Etherchannel on Cisco IOS Catalyst Switch

Hello Rene,

port-channel load-balance {dst-ip | dst-mac | src-dst-ip | src-dst-mac | src-ip | src-mac}

could you please explain what is the function of {dst-ip | dst-mac | src-dst-ip | src-dst-mac | src-ip | src-mac} and how load is converting in each link based on load balancing ?

Hi Gaganpal,

I have an example for load balancing at the bottom of this post:

Etherchannel on Cisco Catalyst Switch

You should pick a load balancing method based on your traffic patterns. For example, if you have 200 hosts on one side and one server on the other side then you might want to pick “src-mac” ( on the side with the hosts and “dst-mac” on the server side. Otherwise you might end up sending traffic down only one of the physical interfaces.


Hi rene

Why “on” mode can be create for doing etherchannel?

What is protocol of “on” mode?

Hi Ercan,

When you use “on” then you don’t use any negotiation protocol at all (Lacp or Pagp), it’s just a static Etherchannel.

If you configure this on both sides then your Etherchannel will work. I don’t really recommend doing this, when you use Lacp or Pagp, the Etherchannel will be torn down when you have a misconfiguration and physical interfaces will be removed when something is wrong.

When you build a static Etherchannel and have a misconfiguration between the two switches, you could get loops.


Thank you rene

HI Rene

Why I get loop , When I have a misconfiguration on building etherchannel?

I didnt understand.

Isn’t Cisco clever devices? Didnt notice that and take precaution?

Hi Ercan,

Let me give you an example. Let’s say we have three switches, SW1, SW2 and SW3. These switches are connected in a triangle.

Without any Etherchannels, spanning-tree will work and blocks some interfaces to create a loop-free topology…life is good.

Now we try to configure an Etherchannel between SW1 and SW2, we use a protocol like PaGP for negotiation. For some reason, there’s a misconfiguration on one of the physical interfaces. Since we use PaGP, it’s able to detect this and this physical interface will be removed from the etherchannel or the etherchannel won’t come up…life is good.

Now we want to configure a static Etherchannel between SW2 and SW3. First we configure the static etherchannel on SW2, but for some reason…someone configures the wrong interfaces on SW3. Here’s what might happen:

  • SW2 has an Etherchannel and will only send one BPDU to SW3.
  • SW3 doesn't have an Etherchannel and will send two BPDUs (one of each physical interface).
  • SW3 expects to receive two BPDUs, one on each interface. It's only receiving one though.
  • Since SW3 doesn't receive a BPDU, it might put the interface in forwarding mode.
  • We now have a loop.

Spanning-tree can do its job but only when your interfaces are configured correctly. When using static Etherchannels, there’s nothing protecting you from misconfiguration.


how does ether-channel which has its primary purpose for link aggregation work if you later on configure load balancing which only uses one physical link as per your illustration above? or is that only when multiple computes are using the trunk at same time?


meaning if i am the only host using the trunk, i can take advantage of the link aggregation, otherwise its setup for load balancing?

Hi Deep,

The primary purpose for Etherchannel is to increase bandwidth and if you use L2 Etherchannel, making sure that STP doesn’t block all your interfaces. In certain scenarios you need to make sure you use the correct load balancing method otherwise you’ll end up with one physical interface doing all the work.

An Etherchannel to a single host could be useful if you have multiple destinations as you can do load balancing based on destination MAC or IP address.

Unfortunately Etherchannels don’t support “round robin” load balancing so an Etherchannel between two hosts is no good, the source + destination MAC and IP addresses are always the same.


From what I understand all the traffic coming from MAC address AAA BBB CCC DDD will go out SW1. Do we configure the port-channel load-balance dst-mac on SW2 cause each of those devices connected to SW1 have different destination mac?

Having a hard time understanding this?

SW2(config)#<strong>port-channel load-balance dst-mac</strong>
If this is the case it’s better to change the load balancing mechanism. If we switch it to destination MAC address on SW2 traffic from our router to the computer will be load-balanced amongst the different physical interfaces because we have multiple computers with different destination MAC addresses.


Hi Lynkaran,

Behind SW1 we have four hosts with four different MAC addresses, they are all going to destination EEE (router).

In that case, using source address load balancing will work fine on SW1 since it will spread out over the available physical links that we have.

For the return traffic, the source address will always be EEE and the destination can be AAA, BBB, CCC or DDD. If you leave the load balancing on SW2 at the default setting then it will use the same physical link for all traffic. It’s better to change it to destination-based load balancing.


Hi Rene,

The way you explain network lessons are awsome but I do not find much info/lessons on Etherchannel.

It would be great if you can add a lesson that explains how LACP works in details with examples.





Hi Rajiv,

What exactly would you like to know about LACP?


Hi Rene…I don’t quite get how if we have the option of on or of in both lacp and pagp how the switches know which we mean…probably me being stupid. Tx

Hi Simon,

When you use the “on” method, we don’t do any PaGP or LACP negotation. It’s a “static” etherchannel configuration.


Hi Rene,

Trying to get my head around load-balancing.

In your example you suggest to change from (default) src-mac to dst-mac.

Does this mean that now the four computers go over one ether-channel channel? If so it will be a difficult act to get it right.

It might be easier/safer to upgrade to a 10G link as you suggested in your introduction.

Does the same principle apply for L3 load-balancing?

Also, if the four computers generate more traffic than one ether-channel channel can handle, will the ether-channel start to drop packages?

Hi Hans,

The default is src mac based load balancing.

From SW1’s perspective this is a great choice as each computer has a different MAC address. Traffic from the computers will be load balanced when it is sent from SW1 to SW2.

From SW2 to SW1, it’s another story. The MAC address of the router remains the same so using src mac based load balancing is not a good idea. All traffic will be sent using the same physical interface. It’s better to change it to dst mac address load balancing since the destination MAC address will be one of the four computers.

The same principle applies to L3 yes.

When your etherchannel is overloaded, you will see drops yes.


Hi Rene,

Thank you for the excellent explanation.

Re.:When your etherchannel is overloaded, you will see drops yes.

What I’m getting at is that the bandwidth you create with an etherchannel is not really the bandwidth you get in practices based on your load-balancing setting and type of traffic.

Best regards,

Hans de Roode

19 posts were merged into an existing topic: Etherchannel on Cisco IOS Catalyst Switch

Hi Hans,

That’s right. This sometimes surprises people…

For example, let’s say you have a fileserver and 100 clients. The fileserver is connected to the switch with 8x Gbit Etherchannel, the clients are using regular Gigabit interfaces. This will work well since there are many different client MAC/IP addresses, we can use this for load balancing and you might be able to get close to 8 Gbit of bandwidth for your fileserver.

We also have a backup server connected to the switch with 8x Gbit Etherchannel. During the night we copy everything from the fileserver to the backup server. What happens is that you will only get ~ 1 Gbit of bandwidth since the source/destination MAC+IP are always the same…Cisco doesn’t support round robin frame-by-frame load balancing for Etherchannel.

You will be better off upgrading the Gigabit Etherchannels to 10 Gigabit links on the fileserver and backup server in this case.

Long story short, building Etherchannels doesn’t really mean that 1+1 = 2 :slight_smile: It depends on the traffic…

Hope this helps!