiation and bond status
Check LACP partner information
Verify that LACP negotiation is working between your server and the switch.
# Check detailed bond status
sudo cat /proc/net/bonding/bond0 | grep -A 10 "Partner Mac Address"
Check for LACP PDU transmission
sudo tcpdump -i ens3 ether proto 0x8809 -vVerify bonding module parameters
Check that the bonding module loaded with correct parameters for LACP operation.
# Check loaded bonding parameters
sudo modinfo bonding
Verify bond mode and options
grep -r bond /sys/class/net/bond0/bonding/Common issues
| Symptom | Cause | Fix |
|---|---|---|
| Bond shows "no active slaves" | Switch not configured for LACP | Configure switch ports for LACP active mode |
| Only one interface active | LACP negotiation failed | Check switch configuration and cable connections |
| High packet loss during failover | Slow LACP timers | Set lacp_rate=fast on both server and switch |
| Bond interface won't come up | Missing bonding module | sudo modprobe bonding && echo bonding >> /etc/modules |
| Traffic not load balanced | Wrong hash policy | Set xmit_hash_policy=layer2+3 or layer3+4 |
Next steps
- Configure network bridge interfaces for VM networking and container communication
- Optimize Linux network stack performance with sysctl tuning and TCP congestion control
- Configure network bonding and VLAN tagging for high availability and network segmentation
- Configure network monitoring with SNMP and Grafana dashboards
- Implement network security policies with iptables and firewalld