[What Is] LAG & MLAG

Transferring large volumes of data between your servers requires more than just a basic network connection. While a simple physical link might work in small setups, enterprise environments demand greater bandwidth, resilience, and flexibility.

With our extensive knowledge and networking, including the expertise of our Senior Administrator Peter Barlík, we have prepared a quick guide on the differences between various types of Layer 2 links, including example configurations on Cisco and SONiC-enabled devices.

Now, let’s explore Link Aggregation and Multi-Chassis Link Aggregation! Two key technologies that elevate network reliability and throughput.

Key Takeaways

• LAG combines multiple physical links into one logical connection for better bandwidth and failover.
• LACP automates link aggregation and monitors health, while manual LAG lacks dynamic capabilities.
• MLAG enables link aggregation across two separate devices for higher resilience and uptime.
• Enterprises use LAG and MLAG to build scalable, redundant networks without vendor lock-in.

Back to Basics: One-to-One Linking

This is the most straightforward setup: a single cable connects two devices – like a server and a switch, or two switches. It offers simplicity and ease of troubleshooting, but you’re limited to the speed of a single link. There’s no link-level redundancy, making it a poor fit for enterprise environments.

We love analogies, so here goes the first one – imagine a single-lane road between two towns. If it’s blocked or congested, you’re stuck. There is no other alternative road to avoid the congestion.

Configuration:No special configuration is required – default switch port settings will suffice.

LAG: Link Aggregation Group

LAG bundles multiple Ethernet links between two devices into a single logical connection – often referred to as an EtherChannel, port-channel, bond, or team. The aim is to increase bandwidth and add redundancy. We differentiate between three main aggregation protocols – Manual LAG, LACP and PAgP. Let’s explain each type in the following section. 

Manual LAG

A static configuration without negotiation. It’s simple, but lacks built-in fault detection or dynamic adjustment. Link failures are harder to detect and recover from.

This makes for another great analogy! Imagine a multi-lane road. However, you don’t know which lanes are blocked, until you’re already in them.

LACP: Link Aggregation Control Protocol

LACP, defined in IEEE 802.3ad (now part of IEEE 802.1AX), is a dynamic protocol, that automatically negotiates and maintains aggregation. It uses LACP Data Units (LACPDUs) to exchange state information. This protocol sends the mentioned data units (frames) to a compatible, LACP enabled device. It has two modes:

• Active Mode: Initiates LACP negotiation and sends 1 LACPDU per second via configured links.
• Passive Mode: Only responds to LACPPDUs from an active peer. If a frame is received, only then is another sent back (back-and-forth).

LACP improves fault detection and enables automatic traffic redistribution when a link fails. It’s widely supported and often a preferred method.

Our lane analogies expand – you see a multi-lane road with smart signs, showing congestion and closures in real time.

PAgP: Port Aggregation Protocol

This is Cisco’s proprietary alternative to LACP, with similar functionality. Again, we have two modes:

• Desirable Mode: Active negotiation.
• Auto Mode: Responds to negotiation from the desired peer.

Unfortunately, this lane is only for Cisco enabled cars. By cars, we mean devices. 

Common LAG Use-Cases

Small businesses aiming to increase bandwidth and add link-level redundancy often turn to LAG. It’s a balanced solution for performance, resilience, and therefore fairly common.

LAG Config Examples

These configuration examples refer to Cisco IOS-XE v. 17.1 and SONiC Enterprise v. 4.5.0.

Cisco

We can see several characteristics of Cisco’s way of configuring LAG. Firstly, we define the physical interfaces to be aggregated. Then, we assign them to a channel-group and specify the mode (active/passive), which automatically creates and binds them to a logical PortChannel interface.

switch# configure terminal 
switch(config)# interface range ethernet 1/1-2
switch(config-if)# channel-group 1 mode [active/passive]

SONiC

SONiC’s configuration requires creating an interface PortChannel before assigning ports to it but the saved configuration is very similar. We define the logical PortChannel interface explicitly at first, then define the physical ports. Finally, we bind these physical interfaces to the defined PortChannel.

$ sonic-cli
LAGSW1# configure terminal
LAGSW1(config)# interface PortChannel 1
LAGSW1(conf-if-po1)# exit
LAGSW1(config)# interface range Ethernet0-1
LAGSW1(conf-if-range-eth**)# channel-group 1
LAGSW1(config)# exit

Multi-Chassis Link Aggregation

While LAG allows us to combine multiple links between two devices, MLAG extends this capability towards two switches, allowing a device (like a server or another switch) to connect to two physical switches as if they were one logical unit. This offers both link and device-level redundancy – in case one switch fails.

The participating switches synchronize over an Inter-Chassis Link (ICL) or Peer Link and behave as a single virtual switch externally. Internally, they share state information to maintain link consistency.

MLAG is ideal for data centers and large enterprises demanding high availability and zero-downtime resiliency.

The train station in the city doesn’t have enough capacity to transfer passengers to the next station, nor space to expand at the current location. The city built another train station nearby with direct quick high capacity connection between station peers and parallel rails to the next station. If something happens to one of the stations or any of rails, you can still use another station or rest of rails to your destination.

MLAG Configuration Examples

Cisco (VSS or Stack)

For stackable Cisco switches, LACP configuration is similar to the LAG setup. The only difference is defined ports spread through switches.  

VSS Configuration Sample

Let’s break down the example below. First, both chassis are prepared with identical configurations and high availability features like Stateful Switchover (SSO) and Nonstop Forwarding (NSF). Then, the switches are converted into a single virtual switch using a shared domain ID, and PortChannels are created and assigned with specific ownership across the chassis. This allows downstream devices to connect as if they’re interfacing with a single switch, while redundancy is maintained at the hardware level.

Switch-1# copy startup-config disk0:old-startup-config
Switch-1(config)# redundancy
Switch-1(config-red)# mode sso
Switch-1(config)# router ospf [processID]
Switch-1(config-router)# nsf
Switch-1(config)# switch virtual domain 100
Switch-1(config-vs-domain)# switch 1
Switch-1(config)# interface port-channel 10
Switch-1(config-if)# switch virtual link 1
Switch-1(config)# interface range tengigabitethernet 3/1-2
Switch-1(config-if)# channel-group 10 mode on
Switch-1# switch convert mode virtual

SONiC (MCLAG)

Again, SONiC offers more steps with precise control. First, a logical PortChannel is defined, and a peer-link is created using mclag domain, specifying local and remote peer IPs. Physical ports are selected, then assigned to the PortChannel.

A second PortChannel (mapped to the MLAG domain) is configured to aggregate downstream links. Though both switches operate independently, they share PortChannel and state information via the peer link, for consistency and failover resilience.

$ sonic-cli
MLAGSW1# configure terminal
MLAGSW1(config)# interface PortChannel 1
MLAGSW1(config-if-po1)# switchport trunk allowed Vlan [Vlan-id_list/all]
MLAGSW1(conf)# mclag domain 1
MLAGSW1(config-mclag-domain-1)# peer-link PortChannel1
MLAGSW1(config-mclag-domain-1)# source-ip 10.0.0.1
MLAGSW1(config-mclag-domain-1)# peer-ip 10.0.0.2
MLAGSW1(config)# interface range Ethernet0-1
MLAGSW1(conf-if-range-eth**)# channel-group 1
MLAGSW1(config)# interface PortChannel 10
MLAGSW1(config-if-po1)# mclag 1
MLAGSW1(config)# interface range Ethernet10-11
MLAGSW1(conf-if-range-eth**)# channel-group 10

Each switch in the MCLAG domain operates independently but synchronizes PortChannel assignments and link states for seamless failover and load sharing.

LAG and MLAG are fundamental for scalable, resilient networking – especially in environments where performance and uptime are critical. Whether you’re optimizing a small business setup or designing a fault-tolerant data center fabric, these technologies offer proven strategies to boost bandwidth and minimize disruption.

Curious about how PortChannels work in SandWork, our orchestration solution? Book a demo today to see LAG and MLAG in action with SandWork, our intuitive network automation and orchestration platform!